CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,000 vulnerabilities with CWE-119
CVE-2017-6830 MEDIUM
Audio File Library <0.3.6 - Buffer Overflow
CVSS 5.5
CVE-2017-7187 HIGH
Linux kernel <4.10.4 - Buffer Overflow
CVSS 7.8
CVE-2017-7186 HIGH
PCRE 8.40 and PCRE2 10.23 - Denial of Service via Invalid Unicode Property Lookup
CVSS 7.5
CVE-2017-3879 MEDIUM
Cisco NX-OS on Nexus 9000 Series Switches - Unauthenticated Denial of Service via Remote Login
CVSS 5.3
CVE-2017-3878 MEDIUM
Cisco NX-OS on Nexus 9000 Series Switches - Unauthenticated Denial of Service via Telnet Login
CVSS 5.3
CVE-2017-3870 MEDIUM
Cisco Web Security Appliance - URL Filter Bypass via Email Scanning
CVSS 5.8
CVE-2017-6880 CRITICAL
Cerberus FTP Server <8.0.10.3 - Buffer Overflow
CVSS 9.8
CVE-2017-6965 MEDIUM
GNU Binutils <2.28 - Buffer Overflow
CVSS 5.5
CVE-2017-0151 HIGH
Microsoft Edge - Remote Code Execution via Memory Corruption in Scripting Engine
CVSS 7.5
CVE-2017-0150 HIGH
Microsoft Edge - Remote Code Execution via Memory Corruption in Scripting Engine
CVSS 7.5
CVE-2017-0138 HIGH
Microsoft Edge - Remote Code Execution via Memory Corruption in Scripting Engine
CVSS 7.5
CVE-2017-0137 HIGH
Microsoft Edge - Remote Code Execution via Memory Corruption in Scripting Engine
CVSS 7.5
CVE-2017-0136 HIGH
Microsoft Edge - Remote Code Execution via Memory Corruption in Scripting Engine
CVSS 7.5
CVE-2017-0134 HIGH
Microsoft Edge - Remote Code Execution via Memory Corruption in Scripting Engine
CVSS 7.5
CVE-2017-0133 HIGH
Microsoft Edge - Remote Code Execution via Memory Corruption in Scripting Engine
CVSS 7.5
CVE-2017-0132 HIGH
Microsoft Edge - Remote Code Execution via Memory Corruption in Scripting Engine
CVSS 7.5
CVE-2017-0131 HIGH
Microsoft Edge - Remote Code Execution via Memory Corruption in Scripting Engine
CVSS 7.5
CVE-2017-0130 HIGH
Internet Explorer 9-11 - Remote Code Execution via Scripting Engine Memory Corruption
CVSS 7.5
CVE-2017-0108 HIGH
Microsoft Live Meeting - Memory Corruption
CVSS 7.8
CVE-2017-0103 HIGH
Microsoft Windows Privilege Escalation via Registry Object Mishandling
CVSS 7.0
CVE-2017-0102 HIGH
Windows Privilege Escalation via Improper Memory Buffer Length Validation
CVSS 7.8
CVE-2017-0101 HIGH KEV
Microsoft Windows - Local Privilege Escalation via Transaction Manager Kernel Driver
CVSS 7.8
CVE-2017-0094 HIGH
Microsoft Edge - Remote Code Execution via Memory Corruption in Scripting Engine
CVSS 7.5
CVE-2017-0090 HIGH
Microsoft Windows Vista SP2, Server 2008 SP2/R2 SP1, 7 SP1 - Remote Code Execution via Uniscribe
CVSS 8.8
CVE-2017-0089 HIGH
Microsoft Windows Uniscribe - Remote Code Execution via Crafted Website
CVSS 8.8
Details
Vulnerabilities 14,000
Exploit Likelihood High