CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

13,989 vulnerabilities with CWE-119
CVE-2018-16419 MEDIUM
OpenSC < 0.18.0 - Buffer Overflow in Cryptoflex Card Response Handling
CVSS 6.6
CVE-2018-16418 MEDIUM
OpenSC < 0.18.0 - Buffer Overflow in util_acl_to_str
CVSS 6.6
CVE-2018-16393 MEDIUM
OpenSC < 0.18.0 - Buffer Overflow in Gemsafe V1 Smartcard Response Handling
CVSS 6.8
CVE-2018-16392 MEDIUM
OpenSC < 0.18.0 - Buffer Overflow in TCOS Card Response Handling
CVSS 6.8
CVE-2018-16391 MEDIUM
OpenSC < 0.18.0 - Buffer Overflow in Muscle Card Response Handling
CVSS 6.8
CVE-2018-16333 HIGH
Tenda AC7, AC9, AC10, AC15, AC18 Firmware - Buffer Overflow via SSID Parameter
CVSS 7.5
CVE-2018-16302 HIGH
MediaComm Zip-n-Go < 4.95 - Buffer Overflow via Crafted File
CVSS 7.8
CVE-2018-12811 CRITICAL
Adobe Photoshop CC <19.1.6, <18.1.6 - Memory Corruption
CVSS 9.8
CVE-2018-12810 CRITICAL
Adobe Photoshop CC <19.1.6-18.1.6 - RCE
CVSS 9.8
CVE-2018-15897 MEDIUM
PHP Scripts Mall Website Seller Script 2.0.5 - Denial of Service via Crafted JavaScript in User Input Fields
CVSS 6.5
CVE-2018-15839 CRITICAL
D-Link DIR-615 Firmware - Buffer Overflow via Authorization HTTP Header
CVSS 9.8
CVE-2018-15871 MEDIUM
libming < 0.4.8 - Denial of Service via Invalid Memory Address Dereference
CVSS 6.5
CVE-2018-15870 MEDIUM
libming < 0.4.8 - Denial of Service via Invalid Memory Address Dereference in decompileGETVARIABLE
CVSS 6.5
CVE-2018-15120 MEDIUM
Pango 1.40.8-1.42.3 - Denial of Service via Invalid Unicode Sequences
CVSS 6.5
CVE-2018-3872 CRITICAL
Samsung STH-ETH-250 Firmware 0.20.17 - Buffer Overflow in Video-Core HTTP Server Credentials Handler
CVSS 9.9
CVE-2018-1159 MEDIUM
Mikrotik RouterOS <6.42.7,6.40.9 - Memory Corruption
CVSS 6.5
CVE-2018-3925 HIGH
Samsung STH-ETH-250 Firmware 0.20.17 - Heap Buffer Overflow via AWSELB Cookie Parsing
CVSS 8.5
CVE-2018-3917 CRITICAL
Samsung STH-ETH-250 Firmware 0.20.17 - Stack-Based Buffer Overflow via SQLite Shard Table Region Field
CVSS 9.9
CVE-2018-3905 CRITICAL
Samsung STH-ETH-250 Firmware 0.20.17 - Buffer Overflow via Camera Create Feature
CVSS 9.9
CVE-2018-3878 CRITICAL
Samsung STH-ETH-250 Firmware 0.20.17 - Stack-Based Buffer Overflow via JSON Region Field
CVSS 9.9
CVE-2018-14799 LOW
Philips PageWriter - Buffer Overflow
CVSS 3.7
CVE-2018-10858 MEDIUM
Debian Linux < 4.6.16 - Memory Corruption
CVSS 4.3
CVE-2018-10932 MEDIUM
Intel lldptool < 1.0.1 - Terminal Injection via Unsanitized mngAddr Buffer
CVSS 4.3
CVE-2018-14793 HIGH
Emerson DeltaV - Buffer Overflow via Open Communication Port
CVSS 8.8
CVE-2018-1000223 HIGH
soundtouch <=2.0.0 - Buffer Overflow
CVSS 8.8
Details
Vulnerabilities 13,989
Exploit Likelihood High