CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,002 vulnerabilities with CWE-119
CVE-2017-2964 HIGH
Adobe Acrobat and Reader <= 11.0.18, <= 15.006.30244, <= 15.020.20042 - Memory Corruption via JPEG EXIF Metadata Parsing
CVSS 7.8
CVE-2017-2963 HIGH
Adobe Acrobat and Reader < 11.0.18, < 15.006.30244, < 15.020.20042 - Memory Corruption via TIFF Color Profile Handling
CVSS 7.8
CVE-2017-2960 HIGH
Adobe Acrobat and Reader < 11.0.18, < 15.006.30244, < 15.020.20042 - Memory Corruption via EXIF Metadata Parsing
CVSS 7.8
CVE-2017-2959 HIGH
Adobe Acrobat/Reader <11.0.18/<15.006.30244/<15.020.20042 RCE via Color Profile Metadata
CVSS 7.8
CVE-2017-2954 HIGH
Adobe Acrobat and Reader < 11.0.18, < 15.006.30244, < 15.020.20042 - Memory Corruption via TIFF Image Parsing
CVSS 7.8
CVE-2017-2953 HIGH
Adobe Acrobat and Reader < 11.0.18, < 15.006.30244, < 15.020.20042 - Memory Corruption via TIFF Image Processing
CVSS 7.8
CVE-2017-2952 HIGH
Adobe Acrobat and Reader <= 11.0.18, <= 15.006.30244, <= 15.020.20042 - Memory Corruption via TIFF Tag Parsing
CVSS 7.8
CVE-2017-2949 HIGH
Adobe Acrobat and Reader < 11.0.18, < 15.006.30244, < 15.020.20042 - Heap Overflow in XSLT Engine
CVSS 7.8
CVE-2017-2948 HIGH
Adobe Acrobat and Reader < 11.0.18, < 15.006.30244, < 15.020.20042 - Memory Corruption in XFA Engine
CVSS 7.8
CVE-2017-2946 HIGH
Adobe Acrobat and Reader < 11.0.18, < 15.006.30244, < 15.020.20042 - Heap Overflow via Non-Graphic Segment Parsing
CVSS 7.8
CVE-2017-2945 HIGH
Adobe Acrobat and Reader < 11.0.18, < 15.006.30244, < 15.020.20042 - Heap Overflow via TIFF Image Parsing
CVSS 7.8
CVE-2017-2944 HIGH
Adobe Acrobat and Reader <= 11.0.18, <= 15.006.30244, < 15.020.20042 - Memory Corruption via TIFF Image Parsing
CVSS 7.8
CVE-2017-2943 HIGH
Adobe Acrobat and Reader < 11.0.18, < 15.006.30244, < 15.020.20042 - Memory Corruption via TIFF Tag Processing
CVSS 7.8
CVE-2017-2942 HIGH
Adobe Acrobat and Reader < 11.0.18, 15.006.30244, 15.020.20042 - Remote Code Execution via TIFF Image Parsing
CVSS 7.8
CVE-2017-2941 HIGH
Adobe Acrobat and Reader Memory Corruption via Compact Font Format Processing
CVSS 7.8
CVE-2017-2940 HIGH
Adobe Acrobat and Reader < 11.0.18, < 15.006.30244, < 15.020.20042 - Memory Corruption via JPEG 2000 File Processing
CVSS 7.8
CVE-2017-2939 HIGH
Adobe Acrobat and Reader Memory Corruption via Malformed Cross-Reference Table
CVSS 7.8
CVE-2017-0003 HIGH
Microsoft SharePoint Enterprise Server 2016 and Word 2016 - Remote Code Execution via Crafted Document
CVSS 7.8
CVE-2017-5217 MEDIUM
Samsung Mobile KK(4.4) L(5.0/5.1) M(6.0) - Denial of Service via Malicious APK Parsing
CVSS 5.5
CVE-2017-5216 MEDIUM
Netop Remote Control <12.21 - Buffer Overflow
CVSS 5.5
CVE-2016-11038 CRITICAL
Samsung Android - Arbitrary Code Execution or Privilege Escalation via Jack Audio Service Shared Memory
CVSS 9.8
CVE-2016-11035 MEDIUM
Android - Kernel Crash via fb0(DECON) Frame Buffer Interface
CVSS 5.5
CVE-2016-11045 HIGH
Android Gallery Library - Memory Corruption via Malformed Image
CVSS 7.8
CVE-2016-3182 MEDIUM
OpenJPEG < 2.1.1 - Denial of Service via Crafted JPEG 2000 File
CVSS 5.5
CVE-2016-10764 CRITICAL
Linux Kernel 4.8-<4.9.6 - Buffer Overflow in cqspi_setup_flash
CVSS 9.8
Details
Vulnerabilities 14,002
Exploit Likelihood High