CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,008 vulnerabilities with CWE-119
CVE-2016-4395 HIGH
HPE System Management Homepage <7.6 - Buffer Overflow
CVSS 7.5
CVE-2016-8335 HIGH
Iceni Argus <6.6.04 - Buffer Overflow
CVSS 8.8
CVE-2016-8333 HIGH
Iceni Argus 6.6.04 - Buffer Overflow
CVSS 8.8
CVE-2016-8598 CRITICAL
libcsp < 1.4 - Buffer Overflow via ZMQ Interface
CVSS 9.8
CVE-2016-8597 CRITICAL
libcsp < 1.4 - Buffer Overflow via Crafted SFP Packets
CVSS 9.8
CVE-2016-8596 CRITICAL
libcsp < 1.4 - Buffer Overflow via Long CSP Packet
CVSS 9.8
CVE-2016-8332 HIGH
OpenJPEG 2.1.1 - Remote Code Execution via Crafted JPEG2000 Image
CVSS 7.5
CVE-2016-6432 HIGH
Cisco Adaptive Security Appliance Software - Remote Code Execution via Crafted NetBIOS Packet
CVSS 8.1
CVE-2016-5764 HIGH
Micro Focus Rumba FTP <4.5 - Buffer Overflow
CVSS 8.8
CVE-2016-7854 CRITICAL
Adobe Acrobat/Reader < 11.0.18, DC Classic < 15.006.30243, DC Continuous < 15.020.20039 - RCE/DoS via Memory Corruption
CVSS 9.8
CVE-2016-7853 CRITICAL
Adobe Acrobat/Reader < 11.0.18, DC < 15.006.30243, DC Continuous < 15.020.20039 - RCE/DoS via Memory Corruption
CVSS 9.8
CVE-2016-7852 CRITICAL
Adobe Acrobat/Reader < 11.0.18, DC Classic < 15.006.30243, DC Continuous < 15.020.20039 - RCE/DoS via Memory Corruption
CVSS 9.8
CVE-2016-8658 MEDIUM
Linux Kernel < 4.7.5 - Stack-Based Buffer Overflow in brcmf_cfg80211_start_ap via Long SSID
CVSS 6.1
CVE-2016-7425 HIGH
Linux Kernel < 3.2.84 - Local Privilege Escalation via ARCMSR_MESSAGE_WRITE_WQBUFFER Buffer Overflow
CVSS 7.8
CVE-2016-7042 MEDIUM
Linux Kernel < 4.8.2 - Denial of Service via /proc/keys Buffer Overflow
CVSS 6.2
CVE-2016-7194 HIGH
Microsoft Edge - Remote Code Execution via Chakra JavaScript Engine Memory Corruption
CVSS 7.5
CVE-2016-7193 HIGH KEV
Microsoft Office - Remote Code Execution via Crafted RTF Document
CVSS 7.8
CVE-2016-7190 HIGH
Microsoft Edge - Remote Code Execution via Chakra JavaScript Engine Memory Corruption
CVSS 7.5
CVE-2016-7189 HIGH
Microsoft Edge - Remote Code Execution via Chakra JavaScript Engine
CVSS 7.5
CVE-2016-3390 HIGH
Microsoft Edge and Internet Explorer - Remote Code Execution via Scripting Engine Memory Corruption
CVSS 7.5
CVE-2016-3389 HIGH
Microsoft Edge - Remote Code Execution via Chakra JavaScript Engine Memory Corruption
CVSS 7.5
CVE-2016-3386 HIGH
Microsoft Edge - Remote Code Execution via Chakra JavaScript Engine Memory Corruption
CVSS 7.5
CVE-2016-3385 HIGH
Internet Explorer 9-11 - Remote Code Execution via Scripting Engine Memory Corruption
CVSS 7.5
CVE-2016-3384 HIGH
Microsoft Internet Explorer 9-11 - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2016-3383 HIGH
Microsoft Internet Explorer 10 and 11 - Remote Code Execution via Memory Corruption
CVSS 7.5
Details
Vulnerabilities 14,008
Exploit Likelihood High