CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

13,992 vulnerabilities with CWE-119
CVE-2017-17849 CRITICAL
GetGo Download Manager < 5.3.0.2712 - Remote Code Execution via Long HTTP Response
CVSS 9.8
CVE-2017-17840 HIGH
open-iscsi < 2.0.875 - Buffer Overflow via Unvalidated Payload Length in iscsid_ipc
CVSS 7.8
CVE-2017-16996 HIGH
Linux kernel <4.14.8 - Memory Corruption
CVSS 7.8
CVE-2017-16995 HIGH
Linux BPF Sign Extension Local Privilege Escalation
CVSS 7.8
CVE-2017-13883 HIGH
macOS < 10.13.2 - Remote Code Execution in Intel Graphics Driver
CVSS 7.8
CVE-2017-13879 HIGH
iPhone OS < 11.2 - Remote Code Execution or Denial of Service in IOMobileFrameBuffer
CVSS 7.8
CVE-2017-13876 HIGH
Apple <11.2, <10.13.2, <4.2, <11.2 - RCE/DoS
CVSS 7.8
CVE-2017-13870 HIGH
Safari < 11.0.2 - Remote Code Execution via Memory Corruption
CVSS 8.8
CVE-2017-13867 HIGH
Apple <11.2, <10.13.2, <4.2, <11.2 - RCE/DoS
CVSS 7.8
CVE-2017-13866 HIGH
Safari < 11.0.2 - Remote Code Execution via Memory Corruption
CVSS 8.8
CVE-2017-13862 HIGH
Apple <11.2, <10.13.2, <4.2, <11.2 - RCE/DoS
CVSS 7.8
CVE-2017-13861 HIGH
Safari Webkit Proxy Object Type Confusion
CVSS 7.8
CVE-2017-13856 HIGH
Safari < 11.0.2 - Remote Code Execution via Memory Corruption
CVSS 8.8
CVE-2017-13847 HIGH
iPhone OS < 11.2 and macOS < 10.13.2 - Memory Corruption in IOKit
CVSS 7.8
CVE-2017-15311 HIGH
Huawei Mate 10, Mate 10 Pro, Mate 9, Mate 9 Pro Firmware - Stack Overflow via Malicious Baseband Packets
CVSS 8.8
CVE-2017-10869 HIGH
Dena H2o < 2.2.2 - Memory Corruption
CVSS 7.5
CVE-2017-17033 CRITICAL
QNAP QTS <4.3.4.0387 - Buffer Overflow
CVSS 9.8
CVE-2017-17032 CRITICAL
QNAP QTS <4.3.4.0387 - Buffer Overflow
CVSS 9.8
CVE-2017-17031 CRITICAL
QNAP QTS Buffer Overflow in Password Function
CVSS 9.8
CVE-2017-17030 CRITICAL
QNAP QTS <4.3.4.0387 - Buffer Overflow
CVSS 9.8
CVE-2017-17029 CRITICAL
QNAP QTS Remote Code Execution via Login Buffer Overflow
CVSS 9.8
CVE-2017-17028 CRITICAL
QNAP QTS - Buffer Overflow in External Device Function
CVSS 9.8
CVE-2017-17027 CRITICAL
QNAP QTS <4.3.4.0387 - Buffer Overflow
CVSS 9.8
CVE-2017-17821 CRITICAL
Safari - Buffer Overflow in WTF FastBitVector
CVSS 9.8
CVE-2017-17811 MEDIUM
Netwide Assembler 2.14rc0 - Denial of Service via Heap-Based Buffer Overflow in paste_tokens
CVSS 5.5
Details
Vulnerabilities 13,992
Exploit Likelihood High