CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,002 vulnerabilities with CWE-119
CVE-2017-6949 HIGH
CHICKEN Scheme <4.12.0 - Buffer Overflow
CVSS 8.1
CVE-2017-5505 MEDIUM
JasPer - Denial of Service via Invalid Memory Read in jas_matrix_asl
CVSS 5.5
CVE-2017-6023 CRITICAL
Fatek Ethernet Module Configuration Tool < 3.6 Build 170215 - Stack-based Buffer Overflow
CVSS 9.8
CVE-2017-5522 CRITICAL
MapServer Stack-based Buffer Overflow via WFS Get Feature Requests
CVSS 9.8
CVE-2017-6429 HIGH
Tcpreplay < 4.2.0 Beta 1 - Buffer Overflow in tcpcapinfo via Oversize Packet
CVSS 7.8
CVE-2017-5580 HIGH
virglrenderer < 0.5.0 - Denial of Service via Crafted Texture Instruction
CVSS 7.1
CVE-2017-5358 CRITICAL
EasyCom for PHP 4.0.0.29 - Buffer Overflow
CVSS 9.8
CVE-2017-6852 HIGH
JasPer < 2.0.9 - Heap-Based Buffer Overflow in jpc_dec_decodepkt
CVSS 7.8
CVE-2017-6844 HIGH
PoDoFo 0.9.4 - Buffer Overflow in PdfParser::ReadXRefSubsection
CVSS 7.8
CVE-2017-6843 HIGH
PoDoFo 0.9.4 - Heap-Based Buffer Overflow in PdfVariant::DelayedLoad
CVSS 7.8
CVE-2017-6828 HIGH
audiofile 0.3.6 - Heap-Based Buffer Overflow in FileHandle.cpp readValue Function
CVSS 7.8
CVE-2017-6827 HIGH
audiofile 0.3.6 - Heap-based Buffer Overflow in MSADPCM::initializeCoefficients
CVSS 7.8
CVE-2017-6436 MEDIUM
libplist 1.12 - Denial of Service via Crafted plist File
CVSS 5.0
CVE-2017-6435 MEDIUM
libplist - Memory Corruption via Crafted plist File
CVSS 5.0
CVE-2017-6209 MEDIUM
virglrenderer < 0.5.0 - Stack-based Buffer Overflow in TGSI Text Parser
CVSS 6.5
CVE-2017-5994 MEDIUM
virglrenderer < 0.5.0 - Heap-Based Buffer Overflow via num_elements Parameter
CVSS 5.5
CVE-2017-2997 HIGH
Adobe Flash Player <= 24.0.0.221 - Buffer Overflow in Primetime TVSDK
CVSS 8.8
CVE-2017-6596 MEDIUM
partclone 0.2.89 - Denial of Service via Heap-Based Buffer Overflow in Image Header
CVSS 5.5
CVE-2017-6506 CRITICAL
Azure Data Expert Ultimate 2.2.16 - Remote Code Execution via SMTP 220 String Buffer Overflow
CVSS 9.8
CVE-2017-6427 HIGH
EvoStream Media Server 1.7.1 - Buffer Overflow via Malicious HTTP Header
CVSS 7.5
CVE-2017-2788 CRITICAL
Pharos PopUp Printer Client 9.0 - Heap-Based Buffer Overflow via Crafted Packet
CVSS 10.0
CVE-2017-2787 CRITICAL
Pharos PopUp Printer Client 9.0 - Heap-Based Buffer Overflow via Crafted Packet
CVSS 9.0
CVE-2017-2785 CRITICAL
Pharos PopUp Printer Client 9.0 - Remote Code Execution via Crafted Packet
CVSS 10.0
CVE-2017-6465 CRITICAL
FTPShell Client 6.53 - Remote Code Execution via PWD Response Buffer Overflow
CVSS 9.8
CVE-2017-6548 CRITICAL
ASUS RT-AC53 and other ASUS routers - Remote Code Execution via Networkmap Buffer Overflow
CVSS 9.8
Details
Vulnerabilities 14,002
Exploit Likelihood High