CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

13,990 vulnerabilities with CWE-119
CVE-2018-0175 HIGH KEV
Cisco IOS, IOS XE, and IOS XR - Format String Vulnerability in LLDP Subsystem
CVSS 8.0
CVE-2018-0167 HIGH KEV
Cisco IOS, IOS XE, and IOS XR - Buffer Overflow in LLDP Subsystem
CVSS 8.8
CVE-2018-0151 CRITICAL KEV
Cisco IOS XE - Remote Code Execution or Denial of Service via UDP Port 18999 Packet Processing
CVSS 9.8
CVE-2018-1083 HIGH
zsh < 5.4.2-test-1 - Buffer Overflow in Shell Autocomplete
CVSS 7.8
CVE-2018-1205 HIGH
Dell EMC ScaleIO < 2.5 - Denial of Service via MDM Service Packet Handling
CVSS 7.5
CVE-2018-1091 MEDIUM
Linux Kernel < 4.13.5 - Denial of Service via Transactional Memory Instructions in Core Dump Path
CVSS 5.5
CVE-2018-1301 MEDIUM
Apache HTTP Server < 2.4.30 - Denial of Service via Crafted HTTP Header
CVSS 5.9
CVE-2018-8977 MEDIUM
Exiv2 0.26 - Denial of Service in Canon Lens Data Parser
CVSS 6.5
CVE-2018-0541 CRITICAL
Tinyftp - Memory Corruption
CVSS 9.8
CVE-2018-1427 MEDIUM
IBM DB2 9.7-11.1 - Denial of Service via GSKit Environment Variable Overflow
CVSS 6.2
CVE-2018-8882 HIGH
Netwide Assembler (NASM) <2.13.02rc2 - Buffer Overflow
CVSS 7.8
CVE-2018-8822 HIGH
Linux kernel <4.15.11, >=4.16-rc - Buffer Overflow
CVSS 7.8
CVE-2018-7511 MEDIUM
Eaton ELCSoft < 2.04.02 - Remote Code Execution via Crafted File Buffer Overflow
CVSS 5.3
CVE-2018-7445 CRITICAL KEV
MikroTik RouterOS < 6.41.3 - Unauthenticated Remote Code Execution via SMB NetBIOS Session Request
CVSS 9.8
CVE-2018-1218 HIGH
Dell EMC NetWorker < 9.1.1.6 - Unauthenticated Denial of Service via nsrd Daemon Buffer Overflow
CVSS 7.5
CVE-2018-1068 MEDIUM
Linux Kernel < 3.2.102 - Memory Corruption via 32-bit Syscall Bridging
CVSS 6.7
CVE-2018-7886 HIGH
CloudMe Sync 1.11.0 - Unauthenticated Buffer Overflow via Local Port 8888
CVSS 7.8
CVE-2018-6297 CRITICAL
Hanwha Techwin Smartcams - Buffer Overflow
CVSS 9.8
CVE-2018-1000091 HIGH
KadNode 2.2.0 - Buffer Overflow in Arguments
CVSS 8.8
CVE-2018-1000097 HIGH
Sharutils sharutils <4.15.2 - Buffer Overflow
CVSS 7.8
CVE-2018-0522 HIGH
Buffalo WXR-1900DHP2 Firmware < 2.48 - Buffer Overflow via Crafted File
CVSS 7.8
CVE-2018-7874 MEDIUM
libming 0.4.8 - Denial of Service via Invalid Memory Address Dereference in strlenext
CVSS 6.5
CVE-2018-0209 HIGH
Cisco Small Business 500 Series Stackable Managed Switches Firmware - Denial of Service via SNMP Traffic Flood
CVSS 7.7
CVE-2018-7752 HIGH
GPAC < 0.7.1 - Buffer Overflow in gf_media_avc_read_sps
CVSS 7.8
CVE-2018-7740 MEDIUM
Linux Kernel < 4.15.7 - Denial of Service via Large pgoff Argument in remap_file_pages
CVSS 5.5
Details
Vulnerabilities 13,990
Exploit Likelihood High