CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

13,993 vulnerabilities with CWE-119
CVE-2017-8738 HIGH
Microsoft Edge - Remote Code Execution via Scripting Engine Memory Corruption
CVSS 7.5
CVE-2017-8737 HIGH
Microsoft Windows PDF Library - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2017-8734 HIGH
Microsoft Edge - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2017-8731 HIGH
Microsoft Edge - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2017-8729 HIGH
Microsoft Edge - Remote Code Execution via Scripting Engine Memory Corruption
CVSS 7.5
CVE-2017-8728 HIGH
Microsoft Windows PDF Library - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2017-8725 HIGH
Microsoft Publisher 2007 SP3 and 2010 SP2 - Remote Code Execution via Memory Corruption
CVSS 7.8
CVE-2017-8696 HIGH
Microsoft Windows Uniscribe - Remote Code Execution via Crafted Document or Email
CVSS 7.5
CVE-2017-8692 HIGH
Windows Uniscribe - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2017-8686 CRITICAL
Windows Server 2012 and 2016 - Remote Code Execution in DHCP Service
CVSS 9.8
CVE-2017-8675 HIGH
Windows Kernel-Mode Drivers - Elevation of Privilege via Win32k Memory Handling
CVSS 7.0
CVE-2017-8660 HIGH
Microsoft Edge - Remote Code Execution via JavaScript Engine Memory Corruption
CVSS 8.8
CVE-2017-8649 HIGH
Microsoft Edge - Remote Code Execution via JavaScript Engine Memory Corruption
CVSS 7.5
CVE-2017-8632 HIGH
Microsoft Excel - Remote Code Execution via Memory Corruption
CVSS 7.8
CVE-2017-8630 HIGH
Microsoft Office 2016 - Remote Code Execution via Memory Corruption
CVSS 7.8
CVE-2017-8567 HIGH
Microsoft Excel for Mac 2011 - Remote Code Execution via Memory Corruption
CVSS 7.8
CVE-2017-11766 HIGH
Microsoft Edge - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2017-11764 HIGH
Microsoft Edge - Remote Code Execution via Scripting Engine Memory Corruption
CVSS 7.5
CVE-2017-14348 HIGH
LibRaw < 0.18.3 - Heap-Based Buffer Overflow in processCanonCameraInfo
CVSS 8.8
CVE-2017-14315 HIGH
iPhone OS 7-9 - Heap Overflow via LEAP Audio Command
CVSS 7.5
CVE-2017-14266 HIGH
Tcpreplay 3.4.4 - Heap-Based Buffer Overflow via Crafted PCAP File
CVSS 7.8
CVE-2017-1000249 MEDIUM
file - Stack-Based Buffer Overflow via Crafted ELF .notes Section
CVSS 5.5
CVE-2017-14310 HIGH
STDU Viewer 1.6.375 - Denial of Service via Crafted .jb2 File
CVSS 7.8
CVE-2017-14309 HIGH
STDU Viewer 1.6.375 - Denial of Service via Crafted .jb2 File
CVSS 7.8
CVE-2017-14308 HIGH
STDU Viewer 1.6.375 - Denial of Service via Crafted JB2 File
CVSS 7.8
Details
Vulnerabilities 13,993
Exploit Likelihood High