CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

13,999 vulnerabilities with CWE-119
CVE-2017-6998 HIGH
Apple <10.3.2, <10.2.1, <3.2.2 - RCE/DoS
CVSS 7.8
CVE-2017-6997 HIGH
Apple <10.3.2, <10.2.1, <3.2.2 - RCE/DoS
CVSS 7.8
CVE-2017-6996 HIGH
Apple <10.3.2, <10.2.1, <3.2.2 - RCE/DoS
CVSS 7.8
CVE-2017-6995 HIGH
Apple <10.3.2, <10.2.1, <3.2.2 - RCE/DoS
CVSS 7.8
CVE-2017-6994 HIGH
Apple <10.3.2, <10.2.1, <3.2.2 - RCE/DoS
CVSS 7.8
CVE-2017-6991 HIGH
iPhone OS < 10.3.2 and macOS < 10.12.5 - Remote Code Execution in SQLite
CVSS 8.8
CVE-2017-6989 HIGH
Apple <10.3.2, <10.2.1, <3.2.2 - RCE/DoS
CVSS 7.8
CVE-2017-6986 HIGH
macOS < 10.12.4 - Memory Corruption in iBooks
CVSS 7.8
CVE-2017-6985 HIGH
macOS < 10.12.4 - Remote Code Execution in NVIDIA Graphics Drivers
CVSS 7.8
CVE-2017-6984 HIGH
Apple <10.3.2, <10.1.1, <12.6.1 - RCE/DoS
CVSS 8.8
CVE-2017-6983 HIGH
iPhone OS < 10.3.1 and macOS < 10.12.4 - Remote Code Execution via SQLite Memory Corruption
CVSS 8.8
CVE-2017-6982 MEDIUM
iPhone OS < 10.3.1 - Denial of Service in Notifications Component
CVSS 5.5
CVE-2017-6980 HIGH
Apple <10.3.2, <10.1.1, <10.2.1 - RCE
CVSS 8.8
CVE-2017-6978 HIGH
macOS < 10.12.5 - Remote Code Execution in Accessibility Framework
CVSS 7.8
CVE-2017-6977 HIGH
Apple <10.12.5 - Sandbox-Escape/DoS
CVSS 8.6
CVE-2017-2548 HIGH
macOS < 10.12.5 - Remote Code Execution or Denial of Service in WindowServer
CVSS 7.8
CVE-2017-2547 HIGH
Safari < 10.1.1 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2017-2546 HIGH
macOS < 10.12.5 - Kernel Memory Corruption
CVSS 7.8
CVE-2017-2545 HIGH
macOS < 10.12.5 - Remote Code Execution in IOGraphics
CVSS 7.8
CVE-2017-2544 HIGH
Safari < 10.1.1 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2017-2543 HIGH
macOS < 10.12.4 - Memory Corruption in Multi-Touch Component
CVSS 7.8
CVE-2017-2542 HIGH
macOS < 10.12.5 - Memory Corruption in Multi-Touch Component
CVSS 7.8
CVE-2017-2541 HIGH
macOS < 10.12.4 - Remote Code Execution in WindowServer
CVSS 7.8
CVE-2017-2539 HIGH
Safari < 10.1.1 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2017-2538 HIGH
Safari < 10.1.1 and iPhone OS < 10.3.1 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
Details
Vulnerabilities 13,999
Exploit Likelihood High