CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

13,990 vulnerabilities with CWE-119
CVE-2017-3223 CRITICAL
Dahua IP Camera Firmware < v2.400.0000.14 - Unauthenticated Stack Buffer Overflow via Web Interface
CVSS 9.8
CVE-2017-7467 HIGH
minicom < 2.7.1 - Buffer Overflow via VT100 Escape Sequence Handling
CVSS 7.0
CVE-2017-18158 HIGH
Android - Buffer Overflow and Array Out of Bounds Access while Flashing Images
CVSS 7.8
CVE-2017-17317 LOW
Huawei USG6300, Secospace USG6500, Secospace USG6600, TE30, TE40, TE50, TE60 - Buffer Overflow via COPS Module
CVSS 3.7
CVE-2017-2668 MEDIUM
389 Directory Server < 1.3.5.17 - Unauthenticated Denial of Service via LDAP Bind Request
CVSS 6.5
CVE-2017-18070 HIGH
Android - Heap Overflow in wma_ndp_end_response_event_handler()
CVSS 7.8
CVE-2017-15854 HIGH
Android - Buffer Overflow in wma_radio_chan_stats_event_handler()
CVSS 7.8
CVE-2017-7845 HIGH
Firefox < 52.5.2 - Buffer Overflow in ANGLE Graphics Library
CVSS 8.8
CVE-2017-7827 CRITICAL
Firefox < 57 - Memory Corruption and Remote Code Execution
CVSS 9.8
CVE-2017-7826 CRITICAL
Debian Linux < 57.0 - Memory Corruption
CVSS 9.8
CVE-2017-7824 CRITICAL
Redhat Enterprise Linux Aus < 52.4.0 - Memory Corruption
CVSS 9.8
CVE-2017-7811 CRITICAL
Firefox < 56.0 - Memory Corruption
CVSS 9.8
CVE-2017-7810 CRITICAL
Debian Linux < 56.0 - Memory Corruption
CVSS 9.8
CVE-2017-7792 CRITICAL
Debian Linux < 52.3.0 - Memory Corruption
CVSS 9.8
CVE-2017-7786 CRITICAL
Debian Linux < 52.1.0 - Memory Corruption
CVSS 9.8
CVE-2017-7785 CRITICAL
Debian Linux < 52.3.0 - Memory Corruption
CVSS 9.8
CVE-2017-7780 CRITICAL
Firefox < 55.0 - Memory Corruption
CVSS 9.8
CVE-2017-7779 CRITICAL
Debian Linux < 55.0 - Memory Corruption
CVSS 9.8
CVE-2017-7778 CRITICAL
Firefox < 54 and Firefox ESR < 52.2 - Multiple Memory Corruption Vulnerabilities in Graphite 2 Library
CVSS 9.8
CVE-2017-5471 CRITICAL
Firefox < 54.0 - Memory Corruption and Potential Remote Code Execution
CVSS 9.8
CVE-2017-5470 CRITICAL
Debian Linux < 54.0 - Memory Corruption
CVSS 9.8
CVE-2017-5469 CRITICAL
Debian Linux < 45.9.0 - Memory Corruption
CVSS 9.8
CVE-2017-5467 HIGH
Redhat Enterprise Linux Desktop < 53.0 - Memory Corruption
CVSS 7.5
CVE-2017-5464 CRITICAL
Debian Linux < 53.0 - Memory Corruption
CVSS 9.8
CVE-2017-5459 CRITICAL
Redhat Enterprise Linux Desktop < 45.9.0 - Memory Corruption
CVSS 9.8
Details
Vulnerabilities 13,990
Exploit Likelihood High