CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,000 vulnerabilities with CWE-119
CVE-2017-7275 MEDIUM
ImageMagick 7.0.4.9 - Denial of Service via Crafted PCX File
CVSS 5.5
CVE-2017-6542 CRITICAL
PuTTY < 0.68 - Buffer Overflow via SSH Agent Protocol Message
CVSS 9.8
CVE-2017-6462 HIGH
NTP < 4.2.8p10 and 4.3.x < 4.3.94 - Buffer Overflow in DPTS Refclock Driver
CVSS 7.8
CVE-2017-6460 HIGH
NTP < 4.2.8p10 and 4.3.x < 4.3.94 - Stack-based Buffer Overflow via Long Flagstr in Restriction List Response
CVSS 8.8
CVE-2017-6459 MEDIUM
NTP < 4.2.8p10 and 4.3.x < 4.3.94 - Local Buffer Overflow via Null Byte Argument
CVSS 5.5
CVE-2017-6458 HIGH
NTP < 4.2.8p10 and 4.3.x < 4.3.94 - Authenticated Buffer Overflow via ctl_put* Functions
CVSS 8.8
CVE-2017-6452 HIGH
NTP < 4.2.8p10 and 4.3.x < 4.3.94 - Stack-based Buffer Overflow via Windows Installer Application Path
CVSS 7.8
CVE-2017-6957 HIGH
Broadcom Wi-Fi HardMAC SoC - Buffer Overflow
CVSS 8.1
CVE-2017-5511 CRITICAL
ImageMagick < 6.9.7-3 - Heap-Based Buffer Overflow in PSD Coder
CVSS 9.8
CVE-2017-5508 MEDIUM
ImageMagick - Heap-based Buffer Overflow in PushQuantumPixel via Crafted TIFF File
CVSS 5.5
CVE-2017-5337 CRITICAL
GnuTLS <3.3.26, <3.5.8 - Buffer Overflow
CVSS 9.8
CVE-2017-5336 CRITICAL
GnuTLS <3.3.26, <3.5.8 - Buffer Overflow
CVSS 9.8
CVE-2017-7246 HIGH
PCRE 8.40 - Stack-Based Buffer Overflow in pcre32_copy_substring
CVSS 7.8
CVE-2017-7245 HIGH
PCRE 8.40 - Stack-Based Buffer Overflow in pcre32_copy_substring
CVSS 7.8
CVE-2017-6191 HIGH
apng_disassembler < 2.8 - Remote Code Execution via Crafted Filename
CVSS 7.8
CVE-2017-3853 CRITICAL
Cisco IOx 1.0.0.0-1.1.0.0 - Unauthenticated Remote Code Execution via Crafted Packets
CVSS 9.8
CVE-2017-7231 HIGH
pngdefry <2017-03-22 - Buffer Overflow
CVSS 7.8
CVE-2017-7230 CRITICAL
Disk Sorter Enterprise <9.5.12 - RCE
CVSS 9.8
CVE-2017-7227 HIGH
GNU Binutils 2.28 - Heap-Based Buffer Overflow in ldlex.l
CVSS 7.5
CVE-2017-7223 HIGH
GNU Binutils 2.28 - Buffer Overflow
CVSS 7.5
CVE-2017-7210 MEDIUM
GNU Binutils <2.28 - Buffer Overflow
CVSS 5.5
CVE-2017-6836 MEDIUM
Audio File Library <0.3.6 - Buffer Overflow
CVSS 5.5
CVE-2017-6834 MEDIUM
Audio File Library <0.3.6 - Buffer Overflow
CVSS 5.5
CVE-2017-6832 MEDIUM
Audio File Library <0.3.6 - Buffer Overflow
CVSS 5.5
CVE-2017-6831 MEDIUM
Audio File Library <0.3.7 - Buffer Overflow
CVSS 5.5
Details
Vulnerabilities 14,000
Exploit Likelihood High