CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

13,990 vulnerabilities with CWE-119
CVE-2018-1000050 HIGH
stb_vorbis < 1.12 - Buffer Overflow in Vorbis Decoding Paths
CVSS 8.8
CVE-2018-6876 MEDIUM
ImageMagick - Denial of Service via Crafted BMP Image
CVSS 6.5
CVE-2018-0132 HIGH
Cisco Carrier Routing System - Denial of Service via Long Routing Update
CVSS 8.6
CVE-2018-6799 HIGH
GraphicsMagick < 1.3.28 - Heap Overflow via Crafted Image File
CVSS 8.8
CVE-2018-5796 HIGH
ExtremeWireless WiNG 5.x < 5.8.6.9 and 5.9.x < 5.9.1.3 - Authenticated Root Shell Access via Service Start-Shell Command
CVSS 7.2
CVE-2018-5790 MEDIUM
Extreme Networks ExtremeWireless <5.8.6.9-5.9.1.3 - DoS
CVSS 5.3
CVE-2018-5788 HIGH
Extreme Networks ExtremeWireless <5.8.6.9 & <5.9.1.3 - DoS
CVSS 7.5
CVE-2018-6537 CRITICAL
Flexense SyncBreeze Enterprise 10.4.18 - Remote Code Execution via Control Protocol Buffer Overflow
CVSS 9.8
CVE-2018-0510 CRITICAL
kkcald < 0.7.19 - Buffer Overflow in EPG Search Result Viewer
CVSS 9.8
CVE-2018-5996 HIGH
7-Zip < 18.00 and p7zip < 18.0 - Memory Corruption via Crafted RAR Archive
CVSS 7.8
CVE-2018-5701 CRITICAL
iolo System Shield 5.0.0.136 - Arbitrary Write via amp.sys IOCtl 0x00226003
CVSS 9.8
CVE-2018-6390 MEDIUM
Kingsoft WPS Office 10.1.0.7106 and 10.2.0.5978 - Denial of Service via WStr::assign Function
CVSS 6.5
CVE-2018-6381 MEDIUM
ZZIPlib 0.13.56-0.13.67 - Denial of Service via Invalid Memory Access in zzip_disk_fread
CVSS 6.5
CVE-2018-6192 MEDIUM
Artifex MuPDF 1.12.0 - Denial of Service via Crafted PDF File
CVSS 5.5
CVE-2018-5359 HIGH
Flexense SysGauge <3.6.18 - Buffer Overflow
CVSS 8.1
CVE-2018-5766 HIGH
Libav < 12.2 - Denial of Service via Crafted AVI File in av_packet_ref
CVSS 8.8
CVE-2018-5195 CRITICAL
Hancom NEO <9.6.1.5183 - Buffer Overflow
CVSS 9.8
CVE-2018-5684 HIGH
libav < 12.2 - Denial of Service via Invalid memcpy in ff_mov_read_stsd_entries
CVSS 8.8
CVE-2018-5336 HIGH
Wireshark 2.2.0-2.2.11 and 2.4.0-2.4.3 - Denial of Service in JSON, XML, NTP, XMPP, and GDB Dissectors
CVSS 7.5
CVE-2018-5335 MEDIUM
Wireshark 2.2.0-2.2.11 and 2.4.0-2.4.3 - Denial of Service in WCP Dissector
CVSS 6.5
CVE-2018-5334 MEDIUM
Wireshark 2.2.0-2.2.11 and 2.4.0-2.4.3 - Denial of Service in IxVeriWave File Parser
CVSS 6.5
CVE-2018-5189 HIGH
Jungo Windriver 12.5.1 - Privilege Escalation
CVSS 7.8
CVE-2018-0007 CRITICAL
Junos OS Multiple Versions - DoS and RCE via Malicious LLDP Packet
CVSS 9.8
CVE-2018-0002 HIGH
Junos OS Multiple Versions - Denial of Service via Crafted TCP/IP Packet
CVSS 8.2
CVE-2018-3610 MEDIUM
Intel Driver and Support Assistant < 3.1.1 - Memory Corruption via SEMA Driver
CVSS 6.0
Details
Vulnerabilities 13,990
Exploit Likelihood High