CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,002 vulnerabilities with CWE-119
CVE-2016-5800 HIGH
Fatek Automation PM Designer <2.1.2.2 - Buffer Overflow
CVSS 7.5
CVE-2016-7576 HIGH
iPhone OS < 9.3.3 - Memory Corruption in Kernel
CVSS 7.8
CVE-2016-2123 HIGH
Samba 4.0.0-4.5.2 - Authenticated Memory Corruption via LDAP dnsRecord Attribute
CVSS 8.8
CVE-2016-4404 CRITICAL
HP KeyView < 11.2 - Remote Code Execution via Memory Allocation Issue
CVSS 9.8
CVE-2016-4403 CRITICAL
HP KeyView < 11.2 - Remote Code Execution via Memory Corruption in Filter SDK
CVSS 9.8
CVE-2016-4402 CRITICAL
HP KeyView < 11.2 - Remote Code Execution via Buffer Overflow in Filter SDK
CVSS 9.8
CVE-2016-8654 HIGH
jasper < 2.0.0 - Heap-Based Buffer Overflow in QMFB JPC Codec
CVSS 7.8
CVE-2016-9581 LOW
OpenJPEG 2.1.2 - Heap Buffer Overflow in convert_32s_C1P1
CVSS 3.3
CVE-2016-9597 HIGH
Ubuntu Linux - Denial of Service via Stack Overflow in libxml2
CVSS 7.5
CVE-2016-9603 MEDIUM
QEMU < 2.9.0 - Heap Buffer Overflow in Cirrus CLGD 54xx VGA Emulator
CVSS 5.5
CVE-2016-9577 HIGH
spice < 0.13.90 - Authenticated Heap Overflow via Crafted Protocol Messages
CVSS 7.5
CVE-2016-6563 CRITICAL
D-Link DIR Routers - Stack-Based Buffer Overflow via Malformed SOAP HNAP Login Action
CVSS 9.8
CVE-2016-6559 CRITICAL
FreeBSD - Memory Corruption in link_ntoa() Function
CVSS 9.8
CVE-2016-9897 HIGH
Redhat Enterprise Linux Server < 50.1 - Memory Corruption
CVSS 7.5
CVE-2016-9894 HIGH
Firefox < 50.1 - Buffer Overflow in SkiaGl GrGLBuffer Allocation
CVSS 7.5
CVE-2016-9893 CRITICAL
Debian Linux < 45.6.0 - Memory Corruption
CVSS 9.8
CVE-2016-9080 CRITICAL
Firefox < 50.1 - Memory Corruption
CVSS 9.8
CVE-2016-9066 HIGH
Thunderbird <45.5-Firefox <50 - Buffer Overflow
CVSS 7.5
CVE-2016-5296 HIGH
Firefox < 45.5.0 - Heap Buffer Overflow via SVG Content Processing
CVSS 7.5
CVE-2016-5290 CRITICAL
Firefox < 50 and Firefox ESR < 45.5 - Memory Corruption
CVSS 9.8
CVE-2016-5289 CRITICAL
Firefox < 50.0 - Memory Corruption and Remote Code Execution
CVSS 9.8
CVE-2016-10523 HIGH
mqtt-packet < 3.4.6 - Denial of Service via Crafted MQTT Packets
CVSS 7.5
CVE-2016-10518 HIGH
WS < 1.0.1 - Memory Corruption
CVSS 7.5
CVE-2016-10722 CRITICAL
partclone < 0.2.88 - Heap-Based Buffer Overflow via FAT Superblock Validation
CVSS 9.8
CVE-2016-10721 CRITICAL
partclone 0.2.87 - Heap-Based Buffer Overflow via Image Header Validation
CVSS 9.8
Details
Vulnerabilities 14,002
Exploit Likelihood High