CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,000 vulnerabilities with CWE-119
CVE-2017-0106 HIGH
Microsoft Outlook 2010 SP2, 2013 SP1, 2016 - Remote Code Execution via Crafted Document
CVSS 7.8
CVE-2017-0093 HIGH
Microsoft Edge - Remote Code Execution via Scripting Engine Memory Corruption
CVSS 7.5
CVE-2017-7617 HIGH
Asterisk Open Source <14.3.1 - Buffer Overflow
CVSS 8.8
CVE-2017-7593 MEDIUM
LibTIFF 4.0.7 - Information Disclosure via Uninitialized Memory in tif_read.c
CVSS 5.5
CVE-2017-0548 MEDIUM
Android 7.0, 7.1.1 - Denial of Service via Crafted File in libskia
CVSS 5.5
CVE-2017-0543 HIGH
Android 6.0 6.0.1 7.0 7.1.1 - Remote Code Execution in libavc via Crafted Media File
CVSS 7.8
CVE-2017-0542 HIGH
Android 6.0 6.0.1 7.0 7.1.1 - Remote Code Execution in libavc via Crafted Media File
CVSS 7.8
CVE-2017-0541 HIGH
Android 4.4.4-7.1.1 - Remote Code Execution via Crafted Media File in sonivox
CVSS 7.8
CVE-2017-0540 HIGH
Android 5.0.2 5.1.1 6.0 6.0.1 7.0 7.1.1 - Remote Code Execution via libhevc Memory Corruption
CVSS 7.8
CVE-2017-0539 HIGH
Android 5.0.2 5.1.1 6.0 6.0.1 7.0 7.1.1 - Remote Code Execution via libhevc Memory Corruption
CVSS 7.8
CVE-2017-0538 HIGH
Android 6.0 6.0.1 7.0 7.1.1 - Remote Code Execution in libavc via Crafted Media File
CVSS 7.8
CVE-2017-7586 MEDIUM
Libsndfile <1.0.28 - Buffer Overflow
CVSS 5.5
CVE-2017-7585 MEDIUM
libsndfile <1.0.28 - Buffer Overflow
CVSS 5.5
CVE-2017-7584 HIGH
Foxit PDF Toolkit < 2.0 - Memory Corruption via Crafted PDF File
CVSS 7.8
CVE-2017-7578 HIGH
libming 0.4.7 - Heap-Based Buffer Overflow in parser.c
CVSS 7.8
CVE-2017-6975 MEDIUM
Apple iOS <10.3.1 - Buffer Overflow
CVSS 6.8
CVE-2017-6956 HIGH
Broadcom Wi-Fi HardMAC SoC - Buffer Overflow
CVSS 8.8
CVE-2017-7407 LOW
curl 7.53.1 - Heap-Based Buffer Over-Read via --write-out Argument
CVSS 2.4
CVE-2017-6448 HIGH
radare2 1.2.1 - Stack-Based Buffer Overflow in Dalvik Disassembler
CVSS 7.8
CVE-2017-6194 HIGH
radare2 1.2.1 - Heap-Based Buffer Overflow in relocs Function
CVSS 7.8
CVE-2017-5950 MEDIUM
yaml-cpp 0.5.3 - Denial of Service via Crafted YAML File
CVSS 5.5
CVE-2017-2490 HIGH
iPhone OS < 10.3, macOS < 10.12.4, tvOS < 10.2, watchOS < 3.2 - Remote Code Execution or Denial of Service in Kernel
CVSS 7.8
CVE-2017-2487 HIGH
iPhone OS < 10.3, macOS < 10.12.4, tvOS < 10.2, watchOS < 3.2 - Remote Code Execution via Crafted Font File
CVSS 7.8
CVE-2017-2483 HIGH
iPhone OS < 10.3, macOS < 10.12.4, tvOS < 10.2, watchOS < 3.2 - Kernel Buffer Overflow via Crafted App
CVSS 7.8
CVE-2017-2482 HIGH
iPhone OS < 10.3, macOS < 10.12.4, tvOS < 10.2, watchOS < 3.2 - Remote Code Execution via Kernel Buffer Overflow
CVSS 7.8
Details
Vulnerabilities 14,000
Exploit Likelihood High