CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

13,998 vulnerabilities with CWE-119
CVE-2017-12562 CRITICAL
libsndfile - Heap-based Buffer Overflow in psf_binheader_writef
CVSS 9.8
CVE-2017-12482 HIGH
Ledger 3.1.1 - Stack-Based Buffer Overflow in times.cc Date Mask Parsing
CVSS 7.8
CVE-2017-12481 HIGH
Ledger 3.1.1 - Stack-Based Buffer Overflow in find_option Function
CVSS 7.8
CVE-2017-12424 CRITICAL
shadow < 4.5 - Memory Corruption via Newusers Tool
CVSS 9.8
CVE-2017-11721 CRITICAL
ioquake3 <2017-08-02 - Buffer Overflow
CVSS 9.8
CVE-2017-1495 MEDIUM
IBM InfoSphere Information Server 9.1 11.3 11.5 - Authenticated Memory Dump Exposure
CVSS 4.9
CVE-2017-2282 MEDIUM
WN-AX1167GR <3.00 - Buffer Overflow
CVSS 6.8
CVE-2017-12141 MEDIUM
ytnef 1.9.2 - Denial of Service via Heap-Based Buffer Overflow in TNEFFillMapi
CVSS 5.5
CVE-2017-8663 HIGH
Microsoft Outlook 2007-2016 Remote Code Execution via Crafted Email
CVSS 7.8
CVE-2017-11552 MEDIUM
mpg321 <0.3.2-1 - Memory Corruption
CVSS 6.5
CVE-2017-11551 MEDIUM
libid3tag 0.15.1b - Denial of Service via Crafted MP3 File
CVSS 5.5
CVE-2017-11548 MEDIUM
Xiph.Org libao 1.2.0 - Memory Corruption
CVSS 5.5
CVE-2017-11331 MEDIUM
vorbis-tools 1.4.0 - Denial of Service via Crafted WAV File
CVSS 5.5
CVE-2017-11115 MEDIUM
OpenExif 2.1.4 - Denial of Service via Crafted JPG File
CVSS 5.5
CVE-2017-11732 MEDIUM
Ming 0.4.8 - Heap-Based Buffer Overflow in dcputs Function
CVSS 5.5
CVE-2017-6260 MEDIUM
NVIDIA Windows GPU Display Driver - Denial of Service via Kernel Mode Layer Helper Function
CVSS 6.5
CVE-2017-8870 HIGH
AudioCoder 0.8.46 - Buffer Overflow via Crafted .m3u File
CVSS 7.8
CVE-2017-8869 HIGH
MediaCoder 0.8.48.5888 - Remote Code Execution via Crafted .m3u File
CVSS 7.8
CVE-2017-9614 HIGH
libjpeg-turbo 1.5.1 - Denial of Service via Crafted JPG File
CVSS 8.8
CVE-2017-9412 MEDIUM
LAME 3.99.5 - Denial of Service via Crafted WAV File
CVSS 5.5
CVE-2017-11674 MEDIUM
Acunetix Web Vulnerability Scanner - Denial of Service via Malformed PRE File
CVSS 5.5
CVE-2017-9619 HIGH
Artifex Ghostscript GhostXPS - Denial of Service via xps_true_callback_glyph_name Function
CVSS 7.8
CVE-2017-9618 HIGH
Ghostscript GhostXPS 9.21 - Buffer Overflow
CVSS 7.8
CVE-2017-11643 CRITICAL
GraphicsMagick 1.3.26 - Buffer Overflow
CVSS 9.8
CVE-2017-11640 MEDIUM
ImageMagick 7.0.6-1 - Memory Corruption
CVSS 6.5
Details
Vulnerabilities 13,998
Exploit Likelihood High