CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

13,999 vulnerabilities with CWE-119
CVE-2017-9052 CRITICAL
libdwarf 2017-03-21 - Buffer Overflow
CVSS 9.8
CVE-2017-9048 HIGH
libxml2 20904-GITv2.9.4-16-g0741801 - Stack-based Buffer Overflow in xmlSnprintfElementContent
CVSS 7.5
CVE-2017-9047 HIGH
libxml2 20904-GITv2.9.4-16-g0741801 - Buffer Overflow
CVSS 7.5
CVE-2017-9026 CRITICAL
HooToo Trip Mate 6 TM6 <2.000.030 - Buffer Overflow
CVSS 9.8
CVE-2017-9025 MEDIUM
HooToo Trip Mate 6 <2.000.030 - Buffer Overflow
CVSS 6.5
CVE-2017-3882 CRITICAL
Cisco CVR100W Wireless-N VPN Router - Buffer Overflow
CVSS 9.6
CVE-2017-6887 HIGH
LibRaw < 0.18.2 - Memory Corruption via Crafted KDC File with Multiple 0x100 and 0x14A TAGs
CVSS 7.8
CVE-2017-6886 CRITICAL
LibRaw < 0.18.2 - Memory Corruption in parse_tiff_ifd()
CVSS 9.8
CVE-2017-8927 HIGH
Larson VizEx Reader <9.7.5 - Buffer Overflow
CVSS 7.8
CVE-2017-8926 HIGH
Halliburton LogView Pro 10.0.1 - Buffer Overflow
CVSS 7.8
CVE-2017-6890 CRITICAL
LibRaw-demosaic-pack-GPL2 <0.18.2 - Buffer Overflow
CVSS 9.8
CVE-2017-0252 CRITICAL
Microsoft Edge - Remote Code Execution via Memory Corruption in JavaScript Engine
CVSS 9.8
CVE-2017-0223 CRITICAL
Microsoft Edge - Remote Code Execution via Memory Corruption in JavaScript Engine
CVSS 9.8
CVE-2017-8245 HIGH
Android for MSM - Out-of-Bounds Memory Copy via Voice SVC Request
CVSS 7.8
CVE-2017-0592 HIGH
Android 4.4.4-7.1.2 - Remote Code Execution via FLACExtractor.cpp Memory Corruption
CVSS 7.8
CVE-2017-0591 HIGH
Android 6.0 6.0.1 7.0 7.1.1 7.1.2 - Remote Code Execution via Crafted Media File
CVSS 7.8
CVE-2017-0590 HIGH
Android 5.0.2 5.1.1 6.0 6.0.1 7.0 7.1.1 7.1.2 - Remote Code Execution in libhevc
CVSS 7.8
CVE-2017-0589 HIGH
Android 5.0.2 5.1.1 6.0 6.0.1 7.0 7.1.1 7.1.2 - Remote Code Execution in libhevc
CVSS 7.8
CVE-2017-0588 HIGH
Android 4.4.4-7.1.2 - Remote Code Execution in libstagefright ID3 Parser
CVSS 7.8
CVE-2017-0587 HIGH
Android 6.0 6.0.1 7.0 7.1.1 7.1.2 - Remote Code Execution in libmpeg2
CVSS 7.8
CVE-2017-0266 HIGH
Microsoft Edge - Remote Code Execution via Memory Object Handling
CVSS 7.5
CVE-2017-0265 HIGH
Microsoft PowerPoint for Mac 2011 - Remote Code Execution via Memory Corruption
CVSS 7.8
CVE-2017-0264 HIGH
Microsoft PowerPoint for Mac 2011 - Remote Code Execution via Memory Corruption
CVSS 7.8
CVE-2017-0254 HIGH
Microsoft Office - Remote Code Execution via Memory Corruption
CVSS 7.8
CVE-2017-0240 HIGH
Microsoft Edge - Remote Code Execution via Memory Corruption
CVSS 7.5
Details
Vulnerabilities 13,999
Exploit Likelihood High