CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,008 vulnerabilities with CWE-119
CVE-2016-4737 HIGH
Safari < 10.0 - Remote Code Execution via Memory Corruption
CVSS 8.8
CVE-2016-4736 HIGH
macOS < 10.11.6 - Memory Corruption in libarchive
CVSS 8.8
CVE-2016-4735 HIGH
Safari < 10.0 - Remote Code Execution via Memory Corruption
CVSS 8.8
CVE-2016-4734 CRITICAL
Safari < 10.0 - Remote Code Execution via Memory Corruption
CVSS 9.6
CVE-2016-4733 HIGH
Safari < 10.0 - Remote Code Execution via Memory Corruption
CVSS 7.8
CVE-2016-4731 HIGH
Safari < 9.1.3 - Remote Code Execution via Memory Corruption
CVSS 8.8
CVE-2016-4730 HIGH
Safari < 10.0 - Remote Code Execution via Memory Corruption
CVSS 8.8
CVE-2016-4729 HIGH
Safari < 9.1.3 - Remote Code Execution via Memory Corruption
CVSS 8.8
CVE-2016-4727 HIGH
Apple macOS X < 10.11.6 - Memory Corruption in IOThunderboltFamily
CVSS 7.8
CVE-2016-4726 HIGH
watchOS < 3.0 - Remote Code Execution via Memory Corruption in IOAcceleratorFamily
CVSS 7.8
CVE-2016-4725 HIGH
Apple iOS <10.0, macOS <10.12.0, tvOS <10.0, watchOS <3.0 - Memory Corruption via IOAcceleratorFamily
CVSS 8.1
CVE-2016-4723 HIGH
macOS < 10.11.6 - Remote Code Execution via Intel Graphics Driver
CVSS 7.8
CVE-2016-4718 MEDIUM
Apple iPhone OS < 10.0, macOS < 10.12.0, tvOS < 10.0, watchOS < 3.0 - Buffer Overflow in FontParser
CVSS 6.5
CVE-2016-4703 HIGH
macOS < 10.11.6 - Remote Code Execution via Bluetooth
CVSS 7.8
CVE-2016-4702 CRITICAL
Apple iOS < 10, macOS < 10.12, tvOS < 10, watchOS < 3 - Remote Code Execution via Audio Memory Corruption
CVSS 9.8
CVE-2016-4700 HIGH
Apple OS X < 10.11.6 - Memory Corruption in AppleUUC
CVSS 7.8
CVE-2016-4699 HIGH
Apple OS X < 10.11.6 - Remote Code Execution in AppleUUC
CVSS 7.8
CVE-2016-4697 HIGH
Apple OS X < 10.11.6 - Memory Corruption via HSSPI Support
CVSS 7.8
CVE-2016-4658 CRITICAL
Apple Iphone OS < 10.0 - Memory Corruption
CVSS 9.8
CVE-2016-4611 HIGH
Safari < 10.0 - Remote Code Execution via Memory Corruption
CVSS 8.8
CVE-2016-5278 HIGH
Firefox < 49.0 - Remote Code Execution via Crafted Image Data in BMP Encoding
CVSS 8.8
CVE-2016-5275 HIGH
Firefox < 48.0.2 - Remote Code Execution via Empty Filter and CANVAS Interaction
CVSS 8.8
CVE-2016-5270 CRITICAL
Firefox < 49.0 - Heap-based Buffer Overflow in nsCaseTransformTextRunFactory
CVSS 9.8
CVE-2016-5257 CRITICAL
Firefox < 49.0 and Firefox ESR 45.x < 45.4 - Remote Code Execution or Denial of Service via Memory Corruption
CVSS 9.8
CVE-2016-5256 CRITICAL
Firefox < 48.0.2 - Memory Corruption and Remote Code Execution
CVSS 9.8
Details
Vulnerabilities 14,008
Exploit Likelihood High