CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

13,992 vulnerabilities with CWE-119
CVE-2017-14890 HIGH
Qualcomm Android <2018-04-05 - Buffer Overflow
CVSS 7.3
CVE-2017-7172 HIGH
Apple <11.2, <10.13.2, <7.2, <12.7.2 - RCE/DoS
CVSS 7.8
CVE-2017-7171 HIGH
Apple <11.2, <10.13.2, <4.2, <11.2 - RCE/DoS
CVSS 7.8
CVE-2017-7167 HIGH
Xcode < 9.2 - Remote Code Execution via ld64 Buffer Overflow
CVSS 7.8
CVE-2017-7165 HIGH
Apple <11.2, <11.0.2, <7.2, <12.7.2 - RCE/DoS
CVSS 8.8
CVE-2017-7071 HIGH
Apple <10.1 - Remote Code Execution
CVSS 8.8
CVE-2017-7066 MEDIUM
iPhone OS < 10.3.3 and tvOS < 10.2.2 - Denial of Service in Wi-Fi Component
CVSS 6.5
CVE-2017-7065 HIGH
Apple <10.3.3, <10.12.6, <10.2.2 - RCE/DoS
CVSS 8.8
CVE-2017-7005 HIGH
Apple <10.3.2, <10.1.1, <10.2.1 - RCE
CVSS 8.8
CVE-2017-7002 HIGH
iPhone OS < 10.3.2 and macOS < 10.12.5 - Remote Code Execution via SQLite Memory Corruption
CVSS 8.8
CVE-2017-7001 HIGH
iPhone OS < 10.3.2 and macOS < 10.12.5 - Remote Code Execution in SQLite
CVSS 8.8
CVE-2017-7000 HIGH
iPhone OS < 10.3.2 and macOS < 10.12.5 - Remote Code Execution via SQLite Memory Corruption
CVSS 8.8
CVE-2017-13904 HIGH
Apple <11.2, <10.13.2, <4.2, <11.2 - RCE/DoS
CVSS 7.8
CVE-2017-13885 HIGH
Safari < 11.0.2 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2017-13884 HIGH
Apple <11.2, <11.0.2, <7.2, <12.7.2 - RCE/DoS
CVSS 8.8
CVE-2017-13854 HIGH
iPhone OS < 11.0 - Remote Code Execution or Denial of Service via Memory Corruption
CVSS 7.8
CVE-2017-13853 HIGH
macOS < 10.12.6 - Remote Code Execution in AppleGraphicsControl
CVSS 7.8
CVE-2017-13850 HIGH
Apple <10.12.6 - DoS/Info Disclosure
CVSS 7.1
CVE-2017-9723 HIGH
synaptics_dsx <2017-06-05 - Buffer Overflow
CVSS 7.8
CVE-2017-9694 HIGH
qcacld <2017-05-16 - Buffer Overflow
CVSS 7.8
CVE-2017-9693 MEDIUM
Android < 2017-06-06 - Memory Corruption
CVSS 5.5
CVE-2017-15823 HIGH
Android - Buffer Overflow in spectral_create_samp_msg()
CVSS 7.8
CVE-2017-14883 CRITICAL
Android <2017-10-18 - Buffer Overflow
CVSS 9.8
CVE-2017-14875 HIGH
Android for MSM <2017-05-23 - Heap Overread
CVSS 7.5
CVE-2017-14912 CRITICAL
Android <2018-01-05 - Info Disclosure
CVSS 9.8
Details
Vulnerabilities 13,992
Exploit Likelihood High