CWE-119
High likelihoodImproper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
14,004 vulnerabilities with CWE-119
CVE-2016-9831
HIGH
libming < 0.4.7 - Heap-Based Buffer Overflow in parseSWF_RGBA Function
CVSS 7.8
CVE-2016-9829
HIGH
libming < 0.4.7 - Heap-Based Buffer Overflow in parseSWF_DEFINEFONT Function
CVSS 7.8
CVE-2016-9827
MEDIUM
libming < 0.4.7 - Denial of Service via Crafted SWF File in _iprintf Function
CVSS 5.5
CVE-2016-9773
MEDIUM
ImageMagick 7.0.3.8 - Heap-Based Buffer Overflow in IsPixelGray Function
CVSS 5.5
CVE-2016-8866
HIGH
ImageMagick <7.0.3.8 - Memory Corruption
CVSS 8.8
CVE-2016-8862
HIGH
ImageMagick <7.0.3.3 - Memory Corruption
CVSS 8.8
CVE-2016-8687
HIGH
libarchive 3.2.1 - Denial of Service via Crafted Non-Printable Multibyte Character in Filename
CVSS 7.5
CVE-2016-8684
HIGH
GraphicsMagick 1.3.25 - Memory Corruption
CVSS 7.8
CVE-2016-8683
HIGH
GraphicsMagick 1.3.25 - Memory Corruption
CVSS 7.8
CVE-2016-6832
MEDIUM
libav < 11.3 - Heap-Based Buffer Overflow in ff_audio_resample
CVSS 5.5
CVE-2016-9363
HIGH
Moxa NPort Series - Unauthenticated Remote Code Execution via Buffer Overflow
CVSS 7.3
CVE-2016-8377
HIGH
Fatek Automation PLC WinProladder <3.11 Build 14701 - Buffer Overflow
CVSS 8.0
CVE-2016-8364
CRITICAL
IBHsoftec S7-SoftPLC <4.12b - Memory Corruption
CVSS 9.8
CVE-2016-8352
CRITICAL
Schneider Electric ConneXium - Buffer Overflow
CVSS 10.0
CVE-2016-5805
HIGH
Delta Electronics WPLSoft <V2.42.11 - Buffer Overflow
CVSS 7.8
CVE-2016-5798
HIGH
Fatek PM Designer V3 <2.1.2.2 - Buffer Overflow
CVSS 7.5
CVE-2016-5796
HIGH
Fatek Automation PM Designer V3 <2.1.2.2 - Code Injection
CVSS 8.8
CVE-2016-2148
CRITICAL
BusyBox < 1.25.0 - Heap-Based Buffer Overflow in DHCP Client via OPTION_6RD Parsing
CVSS 9.8
CVE-2016-10192
CRITICAL
FFmpeg < 2.8.10, 3.0.x < 3.0.5, 3.1.x < 3.1.6, 3.2.x < 3.2.2 - Remote Code Execution via Chunk Size Mismatch
CVSS 9.8
CVE-2016-10191
CRITICAL
FFmpeg < 2.8.10, 3.0.x < 3.0.5, 3.1.x < 3.1.6, 3.2.x < 3.2.2 - Remote Code Execution via RTMP Packet Size Mismatch
CVSS 9.8
CVE-2016-10190
CRITICAL
FFmpeg < 2.8.10, 3.0.x < 3.0.5, 3.1.x < 3.1.6, 3.2.x < 3.2.2 - RCE via Negative Chunk Size
CVSS 9.8
CVE-2016-1504
HIGH
dhcpcd < 6.9.4 - Denial of Service via Invalid Option Length
CVSS 7.5
CVE-2016-7800
HIGH
GraphicsMagick < 1.3.25 - Denial of Service via Crafted 8BIM Chunk
CVSS 7.5
CVE-2016-7447
CRITICAL
GraphicsMagick < 1.3.25 - Heap-Based Buffer Overflow in EscapeParenthesis
CVSS 9.8
CVE-2016-7446
CRITICAL
GraphicsMagick 1.3.24 - Buffer Overflow in MVG and SVG Rendering
CVSS 9.8
Details
Vulnerabilities
14,004
Exploit Likelihood
High