CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

13,986 vulnerabilities with CWE-119
CVE-2018-16595 MEDIUM
Sony Bravia TV < 8.587 - Buffer Overflow in Photo Sharing Plus
CVSS 6.5
CVE-2018-18944 HIGH
Artha 1.0.3.0 - Buffer Overflow
CVSS 7.5
CVE-2018-6339 CRITICAL
WhatsApp 2.18.180-2.18.294 and WhatsApp Business 2.18.103-2.18.149 - Stack-Based Buffer Overflow
CVSS 9.8
CVE-2018-5911 HIGH
Qualcomm Multiple Chipsets Firmware - Buffer Overflow in WLAN Function
CVSS 7.8
CVE-2018-3583 HIGH
Qualcomm Multiple Chipsets Firmware - Buffer Overflow in Extscan Hotlist Event Processing
CVSS 7.8
CVE-2018-13907 MEDIUM
Qualcomm Snapdragon Firmware - Buffer Overflow in Key Blob Deserialization
CVSS 5.3
CVE-2018-10703 HIGH
Moxa AWK-3121 Firmware 1.14 - Buffer Overflow via iw_serverip POST Parameter
CVSS 8.8
CVE-2018-10701 HIGH
Moxa AWK-3121 1.14 - Buffer Overflow via iw_filename POST Parameter
CVSS 8.8
CVE-2018-10695 HIGH
Moxa AWK-3121 Firmware 1.14 - Buffer Overflow via Alert Email POST Parameters
CVSS 8.8
CVE-2018-10693 HIGH
Moxa AWK-3121 1.14 - Buffer Overflow via Ping Functionality srvName Parameter
CVSS 8.8
CVE-2018-19800 CRITICAL
aubio 0.4.0-0.4.8 - Buffer Overflow in new_aubio_tempo
CVSS 9.8
CVE-2018-13381 MEDIUM
FortiProxy <= 1.2.8 and FortiOS < 5.2.14 - Unauthenticated Denial of Service via SSL VPN Web Portal
CVSS 5.3
CVE-2018-20815 CRITICAL
QEMU 3.1.0 - Buffer Overflow in load_device_tree
CVSS 9.8
CVE-2018-19978 HIGH
Auerswald COMfort 1200 IP phone <3.4.4.1-10589 - Buffer Overflow
CVSS 8.0
CVE-2018-12012 HIGH
Qualcomm Snapdragon - Info Disclosure
CVSS 7.8
CVE-2018-11940 CRITICAL
Snapdragon Auto/Mobile/Compute/IOT - Memory Corruption
CVSS 9.8
CVE-2018-11928 HIGH
Snapdragon Auto et al - Buffer Overflow
CVSS 7.8
CVE-2018-11923 HIGH
Snapdragon Auto/<version> - Buffer Overflow
CVSS 7.8
CVE-2018-7851 MEDIUM
Modicon M580 < 2.50, M340 < 3.01, BMxCRA312xx < 2.40 - DoS via Crafted Modbus Packet
CVSS 6.5
CVE-2018-4025 HIGH
Anker Roav A1 Dashcam Firmware - Denial of Service via XML_GetRawEncJpg Wi-Fi Command
CVSS 7.5
CVE-2018-15128 CRITICAL
Polycom Group Series <6.1.6.1 & HDX <3.1.12 & Pano <1.1.1 - RCE
CVSS 9.8
CVE-2018-14712 MEDIUM
ASUS RT-AC3200 <3.0.0.4.382.50010 - Buffer Overflow
CVSS 6.5
CVE-2018-14559 HIGH
Tenda AC7, AC9, and AC10 Firmware - Buffer Overflow via HTTP POST List Parameter
CVSS 7.5
CVE-2018-14557 HIGH
Tenda AC7/AC9/AC10 <V15.03.06 - Buffer Overflow
CVSS 7.5
CVE-2018-19442 CRITICAL
Neato Botvac Connected <2.2.0 - Buffer Overflow
CVSS 9.8
Details
Vulnerabilities 13,986
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits