CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,002 vulnerabilities with CWE-119
CVE-2016-10425 CRITICAL
Qualcomm MDM9206 and Snapdragon Firmware - Buffer Overflow via GPT Listener Response
CVSS 9.8
CVE-2016-10420 MEDIUM
Qualcomm Snapdragon Mobile and Wear Firmware - Denial of Service via FLV Playback Seek Table Handling
CVSS 5.5
CVE-2016-10419 CRITICAL
Qualcomm Snapdragon Mobile Firmware - Memory Corruption via Uninitialized Scheduler Object
CVSS 9.8
CVE-2016-10410 CRITICAL
Qualcomm MDM9206 and Snapdragon Firmware - Buffer Overflow in RTP during VoLTE Call
CVSS 9.8
CVE-2016-10393 CRITICAL
Android - Buffer Overflow via Large Clip Size Integer Arithmetic
CVSS 9.8
CVE-2016-8783 HIGH
Huawei H60 <H60-L02_6.12.16 - Memory Corruption
CVSS 7.8
CVE-2016-5179 CRITICAL
Chrome OS < 53.0.2785.144 - Remote Code Execution
CVSS 9.8
CVE-2016-8512 CRITICAL
HPE LoadRunner & Performance Center - RCE
CVSS 9.8
CVE-2016-10713 MEDIUM
GNU patch < 2.7.6 - Denial of Service via Crafted Input File
CVSS 5.5
CVE-2016-6169 HIGH
Foxit Reader & PhantomPDF <7.3.4.311 - Buffer Overflow
CVSS 7.8
CVE-2016-2541 MEDIUM
Audacity < 2.1.2 - Denial of Service via Crafted MP2 File
CVSS 5.5
CVE-2016-2540 MEDIUM
Audacity < 2.1.2 - Denial of Service via Crafted FORMATCHUNK Structure
CVSS 5.5
CVE-2016-5345 HIGH
Android - Buffer Overflow in Qualcomm Radio Driver
CVSS 7.0
CVE-2016-1254 HIGH
Tor < 0.2.8.12 - Denial of Service via Crafted Hidden Service Descriptor
CVSS 7.5
CVE-2016-10504 MEDIUM
OpenJPEG < 2.2.0 - Heap-Based Buffer Overflow in opj_mqc_byteout
CVSS 6.5
CVE-2016-5871 CRITICAL
Qualcomm Android CAF - Integer Overflow to Buffer Overflow in Image File Loading
CVSS 9.8
CVE-2016-10392 CRITICAL
Google Android - Memory Corruption
CVSS 9.8
CVE-2016-10389 HIGH
Qualcomm Android CAF - Memory Corruption via NAND Partition Flashing
CVSS 7.8
CVE-2016-10343 CRITICAL
Qualcomm Android CAF - Memory Leak via SSL Handshake Failure
CVSS 9.8
CVE-2016-6817 HIGH
Apache Tomcat 8.5.0-8.5.6 and 9.0.0.M1-9.0.0.M11 - Denial of Service via HTTP/2 Header Parser
CVSS 7.5
CVE-2016-10402 HIGH
Avira Antivirus < 8.3.36.59 - Remote Code Execution via PE Section Header Integer Overflow
CVSS 7.8
CVE-2016-10395 HIGH
FlexNet Publisher < 11.14.1.1 - Out-of-Bounds Memory Read via Named Pipe
CVSS 7.8
CVE-2016-10342 HIGH
Android - Buffer Overflow in Syscall Handler
CVSS 7.8
CVE-2016-10340 HIGH
Android - Buffer Overflow via Integer Underflow in Syscall Handler
CVSS 7.8
CVE-2016-7837 HIGH
BlueZ < 5.41 - Buffer Overflow via parse_line Function
CVSS 7.8
Details
Vulnerabilities 14,002
Exploit Likelihood High