CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,002 vulnerabilities with CWE-119
CVE-2017-2372 HIGH
Logic Pro X < 10.3 and GarageBand < 10.1.5 - Remote Code Execution via Crafted Project File
CVSS 8.8
CVE-2017-2370 HIGH
Apple <10.2.1, <10.12.3, <10.1.1, <3.1.3 - RCE/DoS
CVSS 7.8
CVE-2017-2369 HIGH
Apple <10.2.1, <10.0.3, <10.1.1 - RCE
CVSS 8.8
CVE-2017-2366 HIGH
Apple <10.2.1, <10.0.3, <6.1.1, <12.5.5 - RCE/DoS
CVSS 8.8
CVE-2017-2362 HIGH
Apple <10.2.1, <10.0.3, <10.1.1 - RCE
CVSS 8.8
CVE-2017-2358 HIGH
macOS < 10.12.3 - Memory Corruption in Graphics Drivers
CVSS 7.8
CVE-2017-2356 HIGH
Apple <10.2.1, <10.0.3, <6.1.1, <12.5.5, <10.1.1 - RCE/DoS
CVSS 8.8
CVE-2017-2355 HIGH
Apple <10.2.1, <10.0.3, <6.1.1, <12.5.5, <10.1.1 - RCE/DoS
CVSS 8.8
CVE-2017-2354 HIGH
Apple <10.2.1, <10.0.3, <6.1.1, <12.5.5, <10.1.1 - RCE/DoS
CVSS 8.8
CVE-2017-5025 MEDIUM
Google Chrome < 56.0.2924.76 - Heap Corruption via Crafted Video File
CVSS 5.5
CVE-2017-5024 MEDIUM
Google Chrome < 56.0.2924.76 - Heap Corruption via Crafted Video File
CVSS 5.5
CVE-2017-5014 MEDIUM
Google Chrome <56.0.2924.76-56.0.2924.87 - Buffer Overflow
CVSS 6.3
CVE-2017-5012 HIGH
Google Chrome <56.0.2924.76-56.0.2924.87 - Buffer Overflow
CVSS 8.8
CVE-2017-5009 HIGH
Google Chrome <56.0.2924.76-56.0.2924.87 - Heap Corruption
CVSS 8.8
CVE-2017-6010 MEDIUM
icoutils 0.31.1 - Buffer Overflow in extract_icons Function
CVSS 5.5
CVE-2017-6009 MEDIUM
icoutils 0.31.1 - Buffer Overflow in decode_ne_resource_id Function
CVSS 5.5
CVE-2017-0324 HIGH
NVIDIA Windows GPU Display Driver - Denial of Service or Privilege Escalation via DxgkDdiEscape Buffer Handling
CVSS 7.8
CVE-2017-0314 HIGH
NVIDIA Windows GPU Display Driver - Denial of Service or Privilege Escalation via SubmitCommandVirtual DDI
CVSS 7.8
CVE-2017-0313 HIGH
NVIDIA Windows GPU Display Driver - Denial of Service or Privilege Escalation via SubmitCommandVirtual DDI
CVSS 7.8
CVE-2017-0308 HIGH
NVIDIA Windows GPU Display Driver - Denial of Service or Privilege Escalation via DxgkDdiEscape Buffer Size Calculation
CVSS 8.8
CVE-2017-2973 CRITICAL
Adobe Digital Editions <= 4.5.3 - Heap Overflow
CVSS 9.8
CVE-2017-3807 HIGH
Cisco Adaptive Security Appliance Software 9.0-9.6 - Authenticated Heap Overflow via Clientless SSL VPN CIFS URL
CVSS 8.8
CVE-2017-0407 HIGH
Android 6.0 6.0.1 7.0 7.1.1 - Remote Code Execution in Mediaserver libhevc
CVSS 7.8
CVE-2017-0406 HIGH
Android 6.0 6.0.1 7.0 7.1.1 - Remote Code Execution in Mediaserver libhevc
CVSS 7.8
CVE-2017-0405 HIGH
Android 7.0, 7.1.1 - Remote Code Execution via Surfaceflinger Media File Processing
CVSS 7.8
Details
Vulnerabilities 14,002
Exploit Likelihood High