CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

13,993 vulnerabilities with CWE-119
CVE-2017-11813 HIGH
Microsoft Windows < - Memory Corruption
CVSS 7.5
CVE-2017-11812 HIGH
ChakraCore and Microsoft Edge - Memory Corruption
CVSS 7.5
CVE-2017-11811 HIGH
ChakraCore & Microsoft Edge - Memory Corruption
CVSS 7.5
CVE-2017-11810 HIGH
Microsoft Windows <10 - Code Injection
CVSS 7.5
CVE-2017-11809 HIGH
ChakraCore & Microsoft Edge - Memory Corruption
CVSS 7.5
CVE-2017-11808 HIGH
ChakraCore & Microsoft Edge - Memory Corruption
CVSS 7.5
CVE-2017-11807 HIGH
ChakraCore & Microsoft Edge in Windows 10 1703 - Memory Corruption
CVSS 7.5
CVE-2017-11806 HIGH
ChakraCore and Microsoft Edge - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2017-11805 HIGH
ChakraCore and Microsoft Edge - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2017-11804 HIGH
ChakraCore & Microsoft Edge - Memory Corruption
CVSS 7.5
CVE-2017-11802 HIGH
ChakraCore & Microsoft Edge - Memory Corruption
CVSS 7.5
CVE-2017-11800 HIGH
Microsoft Edge - Remote Code Execution via Scripting Engine Memory Corruption
CVSS 7.5
CVE-2017-11799 HIGH
ChakraCore & Microsoft Edge - Memory Corruption
CVSS 7.5
CVE-2017-11798 HIGH
Microsoft Edge - Remote Code Execution via Scripting Engine Memory Corruption
CVSS 7.5
CVE-2017-11796 HIGH
ChakraCore and Microsoft Edge in Windows 10 1703 - Memory Corruption
CVSS 7.5
CVE-2017-11793 HIGH
Microsoft Windows - Memory Corruption
CVSS 7.5
CVE-2017-11792 HIGH
ChakraCore & Microsoft Edge in Windows 10 1703 - Memory Corruption
CVSS 7.5
CVE-2017-11774 HIGH KEV
Microsoft Outlook <2016 - Command Injection
CVSS 7.8
CVE-2017-15281 HIGH
ImageMagick - Denial of Service in ReadPSDImage
CVSS 8.8
CVE-2017-5789 CRITICAL
HPE LoadRunner and Performance Center < 12.53 - Remote Code Execution via mxdr_string Heap Overflow
CVSS 9.8
CVE-2017-15264 HIGH
IrfanView 4.44 - Denial of Service via Crafted TIFF File
CVSS 7.8
CVE-2017-15263 HIGH
IrfanView PDF Plugin 4.43 - Denial of Service via Crafted PDF File
CVSS 7.8
CVE-2017-15262 HIGH
IrfanView PDF Plugin 4.43 - Remote Code Execution via Crafted PDF File
CVSS 7.8
CVE-2017-15261 HIGH
IrfanView PDF Plugin 4.43 - Denial of Service via Crafted PDF File
CVSS 7.8
CVE-2017-15260 HIGH
IrfanView PDF Plugin 4.43 - Denial of Service via Crafted PDF File
CVSS 7.8
Details
Vulnerabilities 13,993
Exploit Likelihood High