CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

13,993 vulnerabilities with CWE-119
CVE-2017-12912 MEDIUM
MP3Gain 1.5.2.r2 - Read Access Violation in mpglibDBL/layer3.c
CVSS 5.5
CVE-2017-12911 MEDIUM
MP3Gain 1.5.2.r2 - Stack Memory Corruption in apetag.c
CVSS 5.5
CVE-2017-14165 MEDIUM
GraphicsMagick 1.3.26 - Denial of Service via Excessive Memory Allocation in ReadSUNImage
CVSS 6.5
CVE-2017-14164 HIGH
OpenJPEG 2.2.0 - Heap-Based Buffer Overflow
CVSS 8.8
CVE-2017-2822 HIGH
Lexmark Perceptive Document Filters 11.3.0.2400 - Remote Code Execution via Crafted PDF
CVSS 7.5
CVE-2017-2807 HIGH
Ledger-CLI 3.1.1 - Buffer Overflow via Tag Parsing
CVSS 7.5
CVE-2017-14151 HIGH
OpenJPEG 2.2.0 - Heap-Based Buffer Overflow via opj_tcd_code_block_enc_allocate_data
CVSS 8.8
CVE-2017-14064 CRITICAL
Ruby < 2.2.7, 2.3.x < 2.3.4, 2.4.x < 2.4.1 - Memory Exposure via JSON.generate
CVSS 9.8
CVE-2017-13708 CRITICAL
VX Search Enterprise 10.0.14 - Remote Code Execution via Crafted GET Request
CVSS 9.8
CVE-2017-14042 MEDIUM
GraphicsMagick 1.3.26 - Denial of Service via ReadPNMImage Memory Allocation Failure
CVSS 6.5
CVE-2017-12708 CRITICAL
Advantech WebAccess < 8.2 - Memory Corruption
CVSS 9.8
CVE-2017-12706 CRITICAL
Advantech WebAccess < 8.2 - Stack-Based Buffer Overflow
CVSS 9.8
CVE-2017-12704 HIGH
Advantech WebAccess < 8.2 - Heap-Based Buffer Overflow
CVSS 8.8
CVE-2017-13760 MEDIUM
The Sleuth Kit 4.4.2 - Denial of Service via Corrupt exFAT Image Handling
CVSS 5.5
CVE-2017-13758 MEDIUM
ImageMagick 7.0.6-10 - Heap-Based Buffer Overflow in TracePoint Function
CVSS 6.5
CVE-2017-12865 CRITICAL
connman < 1.34 - Stack-based Buffer Overflow in dnsproxy.c
CVSS 9.8
CVE-2017-13743 MEDIUM
liblouis 3.2.0 - Buffer Overflow in _lou_showString()
CVSS 6.5
CVE-2017-13742 MEDIUM
liblouis 3.2.0 - Stack-Based Buffer Overflow in compileTranslationTable.c
CVSS 6.5
CVE-2017-13740 HIGH
liblouis 3.2.0 - Stack-Based Buffer Overflow in parseChars Function
CVSS 8.8
CVE-2017-13739 HIGH
Liblouis 3.2.0 - Heap-Based Buffer Overflow in resolveSubtable()
CVSS 8.8
CVE-2017-13734 MEDIUM
ncurses 6.0 - Denial of Service via Illegal Address Access in _nc_safe_strcat
CVSS 6.5
CVE-2017-13733 MEDIUM
ncurses 6.0 - Denial of Service via Illegal Address Access in fmt_entry
CVSS 6.5
CVE-2017-13732 MEDIUM
ncurses 6.0 - Denial of Service via Illegal Address Access in dump_uses()
CVSS 6.5
CVE-2017-13731 MEDIUM
ncurses 6.0 - Denial of Service via Illegal Address Access in postprocess_termcap()
CVSS 6.5
CVE-2017-13730 MEDIUM
ncurses 6.0 - Denial of Service via Illegal Address Access in _nc_read_entry_source
CVSS 6.5
Details
Vulnerabilities 13,993
Exploit Likelihood High