CWE-119
High likelihoodImproper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
13,990 vulnerabilities with CWE-119
CVE-2018-11224
MEDIUM
Libav 12.3 - Denial of Service via Read Access Violation in in_table_init16
CVSS 6.5
CVE-2018-3661
MEDIUM
Intel syscfg and selview < 14.0 - Denial of Service via Buffer Overflow
CVSS 5.5
CVE-2018-11102
HIGH
Libav 12.3 - Denial of Service via mov_probe Function
CVSS 7.5
CVE-2018-11100
HIGH
libming < 0.4.8 - Denial of Service via decompileSETTARGET Function
CVSS 8.8
CVE-2018-11095
HIGH
libming < 0.4.8 - Denial of Service via decompileJUMP Function
CVSS 8.8
CVE-2018-11033
HIGH
xpdf - Denial of Service via Crafted JPEG Data in DCTStream::readHuffSym
CVSS 7.8
CVE-2018-11017
HIGH
libming < 0.4.8 - Denial of Service via newVar_N Function
CVSS 8.8
CVE-2018-10996
CRITICAL
D-Link DIR-629-B1 Firmware - Buffer Overflow via REMOTE_ADDR Environment Variable
CVSS 9.8
CVE-2018-10655
HIGH
DeviceLock Plug and Play Auditor <5.72 - Buffer Overflow
CVSS 7.8
CVE-2018-8061
HIGH
HWiNFO AMD64 Kernel driver <8.98 - Memory Corruption
CVSS 7.1
CVE-2018-10958
MEDIUM
exiv2 0.26 - Denial of Service via Large Size Value in PngChunk zlibUncompress
CVSS 6.5
CVE-2018-8151
MEDIUM
Microsoft Exchange - Info Disclosure
CVSS 4.3
CVE-2018-10940
MEDIUM
Linux Kernel < 4.16.6 - Local Memory Read via CDROM_MEDIA_CHANGED ioctl
CVSS 5.5
CVE-2018-1089
HIGH
389 Directory Server < 1.3.6.15 - Unauthenticated Denial of Service via LDAP Search Filter
CVSS 7.5
CVE-2018-10184
HIGH
HAProxy < 1.8.8 - Heap-Based Buffer Overflow via H2 Frame Length Mismatch
CVSS 7.5
CVE-2018-10777
HIGH
mp3gain through 1.5.2-r2 - Buffer Overflow in WriteMP3GainAPETag
CVSS 7.8
CVE-2018-10774
MEDIUM
bibutils < 6.2 - Denial of Service via isiin_keyword Function
CVSS 6.5
CVE-2018-10772
MEDIUM
Exiv2 < 0.26 - Denial of Service via tEXtToDataBuf in pngimage.cpp
CVSS 6.5
CVE-2018-7507
HIGH
WPLSoft < 2.45.0 - Heap-Based Buffer Overflow via File Read
CVSS 8.8
CVE-2018-7494
HIGH
WPLSoft < 2.45.0 - Remote Code Execution via Stack Buffer Overflow
CVSS 8.8
CVE-2018-10750
HIGH
D-Link DSL-3782 EU 1.01 - Authenticated Memory Corruption via Diagnostics staticGet Parameter
CVSS 8.8
CVE-2018-10749
HIGH
D-Link DSL-3782 EU 1.01 - Authenticated Memory Corruption via Diagnostics Commit Parameter
CVSS 8.8
CVE-2018-10748
HIGH
D-Link DSL-3782 EU 1.01 - Authenticated Memory Corruption via Diagnostics Show Parameter
CVSS 8.8
CVE-2018-10747
HIGH
D-Link DSL-3782 EU 1.01 - Authenticated Memory Corruption via Diagnostics Unset Parameter
CVSS 8.8
CVE-2018-10746
HIGH
D-Link DSL-3782 EU 1.01 - Authenticated Memory Corruption via Diagnostics Component
CVSS 8.8
Details
Vulnerabilities
13,990
Exploit Likelihood
High