CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

13,993 vulnerabilities with CWE-119
CVE-2017-15802 HIGH
XnView Classic 2.43 - Denial of Service via Crafted DLL Icon Rendering
CVSS 7.8
CVE-2017-15801 HIGH
XnView Classic 2.43 - Denial of Service via Crafted DLL Icon Rendering
CVSS 7.8
CVE-2017-15670 CRITICAL
glibc < 2.26 - Heap-Based Buffer Overflow in glob Function via Home Directory Processing
CVSS 9.8
CVE-2017-15650 HIGH
musl libc < 1.1.17 - Buffer Overflow via Crafted DNS Reply
CVSS 7.5
CVE-2017-12293 HIGH
Cisco WebEx Meetings Server - Unauthenticated Denial of Service via Connection Exhaustion
CVSS 8.6
CVE-2017-12260 HIGH
Cisco Small Business SPA50x/51x/52x IP Phones < 7.6.2 - DoS via SIP Request
CVSS 7.5
CVE-2017-12259 HIGH
Cisco Small Business SPA51x Series IP Phones < 7.6.2SR1 - Denial of Service via Malformed SIP Messages
CVSS 7.5
CVE-2017-15601 HIGH
GNU Libextractor 1.4 - Heap-Based Buffer Overflow in PNG iTXt Chunk Processing
CVSS 7.5
CVE-2017-8022 HIGH
EMC NetWorker < 8.2.4.9, 9.0.x, < 9.1.1.3, < 9.2.0.4 - Remote Code Execution via Buffer Overflow in nsrd
CVSS 8.1
CVE-2017-13999 CRITICAL
WECON LEVI Studio HMI Editor <1.8.1 - Buffer Overflow
CVSS 9.8
CVE-2017-6273 HIGH
NVIDIA ADSP Firmware - Buffer Overflow in ADSP Loader
CVSS 7.8
CVE-2017-15385 HIGH
radare2 2.0.0 - Denial of Service via Crafted ELF File
CVSS 7.8
CVE-2017-15221 HIGH
ASX to MP3 Converter 3.1.3.7.2010.11.05 - Buffer Overflow via Crafted M3U File
CVSS 7.8
CVE-2017-15372 MEDIUM
Sound eXchange 14.4.2 - Stack-Based Buffer Overflow in ADPCM Block Expansion
CVSS 5.5
CVE-2017-15370 MEDIUM
Sound eXchange 14.4.2 - Heap-Based Buffer Overflow in ImaExpandS Function
CVSS 5.5
CVE-2017-8727 HIGH
Windows Text Services Framework - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2017-8726 MEDIUM
Microsoft Edge - Remote Code Execution via Memory Corruption
CVSS 4.3
CVE-2017-8718 HIGH
Microsoft JET Database Engine - Remote Code Execution via Memory Corruption
CVSS 7.8
CVE-2017-8717 HIGH
Microsoft JET Database Engine - Remote Code Execution via Memory Corruption
CVSS 7.8
CVE-2017-8703 MEDIUM
Windows Subsystem for Linux on Windows 10 1703 - Denial of Service via Memory Handling
CVSS 5.5
CVE-2017-11826 HIGH KEV
Microsoft Office - Remote Code Execution via Memory Corruption
CVSS 7.8
CVE-2017-11825 HIGH
Microsoft Office 2016 Click-to-Run and for Mac - Remote Code Execution via Crafted File
CVSS 7.8
CVE-2017-11822 HIGH
Microsoft Windows - Memory Corruption
CVSS 7.5
CVE-2017-11821 HIGH
ChakraCore & Microsoft Edge in Windows 10 1703 - Memory Corruption
CVSS 7.5
CVE-2017-11819 HIGH
Microsoft Windows 7 SP1 - Remote Code Execution via Memory Corruption
CVSS 7.5
Details
Vulnerabilities 13,993
Exploit Likelihood High