CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,002 vulnerabilities with CWE-119
CVE-2017-5548 HIGH
Linux Kernel 4.9.x < 4.9.6 - Denial of Service via ATUSB Driver DMA Scatterlist Handling
CVSS 7.8
CVE-2017-5547 HIGH
Linux Kernel 4.4-4.4.45 - Denial of Service via HID Corsair Driver DMA Scatterlist Handling
CVSS 7.8
CVE-2017-3824 MEDIUM
Cisco IOS XE 15.5(3)S 15.6(1)S - Unauthenticated Denial of Service via List Header Handling
CVSS 6.8
CVE-2017-3790 HIGH
Cisco Expressway Series/Cisco VCS - DoS
CVSS 8.6
CVE-2017-3823 HIGH
Cisco WebEx Chrome Extension RCE (CVE-2017-3823)
CVSS 8.8
CVE-2017-5486 CRITICAL
tcpdump < 4.8.1 - Buffer Overflow in ISO CLNS Parser
CVSS 9.8
CVE-2017-5485 CRITICAL
tcpdump < 4.8.1 - Buffer Overflow in ISO CLNS Parser
CVSS 9.8
CVE-2017-5484 CRITICAL
tcpdump < 4.8.1 - Buffer Overflow in ATM Parser
CVSS 9.8
CVE-2017-5483 CRITICAL
tcpdump < 4.8.1 - Buffer Overflow in SNMP Parser
CVSS 9.8
CVE-2017-5482 CRITICAL
tcpdump < 4.8.1 - Buffer Overflow in Q.933 Parser
CVSS 9.8
CVE-2017-5342 CRITICAL
tcpdump < 4.8.1 - Buffer Overflow in Ethernet Frame Printer
CVSS 9.8
CVE-2017-5341 CRITICAL
tcpdump < 4.8.1 - Buffer Overflow in OTV Parser
CVSS 9.8
CVE-2017-5205 CRITICAL
tcpdump < 4.9.0 - Buffer Overflow in ISAKMP Parser
CVSS 9.8
CVE-2017-5204 CRITICAL
tcpdump < 4.9.0 - Buffer Overflow in IPv6 Parser
CVSS 9.8
CVE-2017-5203 CRITICAL
tcpdump < 4.9.0 - Buffer Overflow in BOOTP Parser
CVSS 9.8
CVE-2017-5202 CRITICAL
tcpdump < 4.9.0 - Buffer Overflow in ISO CLNS Parser
CVSS 9.8
CVE-2017-5495 HIGH
Quagga 0.93-1.1.0 - Unauthenticated Denial of Service via Telnet VTY Input Buffer
CVSS 7.5
CVE-2017-2972 HIGH
Adobe Acrobat and Reader < 11.0.18, < 15.006.30244, < 15.020.20042 - Memory Corruption via JPEG Image Parsing
CVSS 7.8
CVE-2017-2971 HIGH
Adobe Acrobat and Reader <= 11.0.18, <= 15.006.30244, <= 15.020.20042 - Heap Overflow in JPEG Decoder
CVSS 7.8
CVE-2017-2970 HIGH
Adobe Acrobat and Reader <= 11.0.18, <= 15.006.30244, <= 15.020.20042 - Heap Overflow via XSLT Template Manipulation
CVSS 7.8
CVE-2017-5364 HIGH
Foxit PDF Toolkit 1.3 - Memory Corruption via Crafted PDF File
CVSS 7.8
CVE-2017-5225 HIGH
libtiff 4.0.7 - Heap Buffer Overflow via Crafted BitsPerSample Value
CVSS 8.8
CVE-2017-2967 HIGH
Adobe Acrobat and Reader < 11.0.18, < 15.006.30244, < 15.020.20042 - Memory Corruption in XFA Engine
CVSS 7.8
CVE-2017-2966 HIGH
Adobe Acrobat and Reader < 11.0.18, < 15.006.30244, < 15.020.20042 - Heap Overflow via TIFF Image Parsing
CVSS 7.8
CVE-2017-2965 HIGH
Adobe Acrobat and Reader < 11.0.18, 15.006.30244, 15.020.20042 - Memory Corruption via TIFF Parsing
CVSS 7.8
Details
Vulnerabilities 14,002
Exploit Likelihood High