CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,000 vulnerabilities with CWE-119
CVE-2017-2433 HIGH
Safari < 10.1 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2017-2432 HIGH
Apple <10.3 - Remote Code Execution
CVSS 7.8
CVE-2017-2431 HIGH
macOS < 10.12.4 - Remote Code Execution via Crafted .mov File
CVSS 7.8
CVE-2017-2430 HIGH
Apple <10.3 - Remote Code Execution
CVSS 7.8
CVE-2017-2427 HIGH
macOS < 10.12.4 - Remote Code Execution or Denial of Service via Bluetooth Memory Corruption
CVSS 7.8
CVE-2017-2422 HIGH
macOS < 10.12.4 - Memory Corruption in Multi-Touch Component
CVSS 7.8
CVE-2017-2420 HIGH
macOS < 10.12.4 - Remote Code Execution in Bluetooth Component
CVSS 7.8
CVE-2017-2416 HIGH
Apple <10.3 - Remote Code Execution
CVSS 7.8
CVE-2017-2413 HIGH
macOS < 10.12.4 - Remote Code Execution via Crafted Media File in QuickTime
CVSS 7.8
CVE-2017-2408 HIGH
macOS < 10.12.4 - Memory Corruption in IOATAFamily
CVSS 7.8
CVE-2017-2407 HIGH
Apple <10.3 - Remote Code Execution
CVSS 7.8
CVE-2017-2406 HIGH
Apple <10.3 - Remote Code Execution
CVSS 7.8
CVE-2017-2405 HIGH
Apple <10.3 - Remote Code Execution
CVSS 8.8
CVE-2017-2401 HIGH
iPhone OS < 10.3, macOS < 10.12.4, tvOS < 10.2, watchOS < 3.2 - Remote Code Execution or Denial of Service in Kernel
CVSS 7.8
CVE-2017-2398 HIGH
Apple iOS <10.3, macOS <10.12.4 - RCE/DoS
CVSS 7.8
CVE-2017-2396 HIGH
Apple <10.3 - Remote Code Execution
CVSS 8.8
CVE-2017-2395 HIGH
Apple <10.3 - Remote Code Execution
CVSS 8.8
CVE-2017-2394 HIGH
Apple <10.3 - Remote Code Execution
CVSS 8.8
CVE-2017-2392 HIGH
Safari < 10.1 - Remote Code Execution via Memory Corruption in WebKit
CVSS 7.8
CVE-2017-2379 HIGH
Apple <10.3 - Remote Code Execution
CVSS 7.8
CVE-2017-2377 HIGH
Safari < 10.1 and iPhone OS < 10.3 - Denial of Service via WebKit Web Inspector Window-Close Action
CVSS 7.5
CVE-2017-2775 HIGH
LabVIEW 2016 Evaluation < 16.0.0.49152 - Memory Corruption via LvVariantUnflatten
CVSS 7.5
CVE-2017-3010 CRITICAL
Adobe Acrobat and Reader <= 11.0.18, 15.006.30244, 15.020.20042 - Memory Corruption in Rendering Engine
CVSS 9.8
CVE-2017-7310 HIGH
DiskBoss < 8.9 - Buffer Overflow via Import Command XML Name Attribute
CVSS 7.8
CVE-2017-5238 MEDIUM
Eview EV-07S GPS Tracker - Memory Corruption via Input Configuration Overflow
CVSS 5.3
Details
Vulnerabilities 14,000
Exploit Likelihood High