CWE-119
High likelihoodImproper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
13,993 vulnerabilities with CWE-119
CVE-2017-12818
HIGH
Sentinel LDK RTE < 7.55 - Denial of Service via Custom XML Parser
CVSS 7.5
CVE-2017-0810
HIGH
Android 6.0 6.0.1 7.0 7.1.1 7.1.2 8.0 - Remote Code Execution in libmpeg2
CVSS 7.8
CVE-2017-0809
HIGH
Android 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0 - Remote Code Execution in libstagefright
CVSS 7.8
CVE-2017-14493
CRITICAL
dnsmasq <2.78 - Buffer Overflow
CVSS 9.8
CVE-2017-14492
CRITICAL
dnsmasq <2.78 - Buffer Overflow
CVSS 9.8
CVE-2017-12639
CRITICAL
Ipswitch IMail Server <= 12.5.5 - Stack-Based Buffer Overflow
CVSS 9.8
CVE-2017-12638
CRITICAL
Ipswitch IMail Server <= 12.5.5 - Stack-Based Buffer Overflow in IMmailSrv
CVSS 9.8
CVE-2017-11498
HIGH
Gemalto Sentinel LDK RTE HASP SRM 2.10-Sentinel LDK 7.50 - Denial of Service via Malformed Language Pack HTML Files
CVSS 7.5
CVE-2017-11497
CRITICAL
Gemalto Sentinel LDK RTE HASP SRM 2.10-Sentinel LDK 7.50 - Remote Code Execution via Long Filename in Language Pack
CVSS 9.8
CVE-2017-11496
CRITICAL
Gemalto Sentinel LDK RTE HASP SRM 2.10-Sentinel LDK 7.50 - Remote Code Execution via Malformed ASN.1 Stream
CVSS 9.8
CVE-2017-14947
HIGH
Artifex GSView 6.0 Beta - Remote Code Execution or Denial of Service via Crafted XPS File
CVSS 7.8
CVE-2017-14946
HIGH
Artifex GSView 6.0 Beta - Denial of Service via Crafted PDF File
CVSS 7.8
CVE-2017-14945
HIGH
Artifex GSView 6.0 Beta - Denial of Service via Crafted PDF File
CVSS 7.8
CVE-2017-13684
HIGH
Unisys MCP-FIRMWARE < 43.185 - Authenticated Denial of Service via Incorrect Literal Handling
CVSS 7.8
CVE-2017-14866
MEDIUM
Exiv2 - Heap-Based Buffer Overflow in Exiv2::s2Data Function
CVSS 5.5
CVE-2017-14865
MEDIUM
exiv2 - Heap-Based Buffer Overflow in Exiv2::us2Data
CVSS 5.5
CVE-2017-14864
MEDIUM
exiv2 0.26 - Denial of Service via Invalid Memory Address Dereference in Exiv2::getULong
CVSS 5.5
CVE-2017-14862
MEDIUM
exiv2 - Denial of Service via Invalid Memory Address Dereference in DataValue::read
CVSS 5.5
CVE-2017-14859
MEDIUM
exiv2 0.26 - Denial of Service via Invalid Memory Address Dereference in StringValueBase
CVSS 5.5
CVE-2017-14858
MEDIUM
Exiv2 - Heap-Based Buffer Overflow in Exiv2::l2Data Function
CVSS 5.5
CVE-2017-12240
CRITICAL
KEV
Cisco IOS 12.2-15.6 and IOS XE - Unauthenticated Remote Code Execution via DHCPv4 Packet Buffer Overflow
CVSS 9.8
CVE-2017-12814
CRITICAL
perl < 5.24.3-RC1 and 5.26.x < 5.26.1-RC1 - Stack-based Buffer Overflow via Long Environment Variable
CVSS 9.8
CVE-2017-11121
CRITICAL
Broadcom BCM4355C0 Wi-Fi Firmware 9.44.78.27.0.1.56 - Heap and Stack Overflow via Malicious Fast Transition Frames
CVSS 9.8
CVE-2017-11120
CRITICAL
Broadcom BCM4355C0 Wi-Fi Firmware 9.44.78.27.0.1.56 - Buffer Overflow via Malformed RRM Neighbor Report Frame
CVSS 9.8
CVE-2017-14767
HIGH
FFmpeg < 3.3.3 - Heap Buffer Overflow via Empty sprop-parameter-sets in SDP File
CVSS 8.8
Details
Vulnerabilities
13,993
Exploit Likelihood
High