CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

13,990 vulnerabilities with CWE-119
CVE-2018-4127 HIGH
Safari < 11.1 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2018-4125 HIGH
Safari < 11.1 - Remote Code Execution via Crafted Web Site
CVSS 8.8
CVE-2018-4124 CRITICAL
iPhone OS < 11.2.6, macOS < 10.13.3, tvOS < 11.2.6, watchOS < 4.2.3 - Denial of Service via Telugu Character Processing
CVSS 9.8
CVE-2018-4122 HIGH
Safari < 11.1 - Remote Code Execution via Crafted Web Site
CVSS 8.8
CVE-2018-4121 HIGH
Safari < 11.1 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2018-4120 HIGH
Safari < 11.1 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2018-4119 HIGH
Safari < 11.1 - Remote Code Execution via Crafted Web Site
CVSS 8.8
CVE-2018-4118 HIGH
Safari < 11.1 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2018-4114 HIGH
Safari < 11.1 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2018-4109 HIGH
Apple tvOS < 11.2.5 - Remote Code Execution in Graphics Driver
CVSS 7.8
CVE-2018-4101 HIGH
Safari < 11.1 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2018-4098 HIGH
macOS < 10.13.3 - Memory Corruption in IOHIDFamily
CVSS 7.8
CVE-2018-4096 HIGH
Apple tvOS < 11.2.5 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2018-4095 HIGH
Apple tvOS < 11.2.5 - Memory Corruption in Core Bluetooth
CVSS 7.8
CVE-2018-4094 HIGH
Apple tvOS < 11.2.5 - Remote Code Execution via Crafted Audio File
CVSS 7.8
CVE-2018-4089 HIGH
Apple tvOS < 11.2.5 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2018-4088 HIGH
Apple WebKit - Remote Code Execution or Denial of Service via Memory Corruption
CVSS 8.8
CVE-2018-4087 HIGH
Apple tvOS < 11.2.5 - Memory Corruption in Core Bluetooth
CVSS 7.8
CVE-2018-4085 HIGH
Apple tvOS < 11.2.5 - Remote Code Execution via Memory Corruption in QuartzCore
CVSS 8.8
CVE-2018-4083 HIGH
macOS < 10.13.3 - Memory Corruption and Remote Code Execution in Touch Bar Support
CVSS 7.8
CVE-2018-4082 HIGH
Apple tvOS < 11.2.5 - Kernel Memory Corruption via Crafted App
CVSS 7.8
CVE-2018-6251 HIGH
NVIDIA Windows GPU Display Driver - Memory Corruption via DirectX 10 Usermode Driver Pixel Shader
CVSS 7.8
CVE-2018-9128 HIGH
DVD X Player Standard 5.5.3.9 - Buffer Overflow via Crafted PLF File
CVSS 7.8
CVE-2018-7566 HIGH
Linux kernel 4.15 - Buffer Overflow via SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl
CVSS 7.8
CVE-2018-9139 CRITICAL
Samsung Mobile N(7.x) - Buffer Overflow in Vision Service via Large Frame Size
CVSS 9.8
Details
Vulnerabilities 13,990
Exploit Likelihood High