CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

13,993 vulnerabilities with CWE-119
CVE-2017-7111 HIGH
Safari < 10.1.2 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2017-7110 CRITICAL
iPhone OS < 10.3.3, tvOS < 10.2.2, watchOS < 3.2.3 - Remote Code Execution or Denial of Service via Wi-Fi Traffic
CVSS 9.8
CVE-2017-7108 CRITICAL
iPhone OS < 10.3.3, tvOS < 10.2.2, watchOS < 3.2.3 - RCE or DoS via Crafted Wi-Fi Traffic
CVSS 9.8
CVE-2017-7107 HIGH
Safari < 10.1.2 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2017-7105 CRITICAL
iPhone OS < 10.3.3, tvOS < 10.2.2, watchOS < 3.2.3 - Remote Code Execution or Denial of Service via Wi-Fi Traffic
CVSS 9.8
CVE-2017-7104 HIGH
Safari < 10.1.2 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2017-7103 CRITICAL
iPhone OS < 10.3.3, tvOS < 10.2.2, watchOS < 3.2.3 - Remote Code Execution or Denial of Service via Wi-Fi Component
CVSS 9.8
CVE-2017-7102 HIGH
Safari < 10.1.2 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2017-7100 HIGH
Safari < 10.1.2 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2017-7099 HIGH
Safari < 10.1.2 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2017-7098 HIGH
Safari < 10.1.2 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2017-7097 MEDIUM
iPhone OS < 10.3.3 - Denial of Service via Crafted Image in Mail MessageUI
CVSS 5.5
CVE-2017-7096 HIGH
Apple Products <11 - Memory Corruption
CVSS 8.8
CVE-2017-7095 HIGH
Safari < 10.1.2 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2017-7094 HIGH
Safari < 10.1.2 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2017-7093 HIGH
Safari < 10.1.2 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2017-7092 HIGH
Safari < 10.1.2 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2017-7091 HIGH
Safari < 10.1.2 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2017-7087 HIGH
Safari < 10.1.2 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2017-7081 HIGH
Safari < 10.1.2 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2017-7077 HIGH
macOS < 10.12.6 - Memory Corruption in IOFireWireFamily
CVSS 7.8
CVE-2017-7076 HIGH
macOS < 10.12.6 - Remote Code Execution via Crafted Mach-O File
CVSS 7.8
CVE-2017-15804 CRITICAL
glibc < 2.26 - Buffer Overflow in glob Function via User Name Unescaping
CVSS 9.8
CVE-2017-15789 HIGH
XnView Classic 2.43 - Remote Code Execution via Crafted DWG File
CVSS 7.8
CVE-2017-15788 HIGH
XnView Classic 2.43 - Remote Code Execution via Crafted DWG File
CVSS 7.8
Details
Vulnerabilities 13,993
Exploit Likelihood High