CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

13,992 vulnerabilities with CWE-119
CVE-2017-5464 CRITICAL
Debian Linux < 53.0 - Memory Corruption
CVSS 9.8
CVE-2017-5459 CRITICAL
Redhat Enterprise Linux Desktop < 45.9.0 - Memory Corruption
CVSS 9.8
CVE-2017-5444 HIGH
Debian Linux < 45.9.0 - Memory Corruption
CVSS 7.5
CVE-2017-5430 CRITICAL
Firefox <53 - Memory Corruption
CVSS 9.8
CVE-2017-5429 CRITICAL
Firefox <53 - Memory Corruption
CVSS 9.8
CVE-2017-5413 CRITICAL
Firefox < 52.0 - Use-After-Free in Bidirectional Layout Operations
CVSS 9.8
CVE-2017-5412 HIGH
Firefox < 52.0 - Buffer Overflow Read during SVG Filter Color Value Operations
CVSS 7.5
CVE-2017-5410 CRITICAL
Firefox < 52 - Memory Corruption
CVSS 9.8
CVE-2017-5406 HIGH
Firefox < 52.0 - Use-After-Free in Skia Graphics Library
CVSS 7.5
CVE-2017-5400 CRITICAL
Firefox < 52, Thunderbird < 52 - Memory Corruption
CVSS 9.8
CVE-2017-5399 CRITICAL
Firefox < 52.0 - Memory Corruption
CVSS 9.8
CVE-2017-5398 CRITICAL
Thunderbird <45.7 - Memory Corruption
CVSS 9.8
CVE-2017-5392 CRITICAL
Firefox < 51.0 - Memory Corruption via Weak Proxy Object Handling
CVSS 9.8
CVE-2017-5377 CRITICAL
Firefox < 51.0 - Memory Corruption in Skia Gradient Transforms
CVSS 9.8
CVE-2017-5375 CRITICAL
Thunderbird <45.7, Firefox ESR <45.7, Firefox <51 - Memory Corruption
CVSS 9.8
CVE-2017-5374 CRITICAL
Firefox < 51.0 - Memory Corruption and Remote Code Execution
CVSS 9.8
CVE-2017-5373 CRITICAL
Firefox < 51 and Firefox ESR < 45.7 - Memory Corruption
CVSS 9.8
CVE-2017-18154 HIGH
Android - Memory Corruption via Crafted Binder Request
CVSS 7.8
CVE-2017-18269 CRITICAL
glibc 2.21-2.27 - Memory Corruption via SSE2-optimized memmove Overlap Check
CVSS 9.8
CVE-2017-15855 HIGH
Qualcomm Android MSM Firefox OS and QRD Android - Kernel Buffer Overflow via Camera CPP Module
CVSS 7.8
CVE-2017-6289 HIGH
Android - Memory Corruption in NVIDIA Trusted Execution Environment
CVSS 7.8
CVE-2017-17314 LOW
Huawei DP300, RP200, TE30, TE40, TE50, TE60 Firmware - Unauthenticated Buffer Overflow via Malformed SCCP Messages
CVSS 3.7
CVE-2017-17557 HIGH
Foxit Reader and PhantomPDF < 9.1 - Heap-Based Buffer Overflow via BMP BITMAPINFOHEADER Parsing
CVSS 8.8
CVE-2017-14450 HIGH
SDL_image - Buffer Overflow in GIF Image Parsing
CVSS 7.1
CVE-2017-14442 HIGH
SDL_image - Stack Overflow and Remote Code Execution via BMP Image Rendering
CVSS 8.8
Details
Vulnerabilities 13,992
Exploit Likelihood High