CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

13,989 vulnerabilities with CWE-119
CVE-2018-1000221 CRITICAL
pkgconf 1.5.0-1.5.2 - Buffer Overflow in dequote() via Crafted .pc File
CVSS 9.8
CVE-2018-1000657 HIGH
Rust Programming Language - Buffer Overflow
CVSS 7.8
CVE-2018-1000637 HIGH
zutils < 1.8-pre2 - Buffer Overflow in zcat via Crafted Compressed File
CVSS 7.8
CVE-2018-15354 HIGH
Kraftway 24F2XG Router <3.5.30.1118 - Buffer Overflow
CVSS 7.5
CVE-2018-15353 CRITICAL
Kraftway 24F2XG Router <3.5.30.1118 - RCE
CVSS 9.8
CVE-2018-10873 HIGH
SPICE < 0.14.1 - Memory Corruption via Demarshalling Message Bounds Check Bypass
CVSS 8.3
CVE-2018-14779 MEDIUM
Yubico PIV Manager < 1.4.2 - Buffer Overflow in ykpiv_transfer_data
CVSS 6.8
CVE-2018-15172 HIGH
TP-Link TL-WR840N Firmware - Buffer Overflow via Long Authorization HTTP Header
CVSS 7.5
CVE-2018-6414 CRITICAL
Hikvision IP Cameras - Buffer Overflow via Crafted Web Server Message
CVSS 9.8
CVE-2018-5925 HIGH
HP Inkjet Printers - Buffer Overflow
CVSS 7.8
CVE-2018-15191 MEDIUM
PHP Scripts Mall hotel-booking-script <2.0.4 - DoS
CVSS 6.5
CVE-2018-15188 MEDIUM
PHP Scripts Mall advanced-real-estate-script <4.0.9 - DoS
CVSS 6.5
CVE-2018-0429 HIGH
Cisco Thor Video Codec < 2018-8-8 - Stack-Based Buffer Overflow via Crafted Bitstream
CVSS 7.8
CVE-2018-15176 HIGH
XnView 2.45 - Denial of Service via Crafted RLE File
CVSS 7.8
CVE-2018-15175 HIGH
XnView 2.45 - Denial of Service via Crafted RLE File
CVSS 7.8
CVE-2018-15174 HIGH
XnView 2.45 - Denial of Service via Crafted ICO File
CVSS 7.8
CVE-2018-14948 HIGH
dilawar sound <2017-11-27 - Memory Corruption
CVSS 7.8
CVE-2018-14947 HIGH
PDF2JSON 0.69 - Use-After-Free in XmlFontAccu::CSStyle
CVSS 8.8
CVE-2018-14946 HIGH
PDF2JSON 0.69 - Use-After-Free in HtmlString Memory Management
CVSS 8.8
CVE-2018-14939 CRITICAL
LibreOffice < 6.0.5 - Buffer Overflow via get_app_path realpath Mishandling
CVSS 9.8
CVE-2018-3670 HIGH
Intel Smart Sound Technology < 9.21.00.3541 - Local Buffer Overflow in Driver Module
CVSS 8.8
CVE-2018-14290 HIGH
Foxit Reader and PhantomPDF < 9.1.0.5096 - Remote Code Execution via PDF Parsing
CVSS 8.8
CVE-2018-7992 MEDIUM
Huawei MediaPad M3, Mate 9 Pro < 8.0.0.356(C00), P10 Plus < 8.0.0.357(C00) - DoS via Mdapt Driver Buffer Overflow
CVSS 5.5
CVE-2018-14743 HIGH
cloudwu PBC <2017-03-02 - Memory Corruption
CVSS 7.5
CVE-2018-14742 HIGH
cloudwu PBC < 2017-03-02 - Denial of Service via memcpy in set_field_one
CVSS 7.5
Details
Vulnerabilities 13,989
Exploit Likelihood High