CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

13,992 vulnerabilities with CWE-119
CVE-2017-1000437 CRITICAL
Creolabs Gravity 1.0 - Buffer Overflow
CVSS 9.8
CVE-2017-1000430 CRITICAL
rust-base64 <=0.5.1 - Buffer Overflow
CVSS 9.8
CVE-2017-1000456 HIGH
libpoppler 0.60.1 - Buffer Overflow
CVSS 8.8
CVE-2017-1000418 HIGH
WildMIDI < 0.4.1 - Heap-Based Buffer Overflow via Crafted File
CVSS 7.8
CVE-2017-17760 MEDIUM
OpenCV 3.3.1 - Buffer Overflow in cv::PxMDecoder::readData
CVSS 6.5
CVE-2017-17968 CRITICAL
NetTransport Download Manager < 2.96l - Remote Code Execution via Long HTTP Response
CVSS 9.8
CVE-2017-17932 CRITICAL
ALLPlayer ALLMediaServer <= 0.95 - Remote Code Execution via TCP Port 888 Buffer Overflow
CVSS 9.8
CVE-2017-11698 HIGH
Mozilla Network Security Services - Heap-Based Buffer Overflow in __get_page Function
CVSS 7.8
CVE-2017-11697 HIGH
Mozilla Network Security Services - Denial of Service via Crafted cert8.db File
CVSS 7.8
CVE-2017-11696 HIGH
Mozilla Network Security Services - Heap-based Buffer Overflow in __hash_open Function
CVSS 7.8
CVE-2017-11695 HIGH
Mozilla Network Security Services - Heap-based Buffer Overflow in alloc_segs Function
CVSS 7.8
CVE-2017-7163 HIGH
macOS < 10.13.2 - Memory Corruption in Intel Graphics Driver
CVSS 7.8
CVE-2017-7162 HIGH
Apple <11.2, <10.13.2, <4.2, <11.2 - RCE/DoS
CVSS 7.8
CVE-2017-7160 HIGH
Safari < 11.0.2 - Remote Code Execution via Memory Corruption
CVSS 8.8
CVE-2017-7159 HIGH
macOS < 10.13.2 - Remote Code Execution in IOAcceleratorFamily
CVSS 7.8
CVE-2017-7158 MEDIUM
Apple <10.13.2 - Privilege Escalation
CVSS 6.5
CVE-2017-7157 HIGH
Apple <11.2 - Remote Code Execution
CVSS 8.8
CVE-2017-7156 HIGH
Safari < 11.0.2 - Remote Code Execution via Memory Corruption
CVSS 8.8
CVE-2017-7155 HIGH
macOS < 10.13.2 - Remote Code Execution in Intel Graphics Driver
CVSS 7.8
CVE-2017-17866 HIGH
Artifex MuPDF < 1.12.0 - Buffer Overflow via Crafted PDF Document
CVSS 7.8
CVE-2017-17857 HIGH
Linux Kernel 4.14-4.14.8 - Memory Corruption via BPF Verifier Stack Boundary Check
CVSS 7.8
CVE-2017-17856 HIGH
Linux Kernel < 4.14.9 - Memory Corruption via BPF Verifier Stack-Pointer Misalignment
CVSS 7.8
CVE-2017-17855 HIGH
Linux Kernel < 4.14.9 - Memory Corruption via BPF Verifier Pointer Handling
CVSS 7.8
CVE-2017-17853 HIGH
Linux Kernel 4.14-4.14.8 - Memory Corruption via BPF Verifier Signed Bounds Miscalculations
CVSS 7.8
CVE-2017-17852 HIGH
Linux Kernel 4.14-4.14.8 - Memory Corruption via BPF Verifier 32-bit ALU Operations
CVSS 7.8
Details
Vulnerabilities 13,992
Exploit Likelihood High