CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

13,993 vulnerabilities with CWE-119
CVE-2017-17130 HIGH
Libav 12.2 - Heap-Based Buffer Overflow in ff_free_picture_tables
CVSS 8.8
CVE-2017-17128 MEDIUM
Libav 12.2 - Denial of Service via Crafted H.264 File
CVSS 6.5
CVE-2017-17126 HIGH
GNU Binutils - Denial of Service via Malformed ELF File
CVSS 7.8
CVE-2017-17124 HIGH
GNU Binutils - Heap-Based Buffer Overflow in COFF String Table Parsing
CVSS 7.8
CVE-2017-17121 HIGH
GNU Binutils - Denial of Service via COFF Binary Relocation Handling
CVSS 7.8
CVE-2017-17114 HIGH
IKARUS anti-virus <2.16.15 - Memory Corruption
CVSS 7.8
CVE-2017-17112 HIGH
IKARUS anti-virus <2.16.15 - Memory Corruption
CVSS 7.8
CVE-2017-17099 HIGH
Flexense SyncBreeze Enterprise <10.1.16 - Buffer Overflow
CVSS 7.8
CVE-2017-8821 HIGH
Tor < 0.2.5.16, 0.2.6-0.2.8 < 0.2.8.17, 0.2.9 < 0.2.9.14, 0.3.0 < 0.3.0.13, 0.3.1 < 0.3.1.9 - DoS via Crafted PEM Input
CVSS 7.5
CVE-2017-17095 HIGH
LibTIFF 4.0.9 - Heap-Based Buffer Overflow in pal2rgb
CVSS 8.8
CVE-2017-10901 HIGH
Princeton PTW-WMS1 Firmware 2.000.012 - Denial of Service via Buffer Overflow
CVSS 7.5
CVE-2017-11282 CRITICAL
Adobe Flash Player < 26.0.0.151 - Memory Corruption in MP4 Atom Parser
CVSS 9.8
CVE-2017-11281 CRITICAL
Adobe Flash Player < 26.0.0.151 - Memory Corruption in Text Handling
CVSS 9.8
CVE-2017-12372 CRITICAL
Cisco WebEx Network Recording Player - RCE
CVSS 9.6
CVE-2017-12371 CRITICAL
Cisco WebEx Network Recording Player - RCE
CVSS 9.6
CVE-2017-12370 CRITICAL
Cisco WebEx Network Recording Player - RCE
CVSS 9.6
CVE-2017-12369 CRITICAL
Cisco WebEx Network Recording Player - Buffer Overflow
CVSS 9.6
CVE-2017-12368 CRITICAL
Cisco WebEx Network Recording Player - RCE
CVSS 9.6
CVE-2017-12367 CRITICAL
Cisco WebEx Network Recording Player - DoS
CVSS 9.6
CVE-2017-12359 MEDIUM
Cisco WebEx Network Recording Player - Buffer Overflow
CVSS 6.5
CVE-2017-8818 CRITICAL
curl and libcurl < 7.57.0 - Denial of Service via Memory Allocation Error
CVSS 9.8
CVE-2017-8020 CRITICAL
EMC ScaleIO 2.0.1.x - Unauthenticated Remote Code Execution via SDBG Service Buffer Overflow
CVSS 9.8
CVE-2017-15275 HIGH
Samba 3.6.0-4.5.14 - Information Disclosure via Heap Memory Exposure
CVSS 7.5
CVE-2017-14586 CRITICAL
Hipchat for Mac 4.0-4.30 - Remote Code Execution via Video Call Link Parsing
CVSS 9.8
CVE-2017-16938 HIGH
OptiPNG 0.7.6 - Buffer Overflow in LZWReadByte Function
CVSS 7.8
Details
Vulnerabilities 13,993
Exploit Likelihood High