CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

13,990 vulnerabilities with CWE-119
CVE-2017-8329 MEDIUM
Securifi Almond AL-R096 - Stack-Based Buffer Overflow via mssid_1 POST Parameter
CVSS 6.4
CVE-2017-8336 HIGH
Securifi Almond 2015 Firmware AL-R096 - Stack-Based Buffer Overflow via Gateway POST Parameter
CVSS 8.8
CVE-2017-8335 HIGH
Securifi Almond AL-R096 - Stack-Based Buffer Overflow via mssid_1 POST Parameter
CVSS 8.0
CVE-2017-10724 HIGH
Shekar Endoscope Camera Firmware - Remote Code Execution via UDP SETCMD Wi-Fi Password Length Overflow
CVSS 8.8
CVE-2017-10723 HIGH
Shekar Endoscope Camera Firmware - Remote Code Execution via UDP SETCMD Wi-Fi Name Length Overflow
CVSS 8.8
CVE-2017-10722 HIGH
Shekar Endoscope Camera Firmware - Stack Overflow via Wi-Fi Password Input
CVSS 7.8
CVE-2017-10720 HIGH
Shekar Endoscope Firmware - Stack Overflow via Wi-Fi Name Parameter
CVSS 7.8
CVE-2017-9392 HIGH
Vera VeraEdge <1.7.19, Veralite <1.7.481 - Info Disclosure
CVSS 8.8
CVE-2017-9391 HIGH
Vera VeraEdge <1.7.19, Veralite <1.7.481 - Code Injection
CVSS 8.8
CVE-2017-14854 CRITICAL
Orpak SiteOmat <2017-09-25 - Buffer Overflow
CVSS 9.1
CVE-2017-7777 HIGH
Firefox < 54.0 - Use-After-Free in Graphite2 GlyphCache Loader
CVSS 8.8
CVE-2017-7773 HIGH
Firefox < 54.0 - Heap-based Buffer Overflow in Graphite2 Decompressor
CVSS 8.8
CVE-2017-7772 HIGH
Firefox < 54.0 - Heap-based Buffer Overflow in Graphite2 lz4::decompress
CVSS 8.8
CVE-2017-14199 CRITICAL
Zephyr Project <1.9.0-1.10.0 - Buffer Overflow
CVSS 9.8
CVE-2017-16231 MEDIUM
PCRE 8.41 - Stack-Based Buffer Overflow in match() Function
CVSS 5.5
CVE-2017-12447 HIGH
gdk-pixbuf - Denial of Service via Crafted File Folder
CVSS 7.8
CVE-2017-18329 HIGH
Qualcomm Snapdragon Firmware - Buffer Overflow via RTP Packet Transmission
CVSS 7.8
CVE-2017-16909 HIGH
LibRaw < 0.18.6 - Heap-Based Buffer Overflow via Crafted TIFF Image
CVSS 8.8
CVE-2017-14888 HIGH
Android - Heap Buffer Overflow via IE Data Copy
CVSS 7.8
CVE-2017-18124 HIGH
Qualcomm Small Cell SoC, Snapdragon Automobile, Mobile, Wear - Memory Corruption via Secure Boot
CVSS 7.8
CVE-2017-18303 HIGH
Qualcomm Snapdragon Firmware - Buffer Overflow in Sensors Registry Configuration
CVSS 7.8
CVE-2017-18295 HIGH
Qualcomm Multiple Chipsets Firmware - Buffer Overflow in DSP Service Module
CVSS 7.8
CVE-2017-18283 MEDIUM
Qualcomm Snapdragon Mobile Firmware - Memory Corruption via Invalid Read Val Blob Request Parameters
CVSS 6.5
CVE-2017-18171 HIGH
Qualcomm Snapdragon and QCA9379 Firmware - Memory Corruption via Bluetooth GATT Data Packet
CVSS 8.8
CVE-2017-7908 HIGH
Gigasoft ProEssentials < 5 - Heap-Based Buffer Overflow via ActiveX Control
CVSS 7.6
Details
Vulnerabilities 13,990
Exploit Likelihood High