CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

13,990 vulnerabilities with CWE-119
CVE-2017-1085 HIGH
FreeBSD < 11.2 - Arbitrary Code Execution via setrlimit() Stack Memory Permissions
CVSS 7.8
CVE-2017-1084 HIGH
FreeBSD < 11.2 - Stack-Based Buffer Overflow via Stack Guard-Page Bypass
CVSS 7.5
CVE-2017-1083 HIGH
FreeBSD < 11.2 - Stack-Based Buffer Overflow via Disabled Stack Guard-Page
CVSS 7.5
CVE-2017-2795 HIGH
MarkLogic 8.0-6 - Heap Corruption via Crafted XLS File in Txo Functionality
CVSS 8.3
CVE-2017-2792 HIGH
MarkLogic 8.0-6 - Heap Corruption via Crafted XLS File in iBldDirInfo
CVSS 8.3
CVE-2017-15406 HIGH
Google Chrome < 62.0.3202.75 - Stack Buffer Overflow in V8 via Crafted HTML Page
CVSS 8.8
CVE-2017-15398 CRITICAL
Google Chrome < 62.0.3202.89 - Remote Code Execution via QUIC Stack Buffer Overflow
CVSS 9.8
CVE-2017-15396 MEDIUM
Google Chrome < 62.0.3202.75 - Remote Code Execution via Stack Buffer Overflow in ICU NumberingSystem
CVSS 6.5
CVE-2017-15418 MEDIUM
Chrome < 63.0.3239.84 - Information Disclosure via Uninitialized Memory in Skia
CVSS 4.3
CVE-2017-15417 MEDIUM
Google Chrome < 63.0.3239.84 - Cross-Origin Data Leak via Skia Canvas Composite Operations
CVSS 5.3
CVE-2017-15416 MEDIUM
Redhat Enterprise Linux Desktop < 63.0.3239.84 - Memory Corruption
CVSS 6.5
CVE-2017-15415 MEDIUM
Debian Linux < 63.0.3239.84 - Memory Corruption
CVSS 6.5
CVE-2017-15409 HIGH
Google Chrome < 63.0.3239.84 - Heap Buffer Overflow in Skia via Crafted HTML Page
CVSS 8.8
CVE-2017-15408 HIGH
Google Chrome < 63.0.3239.84 - Heap Buffer Overflow in Omnibox via Crafted PDF File
CVSS 8.8
CVE-2017-11563 CRITICAL
D-Link EyeOn Baby Monitor (DCS-825L) 1.08.1 - RCE
CVSS 9.8
CVE-2017-14452 HIGH
Insteon Hub <1012 - Buffer Overflow
CVSS 8.5
CVE-2017-14455 HIGH
Insteon Hub 2245-222 <1012 - Buffer Overflow
CVSS 8.5
CVE-2017-14453 HIGH
Insteon Hub 2245-222 - Buffer Overflow
CVSS 8.5
CVE-2017-2575 MEDIUM
libbpg 0.9.7 - NULL Pointer Dereference in BPG Encoder
CVSS 6.5
CVE-2017-9003 HIGH
ArubaOS - Memory Corruption and Possible Remote Code Execution
CVSS 7.5
CVE-2017-14447 HIGH
Insteon Hub <1012 - Buffer Overflow
CVSS 8.5
CVE-2017-14444 CRITICAL
Insteon Hub <1012 - Buffer Overflow
CVSS 9.9
CVE-2017-15101 HIGH
liblouis < 2.5.4 - Stack-Based Buffer Overflow in findTable()
CVSS 7.8
CVE-2017-2634 HIGH
Linux Kernel < 2.6.22.17 - Memory Corruption in DCCP IPv6 Header Handling
CVSS 7.5
CVE-2017-2630 MEDIUM
QEMU < 2.9 - Stack Buffer Overflow via NBD_OPT_LIST Response Processing
CVSS 5.5
Details
Vulnerabilities 13,990
Exploit Likelihood High