CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

13,989 vulnerabilities with CWE-119
CVE-2018-10637 HIGH
Fuji Electric V-Server Lite <4.0.3.0 - Buffer Overflow
CVSS 7.8
CVE-2018-16745 HIGH
mgetty < 1.2.1 - Buffer Overflow via Unsanitized mail_to Parameter
CVSS 7.8
CVE-2018-8464 HIGH
Microsoft Edge - Remote Code Execution in PDF Reader
CVSS 7.5
CVE-2018-3657 MEDIUM
Intel CSME Firmware < 12.0.5 - Authenticated Buffer Overflow via Intel AMT
CVSS 6.7
CVE-2018-12151 MEDIUM
Intel Extreme Tuning Utility <6.4.1.21 - Buffer Overflow
CVSS 5.5
CVE-2018-12150 MEDIUM
Intel Extreme Tuning Utility < 6.4.1.21 - Authenticated Privilege Escalation via Installer
CVSS 6.7
CVE-2018-12149 MEDIUM
Intel Extreme Tuning Utility <6.4.1.21 - DoS
CVSS 5.5
CVE-2018-3875 CRITICAL
Samsung STH-ETH-250 Firmware 0.20.17 - Stack-Based Buffer Overflow via SessionToken JSON Field
CVSS 9.9
CVE-2018-16782 HIGH
ImageWorsener 1.3.2 - Buffer Overflow
CVSS 8.8
CVE-2018-16768 HIGH
WebAssembly Virtual Machine < 2018-07-26 - Heap Buffer Overflow in IR::FunctionValidationContext::end
CVSS 8.8
CVE-2018-16767 HIGH
WebAssembly Virtual Machine < 2018-07-26 - Denial of Service via Heap Buffer Overflow in FunctionValidationContext
CVSS 8.8
CVE-2018-16765 HIGH
WAVM <2018-07-26 - DoS
CVSS 8.8
CVE-2018-12897 HIGH
SolarWinds DameWare Mini Remote Control < 12.1 - Buffer Overflow
CVSS 7.8
CVE-2018-16665 MEDIUM
Contiki-NG < 4.1 - Buffer Overflow in AQL Parser
CVSS 6.1
CVE-2018-16664 HIGH
contiki-ng < 4.1 - Buffer Overflow in lvm_set_type via AQL Parsing
CVSS 7.0
CVE-2018-0644 MEDIUM
Ubuntu ORCA panda-client2 <=1:1.4.9/2.0.0 - Authenticated DoS via Buffer Overflow
CVSS 6.5
CVE-2018-16647 MEDIUM
Artifex MuPDF 1.13.0 - Denial of Service via Crafted PDF File
CVSS 5.5
CVE-2018-16644 MEDIUM
ImageMagick 7.0.8-11 - Denial of Service via Crafted Image in DCM and PICT Coders
CVSS 6.5
CVE-2018-1000667 MEDIUM
NASM < 2.14.0 - Memory Corruption via Crafted ASM File
CVSS 5.5
CVE-2018-1000663 MEDIUM
jsish <2.4.70-2.047 - Buffer Overflow
CVSS 6.5
CVE-2018-16585 HIGH
Artifex Ghostscript < 9.24 - Memory Corruption via .setdistillerkeys PostScript Command
CVSS 7.8
CVE-2018-16510 HIGH
Ghostscript < 9.24 - Denial of Service via Incorrect Exec Stack Handling in PDF Primitives
CVSS 7.8
CVE-2018-16422 MEDIUM
OpenSC < 0.18.0 - Buffer Overflow in esteid Card Response Handling
CVSS 6.6
CVE-2018-16421 MEDIUM
OpenSC < 0.18.0 - Buffer Overflow in CAC Card Response Handling
CVSS 6.6
CVE-2018-16420 MEDIUM
OpenSC < 0.18.0 - Buffer Overflow in ePass 2003 Card Response Handling
CVSS 6.6
Details
Vulnerabilities 13,989
Exploit Likelihood High