CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

13,993 vulnerabilities with CWE-119
CVE-2017-13090 HIGH
GNU Wget < 1.19.2 - Heap-Based Buffer Overflow via Negative Chunk Length
CVSS 8.8
CVE-2017-13089 HIGH
GNU Wget < 1.19.2 - Heap-Based Buffer Overflow via Negative Chunk Length
CVSS 8.8
CVE-2017-6163 MEDIUM
F5 BIG-IP 11.4.0-11.5.4, 11.6.0-11.6.1, 12.0.0-12.1.2 DoS via HTTP/2 or SPDY Stream Limit Bypass
CVSS 5.9
CVE-2017-6162 MEDIUM
F5 BIG-IP 11.2.1-12.1.2 DoS via TCP Traffic Processing
CVSS 5.9
CVE-2017-5122 HIGH
Google Chrome <61.0.3163.100 - Memory Corruption
CVSS 8.8
CVE-2017-5119 MEDIUM
Google Chrome <61.0.3163.79-61.0.3163.81 - Info Disclosure
CVSS 4.3
CVE-2017-5114 HIGH
Google Chrome <61.0.3163.79-61.0.3163.81 - Memory Corruption
CVSS 8.8
CVE-2017-5112 HIGH
Google Chrome <61.0.3163.79 - Buffer Overflow
CVSS 8.8
CVE-2017-5064 HIGH
Google Chrome <58.0.3029.81 - Heap Corruption
CVSS 8.8
CVE-2017-5052 HIGH
Google Chrome <57.0.2987.133-57.0.2987.132 - Memory Corruption
CVSS 8.8
CVE-2017-12705 HIGH
Advantech WebOP - Heap-Based Buffer Overflow via Maliciously Crafted Project File
CVSS 7.8
CVE-2017-13772 HIGH
TP-Link WR940N Hardware v4 - Authenticated Remote Code Execution via PingIframeRpm.htm or WanStaticIpV6CfgRpm.htm
CVSS 8.8
CVE-2017-14328 HIGH
Extreme EXOS <22.x - Buffer Overflow
CVSS 7.5
CVE-2017-7137 HIGH
Xcode < 8.3.3 - Remote Code Execution via Crafted Mach-O File
CVSS 7.8
CVE-2017-7136 HIGH
Xcode < 8.3.3 - Remote Code Execution via Crafted Mach-O File
CVSS 7.8
CVE-2017-7135 HIGH
Xcode < 8.3.3 - Remote Code Execution via Crafted Mach-O File
CVSS 7.8
CVE-2017-7134 HIGH
Xcode < 8.3.3 - Remote Code Execution via Crafted Mach-O File
CVSS 7.8
CVE-2017-7130 CRITICAL
iPhone OS < 10.3.3, macOS < 10.12.6, tvOS < 10.2.2, watchOS < 3.2.3 - Denial of Service in SQLite
CVSS 9.8
CVE-2017-7129 CRITICAL
iPhone OS < 10.3.3, macOS < 10.12.6, tvOS < 10.2.2, watchOS < 3.2.3 - Memory Corruption in SQLite
CVSS 9.8
CVE-2017-7128 CRITICAL
iPhone OS < 10.3.3, macOS < 10.12.6, tvOS < 10.2.2, watchOS < 3.2.3 - Denial of Service in SQLite
CVSS 9.8
CVE-2017-7127 HIGH
Apple <11 - RCE/DoS
CVSS 7.8
CVE-2017-7120 HIGH
Safari < 10.1.2 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2017-7117 HIGH
Safari < 10.1.2 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2017-7114 HIGH
iPhone OS < 10.3.3, macOS < 10.12.6, tvOS < 10.2.2, watchOS < 3.2.3 - Kernel Memory Corruption
CVSS 7.8
CVE-2017-7112 CRITICAL
iPhone OS < 10.3.3, tvOS < 10.2.2, watchOS < 3.2.3 - Remote Code Execution or Denial of Service via Wi-Fi
CVSS 9.8
Details
Vulnerabilities 13,993
Exploit Likelihood High