CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,002 vulnerabilities with CWE-119
CVE-2016-7820 HIGH
I-O DATA TS-WRLP and TS-WRLA < 1.01.02 - Authenticated Buffer Overflow
CVSS 7.2
CVE-2016-4973 HIGH
GNU libssp - Buffer Overflow via Missing Object Size Checking
CVSS 7.8
CVE-2016-3077 MEDIUM
oVirt Engine - Denial of Service via VersionMapper.fromKernelVersionString
CVSS 6.5
CVE-2016-10377 HIGH
Openvswitch - Memory Corruption
CVSS 8.8
CVE-2016-10375 CRITICAL
yodl < 3.06.00 - Buffer Over-read in queue_push Function
CVSS 9.8
CVE-2016-10239 HIGH
Android - Buffer Overflow and Buffer Over-Read via TrustZone Access Control Policy Bypass
CVSS 7.8
CVE-2016-10350 MEDIUM
libarchive 3.2.2 - Denial of Service via Crafted CAB File
CVSS 5.5
CVE-2016-10349 MEDIUM
libarchive 3.2.2 - Denial of Service via Heap-Based Buffer Over-Read in archive_le32dec
CVSS 5.5
CVE-2016-8030 MEDIUM
McAfee VirusScan Enterprise <8.8 - Memory Corruption
CVSS 4.3
CVE-2016-6915 HIGH
NVIDIA Shield Tablet Firmware < 4.3.0 - Stack-based Buffer Overflow in nvhost_job.c
CVSS 7.8
CVE-2016-6917 HIGH
NVIDIA Shield Tablet Firmware < 4.3.0, Shield Tablet TK1 Firmware < 1.4.0, Shield TV Firmware < 3.2 - Buffer Overflow
CVSS 7.8
CVE-2016-3076 MEDIUM
Pillow 2.5.0-3.1.1 - Heap-Based Buffer Overflow in j2k_encode_entry
CVSS 5.5
CVE-2016-1558 CRITICAL
D-Link DAP-2310/2330/2360/2553/2660/2690/2695/3320/3662 Buffer Overflow via dlink_uid Cookie
CVSS 9.8
CVE-2016-10091 HIGH
unrtf 0.21.9 - Stack-Based Buffer Overflow in cmd_expand, cmd_emboss, or cmd_engrave Functions
CVSS 7.5
CVE-2016-4650 HIGH
iPhone OS < 9.3.2, macOS < 10.11.5, tvOS < 9.2.1 - Remote Code Execution via IOHIDFamily Heap Overflow
CVSS 7.8
CVE-2016-4293 HIGH
Hancom Office 2014 VP - Buffer Overflow
CVSS 7.8
CVE-2016-3036 HIGH
IBM Cognos TM1 10.1-10.2 - Denial of Service via Stack-Based Buffer Overflow
CVSS 7.5
CVE-2016-10326 HIGH
GNU oSIP 4.1.0 - Denial of Service via Heap Buffer Overflow in osip_body_to_str
CVSS 7.5
CVE-2016-10325 HIGH
GNU oSIP 4.1.0 - Remote Denial of Service via Malformed SIP Message
CVSS 7.5
CVE-2016-10324 CRITICAL
GNU oSIP 4.1.0 - Heap Buffer Overflow via Malformed SIP Message
CVSS 9.8
CVE-2016-9958 HIGH
Opensuse Leap < 0.6.0 - Memory Corruption
CVSS 7.8
CVE-2016-9957 HIGH
Opensuse Leap < 0.6.0 - Memory Corruption
CVSS 7.8
CVE-2016-6808 CRITICAL
Apache Tomcat JK Connector < 1.2.42 - Buffer Overflow
CVSS 9.8
CVE-2016-4459 HIGH
mod_cluster - Stack-based Buffer Overflow in mod_manager/node.c
CVSS 7.5
CVE-2016-10311 CRITICAL
SAP NetWeaver 7.0-7.5 - Denial of Service via SAPSTARTSRV Port Crafted Packet
CVSS 9.8
Details
Vulnerabilities 14,002
Exploit Likelihood High