CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

13,990 vulnerabilities with CWE-119
CVE-2018-7726 MEDIUM
ZZIPlib 0.13.68 - Denial of Service via Crafted Zip File
CVSS 6.5
CVE-2018-7725 MEDIUM
ZZIPlib <0.13.68 - Memory Corruption
CVSS 6.5
CVE-2018-1000100 HIGH
GPAC MP4Box <0.7.1 - Buffer Overflow
CVSS 7.8
CVE-2018-5453 HIGH
Moxa OnCell G3100-HSPA <1.4 Build 16062919 - Info Disclosure
CVSS 7.5
CVE-2018-7648 CRITICAL
OpenJPEG 2.3.0 - Buffer Overflow via Long Output Prefix
CVSS 9.8
CVE-2018-7587 HIGH
CImg v.220 - Denial of Service via Crafted BMP Image Allocation Failure
CVSS 7.8
CVE-2018-7584 CRITICAL
PHP < 5.6.33, 7.0.x < 7.0.28, 7.1.x <= 7.1.14, 7.2.x <= 7.2.2 - Stack-Based Buffer Under-Read in HTTP Response Parsing
CVSS 9.8
CVE-2018-7573 CRITICAL
FTPShell Client 6.7 - Remote Code Execution via FTP 220 Response Buffer Overflow
CVSS 9.8
CVE-2018-7552 CRITICAL
sam2p 0.49.4 - Use-After-Free in Mapping::DoubleHash::clear
CVSS 9.8
CVE-2018-6481 CRITICAL
Flexense Disksavvy - Memory Corruption
CVSS 9.8
CVE-2018-7485 CRITICAL
unixODBC - Buffer Overflow via SQLWriteFileDSN Function
CVSS 9.8
CVE-2018-7470 MEDIUM
ImageMagick 7.0.7-22 Q16 - Denial of Service in IsWEBPImageLossless Function
CVSS 6.5
CVE-2018-7339 HIGH
Mp4v2 < 2.0.0 - Memory Corruption
CVSS 8.8
CVE-2018-7409 CRITICAL
unixODBC < 2.3.5 - Buffer Overflow in unicode_to_ansi_copy
CVSS 9.8
CVE-2018-7284 HIGH
Asterisk Buffer Overflow via SUBSCRIBE Request Accept Headers
CVSS 7.5
CVE-2018-0204 HIGH
Cisco Prime Collaboration Provisioning - Unauthenticated Denial of Service via Repeated Bad Login Attempts
CVSS 7.5
CVE-2018-7247 CRITICAL
leptonica < 1.75.3 - Buffer Overflow in pixHtmlViewer
CVSS 9.8
CVE-2018-5473 CRITICAL
GE D60 Line Distance Relay <7.11 - Buffer Overflow
CVSS 9.8
CVE-2018-5378 HIGH
Quagga BGP daemon <1.2.3 - Buffer Overflow
CVSS 7.1
CVE-2018-7039 CRITICAL
CCN-lite 2.0.0 Beta - Buffer Overflow via Crafted TLV Data
CVSS 9.8
CVE-2018-2386 MEDIUM
SAP Internet Graphics Server 7.20, 7.20EXT, 7.45, 7.49, 7.53 - Denial of Service via Buffer Overflow
CVSS 6.5
CVE-2018-6953 CRITICAL
CCN-lite 2 - Buffer Overflow in NDNTLV Parser
CVSS 9.8
CVE-2018-6948 CRITICAL
CCN-lite 2 - Buffer Overflow in ccnl_prefix_to_str_detailed via NFN-R2C Packet
CVSS 9.8
CVE-2018-0487 CRITICAL
ARM mbed TLS <1.3.22/<2.1.10/<2.7.0 - RCE or DoS via RSASSA-PSS Verification
CVSS 9.8
CVE-2018-6892 CRITICAL
CloudMe Sync < 1.10.9 - Unauthenticated Remote Buffer Overflow via Port 8888
CVSS 9.8
Details
Vulnerabilities 13,990
Exploit Likelihood High