CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

13,989 vulnerabilities with CWE-119
CVE-2018-12405 CRITICAL
Mozilla Firefox <64 - Memory Corruption
CVSS 9.8
CVE-2018-12390 CRITICAL
Mozilla Firefox <63 - Memory Corruption
CVSS 9.8
CVE-2018-12389 HIGH
Mozilla Firefox ESR <60.3 - Memory Corruption
CVSS 8.8
CVE-2018-12388 HIGH
Mozilla Firefox <63 - Memory Corruption
CVSS 8.8
CVE-2018-20797 MEDIUM
PoDoFo 0.9.6 - Denial of Service via Excessive Memory Allocation in PdfPredictorDecoder
CVSS 6.5
CVE-2018-13914 HIGH
Qualcomm Snapdragon Firmware - Memory Corruption via User-Space Input
CVSS 7.8
CVE-2018-13912 MEDIUM
Qualcomm Snapdragon Firmware - Memory Corruption via Compat Mode Kernel Address
CVSS 5.5
CVE-2018-11938 HIGH
Qualcomm Snapdragon - Buffer Overflow via Improper Input Validation
CVSS 7.8
CVE-2018-11289 HIGH
Qualcomm Snapdragon Firmware - Buffer Overflow via Type Conversion
CVSS 7.8
CVE-2018-12159 MEDIUM
Intel(R) PROSet Wireless <20.50 - Buffer Overflow
CVSS 5.5
CVE-2018-6271 HIGH
Android - Denial of Service or Privilege Escalation via NVIDIA Tegra OpenMax Driver Buffer Handling
CVSS 7.8
CVE-2018-13893 HIGH
Android - Out-of-Bounds Memory Access in Mask Table Copy
CVSS 7.8
CVE-2018-13888 HIGH
Qualcomm MDM9206 and related firmware - Memory Corruption in RIL Daemon
CVSS 7.8
CVE-2018-12547 CRITICAL
Eclipse OpenJ9 <0.12.0 - Buffer Overflow
CVSS 9.8
CVE-2018-20762 HIGH
GPAC < 0.7.1 - Buffer Overflow via Crafted Filenames in MP4Box
CVSS 7.8
CVE-2018-20761 HIGH
GPAC < 0.7.1 - Buffer Overflow in gf_sm_load_init
CVSS 7.8
CVE-2018-3990 CRITICAL
WIBU-SYSTEMS WibuKey.sys 6.40 (Build 2400) - Kernel Memory Corruption via 0x8200E804 IOCTL Handler
CVSS 9.3
CVE-2018-18503 HIGH
Firefox < 65.0 - Use-After-Free via Audio Buffer Compartment Mismatch
CVSS 8.8
CVE-2018-18502 CRITICAL
Firefox < 65.0 - Memory Corruption
CVSS 9.8
CVE-2018-18501 CRITICAL
Firefox < 65.0 and Firefox ESR < 60.5 - Memory Corruption
CVSS 9.8
CVE-2018-12548 CRITICAL
OpenJDK + Eclipse OpenJ9 <0.11.0 - Use After Free
CVSS 9.8
CVE-2018-5881 HIGH
Qualcomm Snapdragon Mobile and Wear Firmware - Buffer Overflow in LWM2M Device Management Protocol
CVSS 8.8
CVE-2018-5880 HIGH
Snapdragon Mobile/Wear < Various - Buffer Overflow
CVSS 7.8
CVE-2018-5868 HIGH
Qualcomm Snapdragon Firmware - Buffer Overflow in WideVine via Input Size Mismatch
CVSS 7.8
CVE-2018-5867 HIGH
Qualcomm Multiple Chipsets - Buffer Overflow in WideVine
CVSS 7.8
Details
Vulnerabilities 13,989
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits