CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

13,986 vulnerabilities with CWE-119
CVE-2019-3634 MEDIUM
McAfee Data Loss Prevention Endpoint 11.3.0-11.3.2.82 - Buffer Overflow via Encrypted Message Decryption
CVSS 5.5
CVE-2019-3633 MEDIUM
McAfee Data Loss Prevention Endpoint 11.3.0-11.3.2.82 - Local Denial of Service via Crafted Message
CVSS 5.5
CVE-2019-15296 HIGH
Freeware Advanced Audio Decoder 2 2.8.8 - Buffer Overflow in faad_resetbits Function
CVSS 7.8
CVE-2019-8048 CRITICAL
Adobe Acrobat and Reader DC < 15.006.30499, 15.008.20082-19.012.20036 - Memory Corruption
CVSS 9.8
CVE-2019-8045 CRITICAL
Adobe Acrobat and Reader DC < 19.012.20036 - Untrusted Pointer Dereference
CVSS 9.8
CVE-2019-8017 CRITICAL
Adobe Acrobat and Reader DC < 19.012.20036 - Untrusted Pointer Dereference
CVSS 9.8
CVE-2019-8006 CRITICAL
Adobe Acrobat and Reader DC < 19.012.20036 - Untrusted Pointer Dereference
CVSS 9.8
CVE-2019-15117 HIGH
Linux Kernel < 5.2.9 - Out-of-Bounds Memory Access in USB Audio Mixer Descriptor Parsing
CVSS 7.8
CVE-2019-1145 HIGH
Windows - Remote Code Execution via Embedded Font Handling
CVSS 8.8
CVE-2019-12807 HIGH
ALZip <= 10.83 - Stack-based Buffer Overflow via Crafted ISO Archive Parsing
CVSS 7.8
CVE-2019-12806 HIGH
UniSign < 2.0.4.0 - Remote Code Execution via Stack-Based Buffer Overflow
CVSS 8.8
CVE-2019-1929 HIGH
Cisco Webex Business Suite - Remote Code Execution via Malicious ARF or WRF File
CVSS 7.8
CVE-2019-1928 HIGH
Cisco Webex Business Suite - Remote Code Execution via Malicious ARF or WRF File
CVSS 7.8
CVE-2019-1927 HIGH
Cisco Webex Business Suite - Remote Code Execution via Malicious ARF or WRF File
CVSS 7.8
CVE-2019-1926 HIGH
Cisco Webex Business Suite - Remote Code Execution via Malicious ARF or WRF File
CVSS 7.8
CVE-2019-1924 HIGH
Cisco Webex Business Suite and Webex Meetings - Remote Code Execution via Malicious ARF or WRF File
CVSS 7.8
CVE-2019-1925 HIGH
Cisco Webex Business Suite - Remote Code Execution via Malicious ARF or WRF File
CVSS 7.8
CVE-2019-1913 CRITICAL
Cisco Small Business 220 Series Smart Switches < 1.1.4.4 - Unauthenticated Remote Code Execution via Buffer Overflow
CVSS 9.8
CVE-2019-14708 CRITICAL
MicroDigital N-series <6400.0.8.5 - RCE
CVSS 9.8
CVE-2019-14706 HIGH
MicroDigital N-series Firmware <= 6400.0.8.5 - Unauthenticated Denial of Service via Long Filename Upload
CVSS 7.5
CVE-2019-14698 CRITICAL
MicroDigital N-series <6400.0.8.5 - RCE
CVSS 9.8
CVE-2019-6001 MEDIUM
Canon EOS and PowerShot Cameras - Buffer Overflow via PTP SetAdapterBatteryReport
CVSS 6.8
CVE-2019-5994 HIGH
Canon EOS and PowerShot Cameras - Buffer Overflow via PTP SendObjectInfo Command
CVSS 8.8
CVE-2019-14486 HIGH
GnuCOBOL 2.2 - Buffer Overflow in cobc/field.c via Crafted COBOL Source Code
CVSS 7.8
CVE-2019-14468 HIGH
GnuCOBOL 2.2 - Buffer Overflow in cb_push_op
CVSS 7.8
Details
Vulnerabilities 13,986
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits