CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

13,993 vulnerabilities with CWE-119
CVE-2017-2714 HIGH
FusionSphere OpenStack <= V100R005C10SPC705 - Authenticated Buffer Overflow in GaussDB
CVSS 8.0
CVE-2017-2698 HIGH
Huawei P8 Firmware < GRA-UL00C00B197 - Authenticated Buffer Overflow in ddr_devfreq Driver
CVSS 7.8
CVE-2017-2697 HIGH
Huawei GT3 Firmware < NMO-L31C432B120 - Buffer Overflow in Goldeneye Driver
CVSS 7.8
CVE-2017-2696 HIGH
Huawei Y6II Firmware <= CAM-L21C10B130 and <= CAM-L21C185B141 - Authenticated Buffer Overflow in emerg_data Driver
CVSS 7.8
CVE-2017-5712 HIGH
Intel Manageability Engine Firmware 8.x-11.20 - Authenticated Buffer Overflow in Active Management Technology
CVSS 7.2
CVE-2017-5711 HIGH
Intel Manageability Engine Firmware 8.x-11.20 - Buffer Overflow
CVSS 7.8
CVE-2017-5707 HIGH
Intel Trusted Execution Engine Firmware 3.0 - Buffer Overflow
CVSS 7.8
CVE-2017-5706 HIGH
Intel Server Platform Services Firmware 4.0 - Buffer Overflow
CVSS 7.8
CVE-2017-5705 HIGH
Intel Manageability Engine Firmware 11.0/11.5/11.6/11.7/11.10/11.20 - Buffer Overflow
CVSS 7.8
CVE-2017-16902 HIGH
Vonage VDV-23 115 <3.2.11-0.9.40 - DoS
CVSS 7.5
CVE-2017-16898 MEDIUM
libming < 0.4.8 - Denial of Service via Crafted MP3 File
CVSS 5.5
CVE-2017-1000127 MEDIUM
Exiv2 0.26 - Heap Buffer Overflow in TIFF Parser
CVSS 5.5
CVE-2017-1000206 CRITICAL
samtools htslib <1.4.0 - Buffer Overflow
CVSS 9.8
CVE-2017-4934 HIGH
VMware Workstation/Fusion <12.5.8/<8.5.9 - Buffer Overflow
CVSS 8.8
CVE-2017-16872 CRITICAL
PJSIP <2.7.1 - Buffer Overflow
CVSS 9.8
CVE-2017-16869 HIGH
UPX 3.94 - Denial of Service via Crafted Mach-O File
CVSS 7.8
CVE-2017-1000198 HIGH
tcmu-runner 0.9.0-1.2.0 - Denial of Service via Invalid Memory Reference in handler_glfs.so
CVSS 7.5
CVE-2017-1000210 CRITICAL
picoTCP <1.7.0-1.5.0 - Buffer Overflow
CVSS 9.8
CVE-2017-1000187 HIGH
SWFTools - Buffer Overflow in FoFiTrueType::writeTTF()
CVSS 7.8
CVE-2017-1000186 MEDIUM
SWFTools - Stack Overflow in pdf2swf
CVSS 5.5
CVE-2017-1000185 MEDIUM
SWFTools - Buffer Overflow in gif2swf via memcpy
CVSS 5.5
CVE-2017-1000176 MEDIUM
SWFTools - Buffer Overflow via memcpy in swfc
CVSS 5.5
CVE-2017-1000174 MEDIUM
SWFTools - Memory Corruption in swfdump swf_GetBits()
CVSS 5.5
CVE-2017-1000218 CRITICAL
LightFTP 1.1 - Buffer Overflow in writelogentry Function
CVSS 9.8
CVE-2017-0842 HIGH
Android <8.0 - Privilege Escalation
CVSS 7.8
Details
Vulnerabilities 13,993
Exploit Likelihood High