CWE-119
High likelihoodImproper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
14,006 vulnerabilities with CWE-119
CVE-2016-7461
HIGH
VMware Fusion and Fusion Pro - Arbitrary Code Execution via Drag-and-Drop Function
CVSS 8.8
CVE-2016-7084
HIGH
VMware Workstation Player 12.x - Remote Code Execution via JPEG 2000 Image
CVSS 7.8
CVE-2016-7083
HIGH
VMware Workstation Pro and Player 12.x - Remote Code Execution via Cortado ThinPrint EMFSPOOL TrueType Fonts
CVSS 7.8
CVE-2016-7082
HIGH
VMware Workstation Pro and Player 12.x - Remote Code Execution via EMF File
CVSS 7.8
CVE-2016-7081
HIGH
VMware Workstation Pro and Player 12.x - Heap-Based Buffer Overflow via Cortado ThinPrint Virtual Printing
CVSS 7.8
CVE-2016-9793
HIGH
Linux Kernel 3.5-3.12.69 - Memory Corruption via Negative sk_sndbuf/sk_rcvbuf Values
CVSS 7.8
CVE-2016-7562
MEDIUM
FFmpeg < 3.1.3 - Denial of Service via Crafted AVI File
CVSS 5.5
CVE-2016-6671
HIGH
FFmpeg < 3.1.2 - Remote Code Execution via Crafted SWF File
CVSS 7.8
CVE-2016-7298
HIGH
Microsoft Office - Memory Corruption
CVSS 7.8
CVE-2016-7297
HIGH
Microsoft Edge - Remote Code Execution via Scripting Engine Memory Corruption
CVSS 7.5
CVE-2016-7296
HIGH
Microsoft Edge - Remote Code Execution via Scripting Engine Memory Corruption
CVSS 7.5
CVE-2016-7289
HIGH
Microsoft Publisher 2010 SP2 - Remote Code Execution or Denial of Service via Crafted Document
CVSS 7.8
CVE-2016-7288
HIGH
Microsoft Edge - Remote Code Execution via TypedArray.sort Use-After-Free
CVSS 7.5
CVE-2016-7287
HIGH
Microsoft Edge and Internet Explorer 11 - Remote Code Execution via Scripting Engine Memory Corruption
CVSS 7.5
CVE-2016-7286
HIGH
Microsoft Edge - Remote Code Execution via Scripting Engine Memory Corruption
CVSS 7.5
CVE-2016-7283
HIGH
Microsoft Internet Explorer 9-11 - Remote Code Execution via Memory Corruption
CVSS 8.8
CVE-2016-7279
HIGH
Microsoft Edge and Internet Explorer 9-11 - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2016-7277
CRITICAL
Microsoft Office 2016 - Remote Code Execution or Denial of Service via Crafted Document
CVSS 9.6
CVE-2016-7263
HIGH
Microsoft Excel for Mac 2011 and 2016 - Remote Code Execution or Denial of Service via Crafted Document
CVSS 7.8
CVE-2016-7181
HIGH
Microsoft Edge - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2016-5182
HIGH
Google Chrome < 54.0.2840.59 - Heap Corruption via Bitmap Handling
CVSS 8.8
CVE-2016-8825
HIGH
NVIDIA Windows GPU Display Driver - DoS/Privilege Escalation
CVSS 7.8
CVE-2016-8823
HIGH
NVIDIA Windows GPU Display Driver - DoS
CVSS 7.8
CVE-2016-8817
HIGH
NVIDIA Windows GPU Display Driver - Buffer Overflow
CVSS 7.8
CVE-2016-7886
CRITICAL
Adobe InDesign <= 11.4.1 and InDesign Server <= 11.0.0 - Memory Corruption
CVSS 9.8
Details
Vulnerabilities
14,006
Exploit Likelihood
High