CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

13,999 vulnerabilities with CWE-119
CVE-2017-8070 HIGH
Linux Kernel 4.9.x < 4.9.11 - Denial of Service via DMA Scatterlist Handling
CVSS 7.8
CVE-2017-8069 HIGH
Linux Kernel 4.9.x < 4.9.11 - Denial of Service via DMA Scatterlist Handling
CVSS 7.8
CVE-2017-8068 HIGH
Linux Kernel 4.9.x < 4.9.11 - Denial of Service via DMA Scatterlist Handling
CVSS 7.8
CVE-2017-8066 HIGH
Linux Kernel 4.9.x-4.10.x < 4.10.2 - Denial of Service via DMA Scatterlist Handling
CVSS 7.8
CVE-2017-8065 HIGH
Linux Kernel 4.9.x and 4.10.x through 4.10.12 - Denial of Service via DMA Scatterlist Handling
CVSS 7.8
CVE-2017-8064 HIGH
Linux Kernel 4.9.x-4.10.x < 4.10.12 - Denial of Service via DMA Scatterlist Handling
CVSS 7.8
CVE-2017-8063 HIGH
Linux Kernel 4.9-4.9.23 - Denial of Service via DMA Scatterlist Handling
CVSS 7.8
CVE-2017-8062 HIGH
Linux Kernel 4.9-4.9.15 and 4.10-4.10.3 - Denial of Service via DMA Scatterlist Handling
CVSS 7.8
CVE-2017-8061 HIGH
Linux Kernel 4.9.x-4.10.x < 4.10.7 - Denial of Service via DMA Scatterlist Handling
CVSS 7.8
CVE-2017-3863 HIGH
Cisco IOS <15.6 & Cisco IOS XE <3.18 - Buffer Overflow/DoS
CVSS 8.6
CVE-2017-3862 HIGH
Cisco IOS <15.6 - Cisco IOS XE <3.18 - Buffer Overflow/DoS
CVSS 8.6
CVE-2017-3861 HIGH
Cisco IOS <15.6 & Cisco IOS XE <3.18 - Buffer Overflow/DoS
CVSS 8.6
CVE-2017-3860 HIGH
Cisco IOS <15.6 & Cisco IOS XE <3.18 - Buffer Overflow/DoS
CVSS 8.6
CVE-2017-3808 HIGH
Cisco Unified Communications Manager - Denial of Service via SIP UDP Throttling Process
CVSS 7.5
CVE-2017-7938 MEDIUM
DMitry 1.3a - Stack-based Buffer Overflow via Long Argument
CVSS 6.6
CVE-2017-7961 HIGH
libcroco 0.6.11-0.6.12 - Denial of Service via Crafted CSS File
CVSS 7.8
CVE-2017-7853 HIGH
GNU oSIP 4.1.0 and 5.0.0 - Remote Denial of Service via Malformed SIP Message
CVSS 7.5
CVE-2017-7219 HIGH
Citrix NetScaler Gateway <11.1 - RCE
CVSS 8.8
CVE-2017-7742 MEDIUM
libsndfile <1.0.28 - Memory Corruption
CVSS 5.5
CVE-2017-7741 MEDIUM
libsndfile <1.0.28 - Memory Corruption
CVSS 5.5
CVE-2017-3065 HIGH
Adobe Acrobat and Reader < 11.0.19, < 15.006.30280, < 15.023.20070 - Memory Corruption in Font Manipulation
CVSS 7.8
CVE-2017-3064 HIGH
Adobe Flash Player <= 25.0.0.127 - Memory Corruption via Shape Outline Parsing
CVSS 7.8
CVE-2017-3061 CRITICAL
Adobe Flash Player <= 25.0.0.127 - Memory Corruption in SWF Parser
CVSS 9.8
CVE-2017-3056 HIGH
Adobe Acrobat Reader <= 11.0.19, <= 15.006.30280, <= 15.023.20070 - Memory Corruption via JavaScript String Manipulation
CVSS 7.8
CVE-2017-3055 HIGH
Adobe Acrobat and Reader < 11.0.19, < 15.006.30280, < 15.023.20070 - RCE via JPEG 2000 Parsing
CVSS 7.8
Details
Vulnerabilities 13,999
Exploit Likelihood High