CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

13,990 vulnerabilities with CWE-119
CVE-2018-5221 HIGH
BarCodeWiz BarCode ActiveX Control < 6.7 - Remote Code Execution via Long BottomText or TopText Property
CVSS 8.8
CVE-2018-5208 CRITICAL
irssi < 1.0.6 - Heap Buffer Overflow via Completion Code
CVSS 9.8
CVE-2018-5244 MEDIUM
Xen >=4.10.0 - Denial of Service via MSR Emulation Tracking Structure
CVSS 6.5
CVE-2018-0103 HIGH
Cisco WebEx Network Recording Player - Buffer Overflow via ARF File Processing
CVSS 7.8
CVE-2017-11076 CRITICAL
Hardware Revision - Memory Corruption
CVSS 9.8
CVE-2017-20144 MEDIUM
Anvsoft PDFMate PDF Converter Pro <1.7.5.0 - Memory Corruption
CVSS 6.3
CVE-2017-13906 HIGH
macOS <10.13.1 - Privilege Escalation
CVSS 7.8
CVE-2017-13835 HIGH
macOS High Sierra 10.13 - Memory Corruption
CVSS 7.8
CVE-2017-9103 CRITICAL
adns < 1.5.2 - Memory Corruption via Uninitialized Stack Value in pap_mailbox822
CVSS 9.8
CVE-2017-9109 CRITICAL
adns < 1.5.2 - Heap-Based Buffer Overflow via Interleaved CNAME Answers
CVSS 9.8
CVE-2017-9108 HIGH
adns < 1.5.2 - Buffer Overflow via Missing Final Newline Handling
CVSS 7.5
CVE-2017-9107 HIGH
adns < 1.5.2 - Denial of Service via Backslash Domain Parsing
CVSS 7.5
CVE-2017-9106 HIGH
adns < 1.5.2 - Buffer Overflow via Integer Conversion in adns_rr_info
CVSS 7.5
CVE-2017-18662 HIGH
Samsung Mobile <M6.0,N7.x - Info Disclosure
CVSS 7.5
CVE-2017-18696 CRITICAL
Samsung Android M(6.0) and N(7.0) - Memory Corruption in RKP
CVSS 9.8
CVE-2017-5332 HIGH
icoutils <0.31.1 - Memory Corruption
CVSS 7.8
CVE-2017-5731 HIGH
Tianocore edk2 < 2017-11-07 - Authenticated Buffer Overflow in Tianocompress
CVSS 7.8
CVE-2017-14742 CRITICAL
LabF nfsAxe FTP client 3.7 - Remote Code Execution via Buffer Overflow
CVSS 9.8
CVE-2017-14202 HIGH
Zephyr Shell <1.14.0 - Memory Corruption
CVSS 7.8
CVE-2017-18379 CRITICAL
Linux Kernel 4.10-<4.14 - Out-of-Bounds Memory Access in NVMe FC Driver
CVSS 9.8
CVE-2017-13719 CRITICAL
Amcrest IPM-721S V2.420.AC00.17.R Stack Overflow via HTTP Auth Header
CVSS 9.8
CVE-2017-8416 HIGH
D-Link DCS-1100 and DCS-1130 - Unauthenticated Stack-Based Buffer Overflow via UDP Discovery Protocol
CVSS 8.8
CVE-2017-8412 HIGH
D-Link DCS-1100 and DCS-1130 Firmware - Stack Overflow via HTTP VERB Logging
CVSS 8.8
CVE-2017-8414 HIGH
D-Link DCS-1100 and DCS-1130 Firmware - Stack-Based Buffer Overflow via UPnP Command Line Parameter
CVSS 7.8
CVE-2017-8410 CRITICAL
D-Link DCS-1100 and DCS-1130 Firmware - Stack-Based Buffer Overflow via RTSP Authorization Header
CVSS 9.8
Details
Vulnerabilities 13,990
Exploit Likelihood High