CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

13,998 vulnerabilities with CWE-119
CVE-2017-11227 HIGH
Adobe Acrobat and Reader - Memory Corruption in EMF Image Conversion Engine
CVSS 8.8
CVE-2017-11226 HIGH
Adobe Acrobat and Reader - Memory Corruption in JPEG 2000 Image Processing
CVSS 8.8
CVE-2017-11222 HIGH
Adobe Acrobat and Reader - Memory Corruption in PRC Engine
CVSS 8.8
CVE-2017-11220 HIGH
Adobe Acrobat and Reader < 11.0.20, 15.006.30306, 15.007.20033-17.009.20058, 17.011.30066 - Heap Overflow
CVSS 8.8
CVE-2017-11217 MEDIUM
Adobe Acrobat and Reader - Memory Corruption in EMF Unicode Text Drawing
CVSS 6.5
CVE-2017-11216 HIGH
Adobe Acrobat and Reader - Memory Corruption in EMF Image Conversion Engine
CVSS 8.8
CVE-2017-11214 HIGH
Adobe Acrobat and Reader - Memory Corruption in EMF Image Conversion Engine
CVSS 8.8
CVE-2017-11212 HIGH
Adobe Acrobat and Reader - Memory Corruption in EMF Image Conversion Engine
CVSS 8.8
CVE-2017-11211 HIGH
Adobe Acrobat and Reader - Heap Overflow in JPEG Parser
CVSS 8.8
CVE-2017-11210 MEDIUM
Adobe Acrobat and Reader - Memory Corruption in XPS Font Parsing
CVSS 6.5
CVE-2017-11209 MEDIUM
Adobe Acrobat and Reader - Memory Corruption via JPEG in XPS File
CVSS 6.5
CVE-2017-8273 HIGH
Qualcomm Products with Android CAF - Buffer Overflow via Fastboot Boot Command
CVSS 7.8
CVE-2017-8658 CRITICAL
Chakracore < 1.7.0 - Remote Code Execution via Memory Corruption
CVSS 9.8
CVE-2017-8518 HIGH
Microsoft Edge - Remote Code Execution via Scripting Engine Memory Corruption
CVSS 7.5
CVE-2017-12799 HIGH
GNU Binutils - Buffer Overflow in elf_read_notes Function
CVSS 7.8
CVE-2017-12762 CRITICAL
Linux Kernel 3.18-3.18.64 - Buffer Overflow in ISDN Net Driver
CVSS 9.8
CVE-2017-0715 HIGH
Android 6.0 6.0.1 7.0 7.1.1 7.1.2 - Remote Code Execution in libavc
CVSS 7.8
CVE-2017-0712 HIGH
Android <7.1.2 - Privilege Escalation
CVSS 7.8
CVE-2017-12754 HIGH
asuswrt-merlin < 380.67 - Remote Code Execution via Long delete_offline_client Parameter
CVSS 8.8
CVE-2017-8691 HIGH
Windows 7 SP1 and Windows Server 2008 SP2 and R2 SP1 - Remote Code Execution via Embedded Font Handling
CVSS 8.8
CVE-2017-8674 HIGH
Microsoft Edge - Remote Code Execution via Memory Corruption in JavaScript Engine
CVSS 7.5
CVE-2017-8672 HIGH
Microsoft Edge - Remote Code Execution via Scripting Engine Memory Corruption
CVSS 7.5
CVE-2017-8671 HIGH
Microsoft Edge - Remote Code Execution via JavaScript Engine Memory Corruption
CVSS 7.5
CVE-2017-8670 HIGH
Microsoft Edge - Remote Code Execution via Scripting Engine Memory Corruption
CVSS 7.5
CVE-2017-8669 HIGH
Microsoft Edge and Internet Explorer - Remote Code Execution via Memory Corruption
CVSS 7.5
Details
Vulnerabilities 13,998
Exploit Likelihood High