CWE-119
High likelihoodImproper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
13,998 vulnerabilities with CWE-119
CVE-2017-11362
CRITICAL
PHP 7.x < 7.0.21 and 7.1.x < 7.1.7 - Stack-Based Buffer Overflow via Long Locale in msgfmt_parse_message
CVSS 9.8
CVE-2017-11345
HIGH
Asuswrt-Merlin and ASUS Firmware < 3.0.0.4.380.7743 - Remote Code Execution via SSDP Location Header
CVSS 7.8
CVE-2017-11344
HIGH
Asuswrt-Merlin and ASUS Firmware < 3.0.0.4.380.7743 - Remote Code Execution via SSDP Location Header
CVSS 7.8
CVE-2017-11339
MEDIUM
Exiv2 - Heap-Based Buffer Overflow in Image::printIFDStructure
CVSS 6.5
CVE-2017-11328
MEDIUM
YARA 3.x - Denial of Service via Heap Buffer Overflow in yr_object_array_set_item
CVSS 5.5
CVE-2017-11311
HIGH
OpenMPT < 1.26.12.00 and libopenmpt < 0.2.8461-beta26 - Heap Buffer Overflow via Crafted PSM File
CVSS 7.8
CVE-2017-10602
HIGH
Junos OS Multiple Versions - Authenticated CLI Buffer Overflow
CVSS 7.0
CVE-2017-1000075
CRITICAL
Creolabs Gravity 1.0 - Buffer Overflow
CVSS 9.8
CVE-2017-1000074
CRITICAL
Creolabs Gravity 1.0 - Buffer Overflow
CVSS 9.8
CVE-2017-1000073
CRITICAL
Creolabs Gravity 1.0 - Heap Overflow
CVSS 9.8
CVE-2017-1000044
CRITICAL
gtk-vnc 0.4.2 - Memory Corruption via Framebuffer Boundary Mismanagement
CVSS 9.8
CVE-2017-0152
HIGH
Microsoft Edge - Remote Code Execution via Memory Corruption in Scripting Engine
CVSS 8.1
CVE-2017-0028
CRITICAL
Microsoft Edge - Remote Code Execution via Scripting Engine Memory Corruption
CVSS 9.8
CVE-2017-2818
HIGH
Poppler 0.53.0 - Heap Overflow via Image Rendering
CVSS 7.5
CVE-2017-2814
HIGH
Poppler 0.53.0 - Heap Overflow via Image Rendering
CVSS 7.5
CVE-2017-11190
HIGH
unrar-free 0.0.1 - Stack-Based Buffer Overflow via Long Filename in RAR Archive
CVSS 7.8
CVE-2017-8619
HIGH
Microsoft Edge - Remote Code Execution via Scripting Engine Memory Corruption
CVSS 7.5
CVE-2017-8618
HIGH
Internet Explorer - Memory Corruption in Scripting Engine
CVSS 7.5
CVE-2017-8617
HIGH
Microsoft Edge - Remote Code Execution via Memory Object Handling
CVSS 7.5
CVE-2017-8610
HIGH
Microsoft Edge - Remote Code Execution via JavaScript Engine Memory Corruption
CVSS 7.5
CVE-2017-8609
HIGH
Microsoft Edge - Remote Code Execution via JavaScript Engine Memory Corruption
CVSS 7.5
CVE-2017-8608
HIGH
Microsoft Edge and Internet Explorer - Remote Code Execution via JavaScript Engine Memory Corruption
CVSS 7.5
CVE-2017-8607
HIGH
Microsoft Edge - Remote Code Execution via JavaScript Engine Memory Corruption
CVSS 7.5
CVE-2017-8606
HIGH
Microsoft Edge and Internet Explorer - Remote Code Execution via JavaScript Engine Memory Corruption
CVSS 7.5
CVE-2017-8605
HIGH
Microsoft Edge - Remote Code Execution via JavaScript Engine Memory Corruption
CVSS 7.5
Details
Vulnerabilities
13,998
Exploit Likelihood
High