CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,004 vulnerabilities with CWE-119
CVE-2016-10054 HIGH
ImageMagick <6.9.5-8 - Buffer Overflow
CVSS 7.8
CVE-2016-10052 HIGH
ImageMagick <6.9.5.6 - Buffer Overflow
CVSS 7.8
CVE-2016-10050 HIGH
ImageMagick 6.9.4-8 - Buffer Overflow
CVSS 7.8
CVE-2016-10049 HIGH
ImageMagick <6.9.4.4 - Buffer Overflow
CVSS 7.8
CVE-2016-10046 MEDIUM
ImageMagick <6.9.5.5 - Buffer Overflow
CVSS 5.5
CVE-2016-10255 MEDIUM
elfutils < 0.167 - Denial of Service via Crafted ELF Header Values
CVSS 5.5
CVE-2016-10254 MEDIUM
elfutils < 0.167 - Denial of Service via Crafted ELF File
CVSS 5.5
CVE-2016-10253 CRITICAL
Erlang/OTP 18.x - Heap Overflow via Malformed Regular Expression Extpattern
CVSS 9.8
CVE-2016-8971 MEDIUM
IBM WebSphere MQ 8.0 - Memory Corruption
CVSS 6.5
CVE-2016-8863 CRITICAL
Portable UPnP SDK <1.6.21 - Buffer Overflow
CVSS 9.8
CVE-2016-10040 MEDIUM
Qt QXmlSimpleReader - Stack-based Buffer Overflow via Nested XML Tags
CVSS 5.5
CVE-2016-7970 HIGH
Fedora < 0.13.3 - Memory Corruption
CVSS 7.5
CVE-2016-10067 HIGH
ImageMagick < 6.9.4-4 - Denial of Service via Exception Handling Buffer Overflow
CVSS 7.5
CVE-2016-10064 HIGH
ImageMagick <6.9.5-1 - Buffer Overflow
CVSS 7.8
CVE-2016-10063 HIGH
ImageMagick <6.9.5.1 - Buffer Overflow
CVSS 7.8
CVE-2016-9823 MEDIUM
libav 11.8 - Denial of Service via Crafted File in libavcodec/x86/mpegvideo.c
CVSS 5.5
CVE-2016-10095 MEDIUM
LibTIFF 4.0.0alpha4-4.0.8 - Stack-based Buffer Overflow in _TIFFVGetField
CVSS 5.5
CVE-2016-10093 HIGH
LibTIFF 3.9.3-4.0.7 - Heap-Based Buffer Overflow via Crafted Image
CVSS 7.8
CVE-2016-10092 HIGH
LibTIFF 3.9.3-4.0.6 - Heap-based Buffer Overflow in readContigStripsIntoBuffer
CVSS 7.8
CVE-2016-10207 HIGH
Opensuse Leap - Memory Corruption
CVSS 7.5
CVE-2016-8715 HIGH
Iceni Argus <6.6.05 - Memory Corruption
CVSS 7.8
CVE-2016-4492 MEDIUM
libiberty - Buffer Overflow in do_type Function
CVSS 4.4
CVE-2016-4491 MEDIUM
GNU libiberty - Denial of Service via Crafted Binary in d_print_comp
CVSS 5.5
CVE-2016-2226 HIGH
GNU libiberty - Remote Code Execution via Integer Overflow in cplus-dem.c
CVSS 7.8
CVE-2016-8998 HIGH
IBM Tivoli Storage Manager Server 7.1 - Code Injection
CVSS 7.2
Details
Vulnerabilities 14,004
Exploit Likelihood High