CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,008 vulnerabilities with CWE-119
CVE-2016-9150 CRITICAL
Palo Alto Networks PAN-OS <7.1.6 - Buffer Overflow
CVSS 9.8
CVE-2016-6457 MEDIUM
Cisco Nexus 9000 Series ACI Leaf Switches and APIC 11.2(2x)-12.0(1x) - Unauthenticated Denial of Service
CVSS 6.5
CVE-2016-4333 HIGH
HDF5 1.8.16 - Heap-Based Buffer Overflow via Malicious File
CVSS 8.6
CVE-2016-4330 HIGH
HDF5 1.8.16 - Heap-Based Buffer Overflow via Array Dimension Handling
CVSS 8.6
CVE-2016-9374 MEDIUM
Wireshark 2.0.0-2.2.1 - Buffer Overflow
CVSS 5.9
CVE-2016-8661 HIGH
Little Snitch <3.6.1 - Privilege Escalation
CVSS 8.4
CVE-2016-4095 CRITICAL
Adobe Reader/Acrobat <11.0.18-15.020.20039 - Memory Corruption
CVSS 9.8
CVE-2016-7245 HIGH
Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, 2016 - Remote Code Execution via Crafted Office Document
CVSS 7.8
CVE-2016-7243 HIGH
Microsoft Edge - Remote Code Execution via Chakra JavaScript Engine Memory Corruption
CVSS 7.5
CVE-2016-7242 HIGH
Microsoft Edge - Remote Code Execution via Chakra JavaScript Engine Memory Corruption
CVSS 7.5
CVE-2016-7241 HIGH
Microsoft Edge and Internet Explorer 11 - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2016-7240 HIGH
Microsoft Edge - Remote Code Execution via Chakra JavaScript Engine Memory Corruption
CVSS 7.5
CVE-2016-7236 HIGH
Microsoft Excel - Remote Code Execution via Crafted Office Document
CVSS 7.8
CVE-2016-7235 HIGH
Excel for Mac 2011 - Remote Code Execution via Crafted Office Document
CVSS 7.8
CVE-2016-7234 HIGH
Microsoft Office - Remote Code Execution via Crafted Office Document
CVSS 7.8
CVE-2016-7232 HIGH
Microsoft Office - Remote Code Execution via Crafted Office Document
CVSS 7.8
CVE-2016-7231 HIGH
Microsoft Excel - Remote Code Execution via Crafted Office Document
CVSS 7.8
CVE-2016-7230 HIGH
Microsoft Office Web Apps 2010 SP2 - Remote Code Execution via Crafted Office Document
CVSS 7.8
CVE-2016-7229 HIGH
Microsoft Excel Remote Code Execution via Crafted Office Document
CVSS 7.8
CVE-2016-7228 HIGH
Microsoft Excel Remote Code Execution via Crafted Office Document
CVSS 7.8
CVE-2016-7217 HIGH
Microsoft Windows Media Foundation - Remote Code Execution via Crafted Website
CVSS 8.8
CVE-2016-7213 HIGH
Microsoft Excel Remote Code Execution via Crafted Office Document
CVSS 7.8
CVE-2016-7208 HIGH
Microsoft Edge - Remote Code Execution via Chakra JavaScript Engine Memory Corruption
CVSS 7.5
CVE-2016-7205 HIGH
Microsoft Windows - Remote Code Execution via Animation Manager Memory Corruption
CVSS 8.8
CVE-2016-7203 HIGH
Microsoft Edge - Remote Code Execution via Chakra JavaScript Engine Memory Corruption
CVSS 7.5
Details
Vulnerabilities 14,008
Exploit Likelihood High