CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

13,992 vulnerabilities with CWE-119
CVE-2017-14385 HIGH
EMC Data Domain DD OS 5.7-6.1 - Unauthenticated Remote Code Execution via SMBv1 Memory Overflow
CVSS 7.5
CVE-2017-16725 CRITICAL
Xiongmai Technology IP Cameras & DVRs - Buffer Overflow
CVSS 9.8
CVE-2017-16717 HIGH
WECON LeviStudio HMI - Buffer Overflow
CVSS 8.6
CVE-2017-4941 HIGH
VMware Fusion 8.0.0-8.5.8 & Workstation 12.0.0-12.5.7 - Remote Code Execution via VNC
CVSS 8.8
CVE-2017-17088 HIGH
SyncBreeze < 10.2.12 - Denial of Service via Host Header Buffer Overflow
CVSS 7.5
CVE-2017-15048 HIGH
Zoom < 2.0.115900.1201 - Remote Code Execution via zoommtg:// Scheme Handler
CVSS 8.8
CVE-2017-17740 HIGH
OpenLDAP < 2.4.45 - Denial of Service via Member MODDN Operation
CVSS 7.5
CVE-2017-3196 HIGH
PCAUSA Rawether - Local Privilege Escalation via BPF Program Memory Corruption
CVSS 7.8
CVE-2017-3195 CRITICAL
Commvault Edge < 11 SP7 or 11 SP6 < Hotfix 590 - Stack-Based Buffer Overflow
CVSS 9.8
CVE-2017-3193 HIGH
D-Link DIR-850L Firmware 1.14B07 and 2.07.B05 - Stack-based Buffer Overflow in HNAP Service
CVSS 8.8
CVE-2017-17684 HIGH
Panda Global Protection 17.0.1 - Denial of Service via PSMEMDriver DeviceIoControl Request
CVSS 7.5
CVE-2017-17683 HIGH
Panda Global Protection 17.0.1 - Denial of Service via PSMEMDriver DeviceIoControl Request
CVSS 7.5
CVE-2017-17664 MEDIUM
Asterisk 13.x < 13.18.4, 14.x < 14.7.4, 15.x < 15.1.4 - Remote DoS via RTCP Packet Processing
CVSS 5.9
CVE-2017-17563 HIGH
Xen < 4.9.1 - Denial of Service and Privilege Escalation via Shadow Mode Reference-Count Overflow
CVSS 7.8
CVE-2017-11935 HIGH
Microsoft Office 2016 Click-to-Run (C2R) - Remote Code Execution via Memory Corruption
CVSS 7.8
CVE-2017-11930 HIGH
Microsoft Windows <10.0 - Code Injection
CVSS 7.5
CVE-2017-11918 HIGH
ChakraCore and Microsoft Edge - Privilege Escalation
CVSS 7.5
CVE-2017-11916 HIGH
ChakraCore < 1.7.5 - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2017-11914 HIGH
ChakraCore and Microsoft Edge - Privilege Escalation
CVSS 7.5
CVE-2017-11913 HIGH
Internet Explorer - Memory Corruption
CVSS 7.5
CVE-2017-11912 HIGH
Microsoft Windows - Privilege Escalation
CVSS 7.5
CVE-2017-11911 HIGH
ChakraCore & Windows - Memory Corruption
CVSS 7.5
CVE-2017-11910 HIGH
ChakraCore and Windows - Memory Corruption
CVSS 7.5
CVE-2017-11909 HIGH
ChakraCore and Windows 10/Server - Memory Corruption
CVSS 7.5
CVE-2017-11908 HIGH
ChakraCore & Windows 10 1709 - Memory Corruption
CVSS 7.5
Details
Vulnerabilities 13,992
Exploit Likelihood High