CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

13,998 vulnerabilities with CWE-119
CVE-2017-11636 CRITICAL
GraphicsMagick 1.3.26 - Buffer Overflow
CVSS 9.8
CVE-2017-11628 HIGH
PHP <5.6.31, 7.x <7.0.21, 7.1.x <7.1.7 - Buffer Overflow
CVSS 7.8
CVE-2017-6753 HIGH
Cisco WebEx - Remote Code Execution
CVSS 8.8
CVE-2017-6612 HIGH
Cisco ASR 5000 Series Aggregation Services Routers 17.3.9.62033-21.1.2 - Unauthenticated HTTP Traffic Redirection
CVSS 8.6
CVE-2017-7980 HIGH
Qemu < 2.8 - Heap-based Buffer Overflow in Cirrus CLGD 54xx VGA Emulator
CVSS 7.8
CVE-2017-7541 HIGH
Linux kernel < 4.12.3 - Buffer Overflow via Crafted NL80211_CMD_FRAME Netlink Packet
CVSS 7.8
CVE-2017-11592 HIGH
Exiv2 0.26 - Denial of Service via Heap Memory Corruption in FileIo::seek
CVSS 7.5
CVE-2017-11576 MEDIUM
FontForge 20161012 - Denial of Service via Crafted OTF File
CVSS 5.5
CVE-2017-11574 HIGH
FontForge 20161012 - Buffer Overflow
CVSS 7.8
CVE-2017-11571 HIGH
FontForge 20161012 - Buffer Overflow
CVSS 7.8
CVE-2017-11543 CRITICAL
tcpdump 4.9.0 - Buffer Overflow in sliplink_print Function
CVSS 9.8
CVE-2017-2276 HIGH
Sony WG-C10 Firmware < 3.0.79 - Buffer Overflow
CVSS 7.2
CVE-2017-7523 HIGH
Cygwin 1.7.2-1.8.0 - Buffer Overflow in wcsxfrm/wcsxfrm_l Functions
CVSS 7.5
CVE-2017-11517 CRITICAL
Geutebrueck Gcore <1.4.2.37 - Buffer Overflow
CVSS 9.8
CVE-2017-7069 HIGH
Apple <10.3.3, <10.12.6, <10.2.2, <3.2.3 - RCE/DoS
CVSS 7.8
CVE-2017-7068 HIGH
Apple <10.3.3, <10.12.6, <10.2.2, <3.2.3 - RCE/DoS
CVSS 8.8
CVE-2017-7062 CRITICAL
iPhone OS < 10.3.3, macOS < 10.12.6, tvOS < 10.2.2, watchOS < 3.2.3 - Remote Code Execution in Contacts Component
CVSS 9.8
CVE-2017-7061 HIGH
Apple <10.3.3, <10.1.2, <6.2.2, <12.6.2 - RCE/DoS
CVSS 8.8
CVE-2017-7056 HIGH
Apple <10.3.3, <10.1.2, <6.2.2, <12.6.2 - RCE/DoS
CVSS 8.8
CVE-2017-7055 HIGH
Apple <10.3.3, <10.1.2, <6.2.2, <12.6.2 - RCE/DoS
CVSS 8.8
CVE-2017-7054 HIGH
macOS < 10.12.6 - Remote Code Execution or Denial of Service via Bluetooth Memory Corruption
CVSS 8.0
CVE-2017-7052 HIGH
Apple <10.3.3, <10.1.2, <6.2.2, <12.6.2 - RCE/DoS
CVSS 8.8
CVE-2017-7051 HIGH
macOS < 10.12.6 - Remote Code Execution or Denial of Service via Bluetooth Memory Corruption
CVSS 8.0
CVE-2017-7050 HIGH
macOS < 10.12.6 - Remote Code Execution or Denial of Service in Bluetooth Component
CVSS 8.0
CVE-2017-7049 HIGH
Apple <10.3.3, <10.1.2, <6.2.2, <12.6.2 - RCE/DoS
CVSS 8.8
Details
Vulnerabilities 13,998
Exploit Likelihood High