CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

13,990 vulnerabilities with CWE-119
CVE-2018-5463 HIGH
LAquis SCADA <4.1.0.3391 - Buffer Overflow
CVSS 7.8
CVE-2018-0555 HIGH
Buffalo WZR-1750DHP2 Firmware < 2.30 - Buffer Overflow via Crafted File
CVSS 7.8
CVE-2018-3624 HIGH
Intel XMM71xx, XMM72xx, XMM73xx, XMM74xx and Sofia 3G/R - Buffer Overflow in ETWS Processing Module
CVSS 8.3
CVE-2018-9284 CRITICAL
D-Link DIR-868L Singapore StarHub Firmware < 1.21shcb03 - Remote Code Execution via authentication.cgi
CVSS 9.8
CVE-2018-8941 HIGH
D-Link DSL-3782 Firmware EU 1.01 - Authenticated Buffer Overflow via Diagnostics_Entry Addr Parameter
CVSS 8.8
CVE-2018-5828 HIGH
Qualcomm Android <2018-04-05 - Buffer Overflow
CVSS 7.8
CVE-2018-5824 HIGH
Qualcomm Android <2018-04-05 - Buffer Overflow
CVSS 7.8
CVE-2018-5823 HIGH
Qualcomm Android <2018-04-05 - Buffer Overflow
CVSS 7.8
CVE-2018-5822 HIGH
Qualcomm Android <2018-04-05 - Buffer Overflow
CVSS 7.3
CVE-2018-3566 HIGH
Qualcomm Android <2018-04-05 - Buffer Overflow
CVSS 7.8
CVE-2018-4165 HIGH
Safari < 11.1 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2018-4163 HIGH
Safari < 11.1 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2018-4162 HIGH
Safari < 11.1 - Remote Code Execution via Crafted Web Site
CVSS 8.8
CVE-2018-4161 HIGH
Safari < 11.1 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2018-4150 HIGH
iPhone OS < 11.3, macOS < 10.13.4, tvOS < 11.3, watchOS < 4.3 - Kernel Memory Corruption via Crafted App
CVSS 7.8
CVE-2018-4148 CRITICAL
iPhone OS < 11.3 - Remote Code Execution in Telephony Component
CVSS 9.8
CVE-2018-4146 MEDIUM
Safari < 11.1 - Memory Corruption via Crafted Web Site
CVSS 6.5
CVE-2018-4144 HIGH
iPhone OS < 11.3 - Remote Code Execution via Buffer Overflow
CVSS 7.8
CVE-2018-4143 HIGH
iPhone OS < 11.3, macOS < 10.13.4, tvOS < 11.3, watchOS < 4.3 - Memory Corruption in Kernel
CVSS 7.8
CVE-2018-4139 HIGH
macOS < 10.13.4 - Remote Code Execution in kext tools
CVSS 7.8
CVE-2018-4135 HIGH
macOS < 10.13.4 - Remote Code Execution in IOFireWireFamily
CVSS 7.8
CVE-2018-4132 HIGH
macOS < 10.13.4 - Memory Corruption in Intel Graphics Driver
CVSS 7.8
CVE-2018-4130 HIGH
Safari < 11.1 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2018-4129 HIGH
Safari < 11.1 - Remote Code Execution via Crafted Web Site
CVSS 8.8
CVE-2018-4128 HIGH
Safari < 11.1 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
Details
Vulnerabilities 13,990
Exploit Likelihood High