CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,004 vulnerabilities with CWE-119
CVE-2016-1245 CRITICAL
Quagga <1.0.20161017 - Buffer Overflow
CVSS 9.8
CVE-2016-9400 CRITICAL
Teeworlds < 0.6.4 - Remote Code Execution via Snap Handling
CVSS 9.8
CVE-2016-7663 CRITICAL
iPhone OS < 10.2, macOS < 10.12.2, watchOS < 3.1.3 - Remote Code Execution via Crafted String
CVSS 9.8
CVE-2016-7659 HIGH
iPhone OS < 10.2, macOS < 10.12.2, watchOS < 3.1.3 - Remote Code Execution via Crafted Audio File
CVSS 8.8
CVE-2016-7658 HIGH
iPhone OS < 10.2, macOS < 10.12.2, watchOS < 3.1.3 - Remote Code Execution via Crafted Audio File
CVSS 8.8
CVE-2016-7656 HIGH
iPhone OS < 10.2, Safari < 10.0.2, iCloud < 6.1, iTunes < 12.5.4 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2016-7654 HIGH
iPhone OS < 10.2, Safari < 10.0.2, iCloud < 6.1, iTunes < 12.5.4 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2016-7652 HIGH
iPhone OS < 10.2, Safari < 10.0.2, iTunes < 12.5.4, iCloud < 6.1 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2016-7649 HIGH
iPhone OS < 10.2, Safari < 10.0.2, iCloud < 6.1, iTunes < 12.5.4 - Remote Code Execution in WebKit
CVSS 8.8
CVE-2016-7648 HIGH
iPhone OS < 10.2, Safari < 10.0.2, iCloud < 6.1, iTunes < 12.5.4 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2016-7646 HIGH
iPhone OS < 10.2, Safari < 10.0.2, iCloud < 6.1, iTunes < 12.5.4 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2016-7645 HIGH
iPhone OS < 10.2, Safari < 10.0.2, iCloud < 6.1, iTunes < 12.5.4 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2016-7642 HIGH
iPhone OS < 10.2, Safari < 10.0.2, iCloud < 6.1, iTunes < 12.5.4 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2016-7641 HIGH
iPhone OS < 10.2, Safari < 10.0.2, iCloud < 6.1, iTunes < 12.5.4 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2016-7640 HIGH
iPhone OS < 10.2, Safari < 10.0.2, iCloud < 6.1, iTunes < 12.5.4 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2016-7639 HIGH
iPhone OS < 10.2, Safari < 10.0.2, iCloud < 6.1, iTunes < 12.5.4 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2016-7637 HIGH
iPhone OS < 10.2, macOS < 10.12.2, watchOS < 3.1.3 - Kernel Memory Corruption
CVSS 7.8
CVE-2016-7635 HIGH
iPhone OS < 10.2, Safari < 10.0.2, iCloud < 6.1, iTunes < 12.5.4 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2016-7632 HIGH
iPhone OS < 10.2, Safari < 10.0.2, iCloud < 6.1, iTunes < 12.5.4 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2016-7629 HIGH
macOS < 10.12.2 - Remote Code Execution in kext tools
CVSS 7.8
CVE-2016-7626 HIGH
Apple Iphone OS < 10.2 - Memory Corruption
CVSS 8.8
CVE-2016-7622 HIGH
macOS < 10.12.2 - Remote Code Execution via Crafted .gcx File
CVSS 7.8
CVE-2016-7618 HIGH
macOS < 10.12.2 - Remote Code Execution or Denial of Service via Crafted .gcx File
CVSS 7.8
CVE-2016-7616 HIGH
iPhone OS < 10.2, macOS < 10.12.2, watchOS < 3.1.3 - Remote Code Execution or Denial of Service in Disk Images
CVSS 7.8
CVE-2016-7612 HIGH
iPhone OS < 10.2, macOS < 10.12.2, watchOS < 3.1.3 - Kernel Memory Corruption
CVSS 7.8
Details
Vulnerabilities 14,004
Exploit Likelihood High