CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

13,999 vulnerabilities with CWE-119
CVE-2017-6655 MEDIUM
Cisco NX-OS Software - Denial of Service via FCoE Protocol Implementation
CVSS 6.5
CVE-2017-6892 HIGH
libsndfile <1.0.28 - Memory Corruption
CVSS 8.8
CVE-2017-9127 MEDIUM
libquicktime 1.2.4 - Denial of Service via Crafted MP4 File
CVSS 6.5
CVE-2017-9126 MEDIUM
libquicktime - Denial of Service via Crafted MP4 File
CVSS 6.5
CVE-2017-8834 MEDIUM
libcroco 0.6.12 - Denial of Service via Crafted CSS File
CVSS 6.5
CVE-2017-4909 HIGH
VMware Workstation <12.5.3 - Heap Buffer Overflow
CVSS 7.8
CVE-2017-4908 HIGH
VMware Workstation <12.5.3 - Heap Buffer Overflow
CVSS 7.8
CVE-2017-4907 CRITICAL
VMware Unified Access Gateway 2.5.x-2.7.x, 2.8.x < 2.8.1 & Horizon View 6.x < 6.2.4, 7.x < 7.1.0 - RCE
CVSS 9.8
CVE-2017-4901 CRITICAL
VMware Workstation/Fusion <12.5.4-8.5.5 - Memory Corruption
CVSS 9.9
CVE-2017-7965 HIGH
Schneider Electric SoMachine HVAC v2.1.0 - Buffer Overflow in AlTracePrint.exe
CVSS 7.3
CVE-2017-4904 HIGH
VMware Fusion 8.0.0-8.5.5 - Uninitialized Memory Usage in XHCI Controller
CVSS 8.8
CVE-2017-4903 HIGH
VMware ESXi <6.5, 6.0 <U3, U2, U1, 5.5 - RCE
CVSS 8.8
CVE-2017-4902 HIGH
VMware ESXi <6.5-5.5 - Heap Buffer Overflow
CVSS 8.8
CVE-2017-9469 HIGH
Irssi < 1.0.3 - Denial of Service via Incorrectly Quoted DCC Files
CVSS 7.5
CVE-2017-9430 CRITICAL
dnstracer < 1.9 - Stack-based Buffer Overflow via Long Command Line Argument
CVSS 9.8
CVE-2017-9433 CRITICAL
Document Liberation Project libmwaw <2017-04-08 - Buffer Overflow
CVSS 9.8
CVE-2017-9372 HIGH
Asterisk Open Source 13.x < 13.15.1 and 14.x < 14.4.1 - Denial of Service via Crafted SIP CSeq Header
CVSS 7.5
CVE-2017-9351 HIGH
Wireshark <2.2.7 and <2.0.13 - Buffer Overflow
CVSS 7.5
CVE-2017-9348 HIGH
Wireshark 2.2.0-2.2.6 - Buffer Overflow in DOF Dissector
CVSS 7.5
CVE-2017-9300 HIGH
VideoLAN VLC media player <2.2.4 - DoS
CVSS 7.8
CVE-2017-8542 MEDIUM
Microsoft Malware Protection Engine < 1.1.13704.0 - Denial of Service via Crafted File Scan
CVSS 5.5
CVE-2017-8541 HIGH
Microsoft Malware Protection Engine < 1.1.13704.0 - Remote Code Execution via Crafted File Scan
CVSS 7.8
CVE-2017-8539 MEDIUM
Microsoft Malware Protection Engine < 1.1.13704.0 - Denial of Service via Crafted File Scan
CVSS 5.5
CVE-2017-8538 HIGH
Microsoft Malware Protection Engine < 1.1.13704.0 - Remote Code Execution via Crafted File Scan
CVSS 7.8
CVE-2017-8537 MEDIUM
Microsoft Malware Protection Engine - Denial of Service via Crafted File Scan
CVSS 5.5
Details
Vulnerabilities 13,999
Exploit Likelihood High