CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

13,993 vulnerabilities with CWE-119
CVE-2017-14749 HIGH
JerryScript 1.0 - DoS/Code Injection
CVSS 7.8
CVE-2017-9962 HIGH
Schneider Electric ClearSCADA < 2017 - Memory Corruption via Malformed Requests
CVSS 7.5
CVE-2017-14734 HIGH
libbpg 0.9.7 - Heap-Based Buffer Overflow via Crafted BPG File
CVSS 8.8
CVE-2017-14729 HIGH
GNU Binutils 2.29 - Heap-Based Buffer Overflow in BFD Library via Crafted ELF File
CVSS 7.8
CVE-2017-14727 HIGH
WeeChat logger - Denial of Service via strftime Date/Time Specifiers
CVSS 7.5
CVE-2017-14627 HIGH
CyberLink LabelPrint 2.5 - Stack-based Buffer Overflow via LPP Project File Parameters
CVSS 7.8
CVE-2017-14694 HIGH
Foxit Reader <8.3.2.25013 & Foxit PhantomPDF <8.3.2.25013 - RCE/DoS
CVSS 7.8
CVE-2017-14693 HIGH
IrfanView 4.44 - Denial of Service via Crafted .djvu File
CVSS 7.8
CVE-2017-14692 HIGH
STDU Viewer 1.6.375 - Remote Code Execution via Crafted .jb2 File
CVSS 7.8
CVE-2017-14691 HIGH
STDU Viewer 1.6.375 - Denial of Service via Crafted .jb2 File
CVSS 7.8
CVE-2017-14690 HIGH
STDU Viewer 1.6.375 - Remote Code Execution via Crafted .jb2 File
CVSS 7.8
CVE-2017-14689 HIGH
STDU Viewer 1.6.375 - Denial of Service via Crafted .djvu File
CVSS 7.8
CVE-2017-14688 HIGH
STDU Viewer 1.6.375 - Denial of Service via Crafted .djvu File
CVSS 7.8
CVE-2017-14637 CRITICAL
sam2p 0.49.3 - Memory Corruption in parse_rgb Function
CVSS 9.8
CVE-2017-14687 HIGH
Artifex MuPDF 1.11 - Denial of Service via Crafted .xps File
CVSS 7.8
CVE-2017-14686 HIGH
Artifex MuPDF 1.11 - Remote Code Execution via Crafted .xps File
CVSS 7.8
CVE-2017-14685 HIGH
Artifex MuPDF 1.11 - Denial of Service via Crafted .xps File
CVSS 7.8
CVE-2017-14682 HIGH
ImageMagick 7.0.6 - Heap-Based Buffer Overflow via Crafted SVG Document
CVSS 8.8
CVE-2017-9677 HIGH
Android < 8.0 - Buffer Overflow via Race Condition in msm_compr_ioctl_shared
CVSS 7.8
CVE-2017-8280 HIGH
Android < 8.0 - Memory Corruption via WLAN Calibration Data Race Condition
CVSS 7.0
CVE-2017-11000 HIGH
Android < 8.0 - Out-of-Bounds Write in ISP Camera Kernel Driver
CVSS 7.8
CVE-2017-10999 HIGH
Android < 8.0 - Memory Corruption via Concurrent RMNET_IOCTL_ADD_MUX_CHANNEL Calls
CVSS 7.8
CVE-2017-10998 HIGH
Android < 8.0 - Memory Corruption via Audio AIO ION Buffer Length Overflow
CVSS 7.8
CVE-2017-10997 HIGH
Android < 8.0 - Memory Corruption via PCIe Register Debugfs Write
CVSS 7.8
CVE-2017-14160 HIGH
libvorbis 1.3.5 - Denial of Service via Crafted MP4 File
CVSS 8.8
Details
Vulnerabilities 13,993
Exploit Likelihood High