CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

13,998 vulnerabilities with CWE-119
CVE-2017-8548 HIGH
Microsoft Edge - Memory Corruption via Improper Object Handling
CVSS 7.5
CVE-2017-8547 HIGH
Internet Explorer - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2017-8529 MEDIUM
Internet Explorer - Information Disclosure via Memory Object Handling
CVSS 6.5
CVE-2017-8528 HIGH
Microsoft Office - Memory Corruption
CVSS 8.8
CVE-2017-8527 HIGH
Microsoft Lync - Memory Corruption
CVSS 8.8
CVE-2017-8524 HIGH
Microsoft browsers - Remote Code Execution via JavaScript Engine Memory Corruption
CVSS 7.5
CVE-2017-8522 HIGH
Microsoft browsers - Remote Code Execution via JavaScript Engine Memory Corruption
CVSS 7.5
CVE-2017-8521 HIGH
Microsoft Edge in Windows 10 1703 - Remote Code Execution via JavaScript Scripting Engine Memory Corruption
CVSS 7.5
CVE-2017-8520 HIGH
Microsoft Edge in Windows 10 1703 - Remote Code Execution via JavaScript Scripting Engine Memory Corruption
CVSS 7.5
CVE-2017-8519 HIGH
Internet Explorer - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2017-8517 HIGH
Internet Explorer - Remote Code Execution via JavaScript Engine Memory Corruption
CVSS 7.5
CVE-2017-8513 HIGH
Microsoft PowerPoint - Remote Code Execution via Improper Memory Object Handling
CVSS 7.8
CVE-2017-8507 HIGH
Microsoft Outlook - Remote Code Execution via Crafted Email Message
CVSS 7.8
CVE-2017-8499 HIGH
Microsoft Edge in Windows 10 1703 - Remote Code Execution via JavaScript Scripting Engine Memory Corruption
CVSS 7.5
CVE-2017-8497 HIGH
Microsoft Edge - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2017-8496 HIGH
Microsoft Edge - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2017-7910 HIGH
Digital Canal Structural Wind Analysis 9.1 - Stack-Based Buffer Overflow
CVSS 7.5
CVE-2017-9502 MEDIUM
curl < 7.54.1 - Heap-Based Buffer Overflow via Default Protocol Function
CVSS 5.3
CVE-2017-0637 HIGH
Android 5.0.2 5.1.1 6.0 6.0.1 7.0 7.1.1 7.1.2 - Remote Code Execution in libhevc
CVSS 7.8
CVE-2017-8241 HIGH
Android - Buffer Overflow in WLAN Function
CVSS 7.8
CVE-2017-8238 HIGH
Android - Buffer Overflow in Camera Function
CVSS 7.8
CVE-2017-8237 HIGH
Android - Buffer Overflow in Firmware Image Loading
CVSS 7.8
CVE-2017-8236 HIGH
Android - Buffer Overflow in IPA Driver
CVSS 7.8
CVE-2017-7372 HIGH
Android - Buffer Overflow via Video Driver Race Condition
CVSS 7.0
CVE-2017-6655 MEDIUM
Cisco NX-OS Software - Denial of Service via FCoE Protocol Implementation
CVSS 6.5
Details
Vulnerabilities 13,998
Exploit Likelihood High