CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

13,998 vulnerabilities with CWE-119
CVE-2017-7018 HIGH
Apple Products <10.3.3, <10.1.2, <6.2.2, <12.6.2 - RCE/DoS
CVSS 8.8
CVE-2017-7017 HIGH
macOS < 10.12.6 - Memory Corruption in Intel Graphics Driver
CVSS 7.8
CVE-2017-7016 HIGH
macOS < 10.12.6 - Remote Code Execution via Crafted Audio File in afclip
CVSS 7.8
CVE-2017-7015 HIGH
Apple <10.12.6 - Info Disclosure/DoS
CVSS 7.8
CVE-2017-7014 HIGH
macOS < 10.12.6 - Remote Code Execution in Intel Graphics Driver
CVSS 7.8
CVE-2017-7012 HIGH
Apple <10.3.3, <10.1.2, <6.2.2, <12.6.2 - RCE/DoS
CVSS 8.8
CVE-2017-7009 HIGH
Apple <10.3.3, <10.12.6, <10.2.2, <3.2.3 - RCE/DoS
CVSS 7.8
CVE-2017-7008 HIGH
Apple <10.3.3, <10.12.6, <10.2.2 - RCE/DoS
CVSS 7.8
CVE-2017-7506 HIGH
spice <= 0.13 - Authenticated Denial of Service via Memory Access
CVSS 8.8
CVE-2017-11420 CRITICAL
Asuswrt-Merlin Firmware < 3.0.0.4.380.7743 - Remote Code Execution via Long Device Information
CVSS 9.8
CVE-2017-9671 HIGH
Alpine Linux apk - Heap Overflow via Malicious APKINDEX.tar.gz Pax Header
CVSS 7.8
CVE-2017-9669 HIGH
Alpine Linux apk - Heap Overflow via Malicious APKINDEX.tar.gz
CVSS 7.8
CVE-2017-6744 HIGH KEV
Cisco IOS - Authenticated Remote Code Execution via SNMP Packet Buffer Overflow
CVSS 8.8
CVE-2017-6743 HIGH KEV
Cisco IOS and IOS XE - Authenticated Remote Code Execution via SNMP Buffer Overflow
CVSS 8.8
CVE-2017-6742 HIGH KEV
Cisco IOS and IOS XE - Authenticated Remote Code Execution via SNMP Buffer Overflow
CVSS 8.8
CVE-2017-6741 HIGH
Cisco IOS XE - Authenticated Remote Code Execution via SNMP Buffer Overflow
CVSS 8.8
CVE-2017-6740 HIGH KEV
Cisco IOS and IOS XE - Authenticated Remote Code Execution via SNMP Packet Buffer Overflow
CVSS 8.8
CVE-2017-6739 HIGH KEV
Cisco IOS 12.0-12.4 and IOS XE 2.2.0-3.17.0 - Authenticated Remote Code Execution via SNMP Packet Buffer Overflow
CVSS 8.8
CVE-2017-6738 HIGH KEV
Cisco IOS and IOS XE - Authenticated Remote Code Execution via SNMP Buffer Overflow
CVSS 8.8
CVE-2017-6737 HIGH KEV
Cisco IOS - Authenticated Remote Code Execution via SNMP Buffer Overflow
CVSS 8.8
CVE-2017-6736 HIGH KEV
Cisco IOS and IOS XE - Authenticated Remote Code Execution via SNMP Buffer Overflow
CVSS 8.8
CVE-2017-9639 HIGH
Fuji Electric V-Server <3.3.22.0 - Memory Corruption
CVSS 7.3
CVE-2017-10983 HIGH
FreeRADIUS 2.x < 2.2.10 and 3.x < 3.0.15 - Denial of Service via DHCP Option 63 Decoding
CVSS 7.5
CVE-2017-10978 HIGH
FreeRADIUS 2.x < 2.2.10 and 3.x < 3.0.15 - Denial of Service via make_secret() Buffer Overflow
CVSS 7.5
CVE-2017-2344 HIGH
Junos OS - Buffer Overflow in Internal Sockets Library
CVSS 7.8
Details
Vulnerabilities 13,998
Exploit Likelihood High