CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

13,999 vulnerabilities with CWE-119
CVE-2017-8378 CRITICAL
PoDoFo 0.9.5 - Heap-Based Buffer Overflow in PdfParser::ReadObjects
CVSS 9.8
CVE-2017-8373 HIGH
Underbit MAD libmad 0.15.1b - Heap-Based Buffer Overflow in mad_layer_III
CVSS 7.8
CVE-2017-8367 HIGH
Ether Software Easy MOV Converter 1.4.24 - Buffer Overflow via Long Username
CVSS 7.8
CVE-2017-8366 CRITICAL
Ettercap 0.8.2 - Heap-Based Buffer Overflow in strescape Function
CVSS 9.8
CVE-2017-8364 HIGH
rzip 2.1 - Heap-Based Buffer Overflow in read_buf Function
CVSS 7.8
CVE-2017-8361 HIGH
libsndfile 1.0.28 - Buffer Overflow in FLAC Buffer Copy
CVSS 8.8
CVE-2017-8358 CRITICAL
LibreOffice < 5.2.6 - Heap-Based Buffer Overflow in ReadJPEG Function
CVSS 9.8
CVE-2017-8339 MEDIUM
Panda Free Antivirus 18.0 - Denial of Service via Crafted DeviceIoControl Request
CVSS 5.5
CVE-2017-8325 HIGH
ImageWorsener < 1.3.1 - Heap-Based Buffer Overflow in iw_process_cols_to_intermediate
CVSS 8.8
CVE-2017-6553 CRITICAL
Quest Privilege Manager for Unix < 6.0.0-50 - Buffer Overflow via ACT_ALERT_EVENT Request
CVSS 9.8
CVE-2017-2155 HIGH
Hoozin Viewer <6.0.3.09 - Buffer Overflow
CVSS 8.8
CVE-2017-2142 CRITICAL
I-O DATA WN-G300R3 Firmware <= 1.03 - Remote Code Execution via Buffer Overflow
CVSS 9.8
CVE-2017-2113 HIGH
I-O DATA DEVICE TS-WPTCAM TS-WPTCAM2 TS-WLCE TS-WLC2 TS-WRLC TS-PTCAM TS-PTCAM/POE - Buffer Overflow
CVSS 8.8
CVE-2017-7895 CRITICAL
Linux Kernel < 3.2.89 - Buffer Overflow in NFSv2 and NFSv3 Server
CVSS 9.8
CVE-2017-8305 CRITICAL
13thmonkey udfclient < 0.8.7 - Buffer Overflow in Custom strlcpy Implementation
CVSS 9.8
CVE-2017-8289 CRITICAL
RIOT < 2017.01 - Stack-based Buffer Overflow in ipv6_addr_from_str
CVSS 9.8
CVE-2017-8287 CRITICAL
FreeType < 2.7.1 - Heap-Based Buffer Overflow in t1_builder_close_contour
CVSS 9.8
CVE-2017-6037 HIGH
Wecon Technologies LEVI Studio HMI Editor < 1.8.1 - Heap-Based Buffer Overflow via Malicious Project File
CVSS 8.8
CVE-2017-6035 HIGH
Wecon Technologies LEVI Studio HMI Editor < 1.8.1 - Stack-Based Buffer Overflow via Malicious Project File
CVSS 8.8
CVE-2017-7720 HIGH
PrivateTunnel 2.7-2.8 - Buffer Overflow
CVSS 7.8
CVE-2017-1274 HIGH
IBM Domino 8.5-9.0 - Authenticated Stack-Based Buffer Overflow via IMAP Mailbox Name
CVSS 8.8
CVE-2017-7477 HIGH
Linux kernel <4.10.12 - Buffer Overflow
CVSS 7.0
CVE-2017-2325 MEDIUM
Juniper Networks NorthStar Controller App <2.1.0-1 - Buffer Overflow
CVSS 6.5
CVE-2017-2316 MEDIUM
Juniper Networks NorthStar Controller App <2.1.0-1 - Buffer Overflow
CVSS 6.5
CVE-2017-8073 HIGH
WeeChat < 1.7.1 - Denial of Service via DCC Filename Buffer Overflow
CVSS 7.5
Details
Vulnerabilities 13,999
Exploit Likelihood High