CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

13,993 vulnerabilities with CWE-119
CVE-2017-9721 HIGH
Android for MSM - Buffer Overflow in Boot Loader Splash Image Parser
CVSS 7.8
CVE-2017-9719 HIGH
Android for MSM, Firefox OS for MSM, QRD Android - Buffer Overflow in HDMI CEC Parsing
CVSS 7.8
CVE-2017-9696 HIGH
Android for MSM - Buffer Over-Read in Camera Driver msm_isp_stop_stats_stream
CVSS 7.5
CVE-2017-11085 HIGH
Android for MSM - Buffer Overflow in msm_audio_effects_virtualizer_handler
CVSS 7.8
CVE-2017-11029 HIGH
Android for MSM - Kernel Buffer Overflow in Camera CPP Module
CVSS 7.8
CVE-2017-11018 HIGH
Android for MSM - Memory Corruption in Camera Driver
CVSS 7.8
CVE-2017-11017 HIGH
Android for MSM - Memory Corruption via Crafted UBI Image
CVSS 7.8
CVE-2017-0866 HIGH
NVIDIA Tegra X1 Firmware - Memory Corruption via Unchecked Userspace Pointer
CVSS 7.8
CVE-2017-16844 CRITICAL
procmail 3.22 - Heap-based Buffer Overflow in loadbuf Function
CVSS 9.8
CVE-2017-8807 CRITICAL
Varnish HTTP Cache 4.1.x < 4.1.9 and 5.x < 5.2.1 - Information Disclosure via VFP_GetStorage Buffer Handling
CVSS 9.1
CVE-2017-16827 HIGH
GNU Binutils - Denial of Service via Crafted ELF File in aout_get_external_symbols
CVSS 7.8
CVE-2017-16826 HIGH
GNU Binutils - Denial of Service via Crafted PE File in coff_slurp_line_table
CVSS 7.8
CVE-2017-11884 HIGH
Microsoft Excel 2016 C2R - Code Injection
CVSS 7.8
CVE-2017-11882 HIGH KEV
Microsoft Office CVE-2017-11882
CVSS 7.8
CVE-2017-11878 HIGH
Microsoft Excel <2016 - Memory Corruption
CVSS 7.8
CVE-2017-11873 HIGH
ChakraCore and Microsoft Edge - Privilege Escalation
CVSS 7.5
CVE-2017-11871 HIGH
ChakraCore and Microsoft Edge - Privilege Escalation
CVSS 7.5
CVE-2017-11870 HIGH
ChakraCore and Microsoft Edge - Privilege Escalation
CVSS 7.5
CVE-2017-11869 HIGH
Microsoft Windows - Privilege Escalation
CVSS 7.5
CVE-2017-11866 HIGH
ChakraCore and Microsoft Edge - Privilege Escalation
CVSS 7.5
CVE-2017-11862 HIGH
ChakraCore and Microsoft Edge - Memory Corruption in Scripting Engine
CVSS 7.5
CVE-2017-11861 HIGH
Microsoft Edge - Memory Corruption in Scripting Engine
CVSS 7.5
CVE-2017-11858 HIGH
Microsoft Browsers - Privilege Escalation
CVSS 7.5
CVE-2017-11856 HIGH
Microsoft Windows - Privilege Escalation
CVSS 7.5
CVE-2017-11855 HIGH
Microsoft Windows - Privilege Escalation
CVSS 7.5
Details
Vulnerabilities 13,993
Exploit Likelihood High