CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

13,993 vulnerabilities with CWE-119
CVE-2017-14515 HIGH
Tenda W15E <15.11.0.14 - Buffer Overflow
CVSS 7.5
CVE-2017-14497 HIGH
Linux Kernel < 4.13 - Denial of Service via tpacket_rcv Vnet Header Mishandling
CVSS 7.8
CVE-2017-10814 MEDIUM
Corega CG-WLR300NM <= 1.90 - Buffer Overflow
CVSS 6.8
CVE-2017-0781 HIGH
Android 4.4.4 5.0.2 5.1.1 6.0 6.0.1 7.0 7.1.1 7.1.2 8.0 - Remote Code Execution in Bluetooth
CVSS 8.8
CVE-2017-13011 CRITICAL
tcpdump < 4.9.2 - Buffer Overflow in util-print.c bittok2str_internal()
CVSS 9.8
CVE-2017-2816 HIGH
LibOFX 0.9.11 - Stack-Based Buffer Overflow in Tag Parsing
CVSS 8.8
CVE-2017-7441 HIGH
Sophos SurfRight HitmanPro <3.7.20 Build 286 - Info Disclosure
CVSS 7.8
CVE-2017-6008 HIGH
Sophos HitmanPro < 3.7.20 - Local Privilege Escalation via Malformed IOCTL Call
CVSS 7.8
CVE-2017-6007 MEDIUM
Sophos HitmanPro < 3.7.20 - Kernel Pool Overflow via IOCTL Call
CVSS 5.5
CVE-2017-14398 HIGH
Razer Synapse 2.20.15.1104 - Privilege Escalation
CVSS 7.8
CVE-2017-8757 HIGH
Microsoft Edge - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2017-8756 HIGH
Microsoft Edge - Remote Code Execution via Scripting Engine Memory Corruption
CVSS 7.5
CVE-2017-8755 HIGH
Microsoft Edge - Remote Code Execution via Scripting Engine Memory Corruption
CVSS 7.5
CVE-2017-8753 HIGH
Microsoft Edge - Remote Code Execution via Scripting Engine Memory Corruption
CVSS 7.5
CVE-2017-8752 HIGH
Microsoft Edge - Remote Code Execution via Scripting Engine Memory Corruption
CVSS 7.5
CVE-2017-8751 HIGH
Microsoft Edge - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2017-8750 HIGH
Internet Explorer and Microsoft Edge - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2017-8749 HIGH
Internet Explorer - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2017-8748 HIGH
Microsoft Edge and Internet Explorer - Remote Code Execution via JavaScript Engine Memory Corruption
CVSS 7.5
CVE-2017-8747 HIGH
Internet Explorer - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2017-8744 HIGH
Microsoft Excel 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, 2016 - Remote Code Execution via Memory Corruption
CVSS 7.8
CVE-2017-8743 HIGH
Microsoft PowerPoint 2016, SharePoint Enterprise Server 2016, and Office Online Server - Remote Code Execution
CVSS 7.8
CVE-2017-8742 HIGH
Microsoft PowerPoint 2007 SP3-2016 - Remote Code Execution via Memory Corruption
CVSS 7.8
CVE-2017-8741 HIGH
Internet Explorer and Microsoft Edge - Remote Code Execution via JavaScript Engine Memory Corruption
CVSS 7.5
CVE-2017-8740 HIGH
Microsoft Edge - Remote Code Execution via Scripting Engine Memory Corruption
CVSS 7.5
Details
Vulnerabilities 13,993
Exploit Likelihood High