CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

13,998 vulnerabilities with CWE-119
CVE-2017-8661 HIGH
Microsoft Edge - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2017-8657 HIGH
Microsoft Edge - Remote Code Execution via Scripting Engine Memory Corruption
CVSS 7.5
CVE-2017-8656 HIGH
Microsoft Edge - Remote Code Execution via Scripting Engine Memory Corruption
CVSS 7.5
CVE-2017-8655 HIGH
Microsoft Edge - Remote Code Execution via Scripting Engine Memory Corruption
CVSS 7.5
CVE-2017-8653 HIGH
Microsoft Edge and Internet Explorer - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2017-8651 HIGH
Internet Explorer - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2017-8647 HIGH
Microsoft Edge in Windows 10 1703 - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2017-8646 HIGH
Microsoft Edge - Remote Code Execution via Scripting Engine Memory Corruption
CVSS 7.5
CVE-2017-8645 HIGH
Microsoft Edge - Remote Code Execution via Scripting Engine Memory Corruption
CVSS 7.5
CVE-2017-8641 HIGH
Microsoft Edge and Internet Explorer - Remote Code Execution via JavaScript Engine Memory Corruption
CVSS 7.5
CVE-2017-8640 HIGH
Microsoft Edge - Remote Code Execution via Scripting Engine Memory Corruption
CVSS 7.5
CVE-2017-8639 HIGH
Microsoft Edge - Remote Code Execution via Scripting Engine Memory Corruption
CVSS 7.5
CVE-2017-8638 HIGH
Microsoft Edge - Remote Code Execution via Memory Corruption in JavaScript Engine
CVSS 7.5
CVE-2017-8636 HIGH
Microsoft Internet Explorer and Edge - Remote Code Execution via Scripting Engine Memory Corruption
CVSS 7.5
CVE-2017-8635 HIGH
Microsoft Internet Explorer and Edge - Remote Code Execution via Scripting Engine Memory Corruption
CVSS 7.5
CVE-2017-8634 HIGH
Microsoft Edge - Remote Code Execution via Memory Corruption in JavaScript Engine
CVSS 7.5
CVE-2017-8627 MEDIUM
Windows Subsystem for Linux >= Windows 10 1703 - Denial of Service via Memory Object Handling
CVSS 4.7
CVE-2017-8620 HIGH
Windows Search Component - Remote Code Execution via Memory Corruption
CVSS 8.1
CVE-2017-0293 HIGH
Microsoft Windows PDF Library - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2017-0250 HIGH
Microsoft JET Database Engine - Remote Code Execution via Buffer Overflow
CVSS 7.8
CVE-2017-9647 MEDIUM
Continental AG Infineon S-Gold 2 - Buffer Overflow
CVSS 6.6
CVE-2017-9633 HIGH
Continental AG Infineon S-Gold 2 - Memory Corruption
CVSS 8.8
CVE-2017-7936 MEDIUM
NXP i.MX and Vybrid Firmware - Stack-based Buffer Overflow via SDP Download
CVSS 6.3
CVE-2017-6745 HIGH
Cisco Videoscape Distribution Suite for Television 3.2(5)ES1 - Unauthenticated Denial of Service via Resource Exhaustion
CVSS 7.5
CVE-2017-6419 HIGH
libmspack 0.5alpha - Heap-Based Buffer Overflow via Crafted CHM File
CVSS 7.8
Details
Vulnerabilities 13,998
Exploit Likelihood High