CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

13,989 vulnerabilities with CWE-119
CVE-2018-12152 HIGH
Intel Graphics Drivers <10.18.x.5056-20.19.x.5058 - RCE
CVSS 7.8
CVE-2018-8423 HIGH
Microsoft JET Database Engine - RCE
CVSS 7.8
CVE-2018-7632 HIGH
EpiCentro E_7.3.2+ - Denial of Service via Crafted GET Request
CVSS 7.5
CVE-2018-7631 CRITICAL
EpiCentro E_7.3.2+ - Unauthenticated Remote Code Execution via Buffer Overflow in httpd
CVSS 9.8
CVE-2018-17962 HIGH
Qemu - Buffer Overflow in pcnet_receive
CVSS 7.5
CVE-2018-18197 CRITICAL
libgig 4.1.0 - Denial of Service via Large Heap Allocation in DLS::Sampler::Sampler
CVSS 9.8
CVE-2018-18193 HIGH
libgig 4.1.0 - Denial of Service via Large Heap Request in DLS::File::File
CVSS 8.8
CVE-2018-1000804 CRITICAL
contiki-ng 4 - Buffer Overflow in AQL Database Engine
CVSS 9.8
CVE-2018-0470 HIGH
Cisco IOS XE - Unauthenticated Denial of Service via Malformed HTTP Packet
CVSS 8.6
CVE-2018-0423 HIGH
Cisco RV110W, RV130W, and RV215W - Unauthenticated Buffer Overflow via Guest User Feature
CVSS 8.1
CVE-2018-17540 HIGH
strongSwan <5.7.1 - Buffer Overflow
CVSS 7.5
CVE-2018-9515 HIGH
Android - Memory Corruption in sdcardfs inode Operations
CVSS 7.8
CVE-2018-3984 HIGH
Atlantis Word Processor 3.0.2.3 and 3.0.2.5 - Buffer Overflow via Word Document Parser
CVSS 7.8
CVE-2018-14802 CRITICAL
Fuji Electric FRENIC LOADER v3.3-7.3.4.1a - RCE
CVSS 9.8
CVE-2018-14794 CRITICAL
Fuji Electric Alpha5 Smart Loader <3.7 - Buffer Overflow
CVSS 9.8
CVE-2018-17847 HIGH
Go html package <2018-09-25 - Info Disclosure
CVSS 7.5
CVE-2018-16713 MEDIUM
IObit Advanced SystemCare <1.2.0.5 - Code Injection
CVSS 6.5
CVE-2018-16711 HIGH
IObit Advanced SystemCare <1.2.0.5 - Code Injection
CVSS 8.8
CVE-2018-6038 MEDIUM
Google Chrome <64.0.3282.119 - Buffer Overflow
CVSS 6.5
CVE-2018-17407 HIGH
TeX Live <2018-09-21 - Buffer Overflow
CVSS 7.8
CVE-2018-17359 MEDIUM
GNU Binutils - Denial of Service via Crafted ELF File
CVSS 5.5
CVE-2018-17358 MEDIUM
GNU Binutils - Denial of Service via Crafted ELF File in BFD Library
CVSS 5.5
CVE-2018-3877 CRITICAL
Samsung STH-ETH-250 Firmware 0.20.17 - Buffer Overflow via HTTP Server Directory Parameter
CVSS 9.9
CVE-2018-3874 CRITICAL
Samsung STH-ETH-250 Firmware 0.20.17 - Buffer Overflow via HTTP Server Credentials Handler
CVSS 9.9
CVE-2018-3873 CRITICAL
Samsung STH-ETH-250 Firmware 0.20.17 - Buffer Overflow via SecretKey Parameter
CVSS 9.9
Details
Vulnerabilities 13,989
Exploit Likelihood High