CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,006 vulnerabilities with CWE-119
CVE-2016-9298 MEDIUM
ImageMagick <6.9.6-4, <7.0.3-6 - Buffer Overflow
CVSS 5.5
CVE-2016-8411 CRITICAL
Android - Buffer Overflow in QMI QOS TLV Processing
CVSS 9.8
CVE-2016-9307 CRITICAL
Autodesk FBX-SDK <2017.1 - Buffer Overflow
CVSS 9.8
CVE-2016-9306 CRITICAL
Autodesk FBX-SDK <2017.1 - Buffer Overflow
CVSS 9.8
CVE-2016-9304 HIGH
Autodesk FBX-SDK <2017.1 - Buffer Overflow
CVSS 8.8
CVE-2016-9303 CRITICAL
Autodesk FBX-SDK <2017.1 - Buffer Overflow
CVSS 9.8
CVE-2016-7567 CRITICAL
OpenSLP 2.0 - Buffer Overflow in SLPFoldWhiteSpace
CVSS 9.8
CVE-2016-6920 HIGH
FFmpeg < 3.1.2 - Heap-Based Buffer Overflow in EXR Decoder
CVSS 7.5
CVE-2016-5873 CRITICAL
pecl_http < 3.0.1 - Remote Code Execution via HTTP URL Parsing Buffer Overflow
CVSS 9.8
CVE-2016-3147 CRITICAL
Landesk Management Suite < 10.0.0.271 - Buffer Overflow via Large Packet
CVSS 9.8
CVE-2016-5321 MEDIUM
Opensuse < 4.0.6 - Memory Corruption
CVSS 6.5
CVE-2016-5319 MEDIUM
libtiff < 4.0.6 - Heap-Based Buffer Overflow in tif_packbits.c
CVSS 6.5
CVE-2016-5318 MEDIUM
libtiff < 4.0.6 - Stack-based Buffer Overflow in _TIFFVGetField
CVSS 6.5
CVE-2016-5317 MEDIUM
libtiff - Buffer Overflow in PixarLogDecode Function
CVSS 6.5
CVE-2016-5200 HIGH
Google Chrome < 54.0.2840.87 - Remote Code Execution via V8 Type Confusion
CVSS 8.8
CVE-2016-5199 HIGH
Google Chrome < 54.0.2840.87 - Heap Buffer Overflow via Crafted Video File
CVSS 8.8
CVE-2016-9679 CRITICAL
Citrix Provisioning Services - Remote Code Execution via Function Pointer Overwrite
CVSS 9.8
CVE-2016-9676 CRITICAL
Citrix Provisioning Services < 7.12 - Buffer Overflow
CVSS 9.8
CVE-2016-9844 MEDIUM
Info-Zip UnZip 6.0 - Denial of Service via Large Compression Method Value in Central Directory File Header
CVSS 4.0
CVE-2016-7996 CRITICAL
GraphicsMagick <1.3.25 - Buffer Overflow
CVSS 9.8
CVE-2016-7564 HIGH
Artifex MuJS - Heap-Based Buffer Overflow in Fp_toString
CVSS 7.5
CVE-2016-2233 HIGH
HexChat 2.10.2 - Denial of Service via CAP LS Message Buffer Overflow
CVSS 7.5
CVE-2016-2090 CRITICAL
Fedora < 0.8.2 - Memory Corruption
CVSS 9.8
CVE-2016-8459 CRITICAL
Android Kernel <3.18 - Buffer Overflow
CVSS 9.8
CVE-2016-8441 HIGH
Android Kernel <3.18 - Buffer Overflow
CVSS 7.8
Details
Vulnerabilities 14,006
Exploit Likelihood High