CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,008 vulnerabilities with CWE-119
CVE-2016-4256 CRITICAL
Adobe Digital Editions <4.5.2 - Memory Corruption
CVSS 9.8
CVE-2016-3381 HIGH
Microsoft Excel Remote Code Execution via Crafted Document
CVSS 7.8
CVE-2016-3377 HIGH
Microsoft Edge - Remote Code Execution via Chakra JavaScript Engine Memory Corruption
CVSS 7.5
CVE-2016-3375 HIGH
Internet Explorer 9-11 - Remote Code Execution via OLE Automation and VBScript
CVSS 7.5
CVE-2016-3369 HIGH
Windows 10 Gold and 1511 - Denial of Service
CVSS 7.5
CVE-2016-3368 HIGH
Windows Vista SP2, Server 2008 SP2/R2 SP1, 7 SP1, 8.1, RT 8.1, 10, Server 2012/R2 - Authenticated Remote Code Execution
CVSS 8.8
CVE-2016-3367 HIGH
Microsoft Silverlight 5 - Remote Code Execution via StringBuilder Memory Corruption
CVSS 8.8
CVE-2016-3365 HIGH
Microsoft Excel - Remote Code Execution via Crafted Document
CVSS 7.8
CVE-2016-3364 HIGH
Microsoft Visio 2016 - Remote Code Execution via Crafted Document
CVSS 7.8
CVE-2016-3363 HIGH
Microsoft Excel Remote Code Execution via Crafted Document
CVSS 7.8
CVE-2016-3362 HIGH
Microsoft Excel - Memory Corruption
CVSS 7.8
CVE-2016-3361 HIGH
Microsoft Excel 2010 SP2 - Remote Code Execution via Crafted Document
CVSS 7.8
CVE-2016-3360 HIGH
Microsoft Office Compatibility Pack - Remote Code Execution via Crafted Document
CVSS 7.8
CVE-2016-3359 HIGH
Microsoft Excel 2007 SP3/2010 SP2/Compatibility Pack SP3/Viewer RCE via Crafted Document
CVSS 7.8
CVE-2016-3358 HIGH
Microsoft Excel - Remote Code Execution via Crafted Document
CVSS 7.8
CVE-2016-3357 HIGH
Microsoft Office 2007 SP3-2016, Word for Mac, SharePoint, Office Web Apps - Remote Code Execution via Crafted Document
CVSS 7.8
CVE-2016-3356 HIGH
Windows 10 1607 - Remote Code Execution via Crafted Document
CVSS 7.8
CVE-2016-3350 HIGH
Microsoft Edge - Remote Code Execution via Chakra JavaScript Engine Memory Corruption
CVSS 7.5
CVE-2016-3330 HIGH
Microsoft Edge - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2016-3295 HIGH
Microsoft Edge and Internet Explorer - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2016-3294 HIGH
Microsoft Edge - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2016-7134 CRITICAL
PHP 7.x - Denial of Service via Long String in curl_escape
CVSS 9.8
CVE-2016-3881 MEDIUM
Android <4.4.4, <5.0.2, <5.1.1, <2016-09-01 - DoS
CVSS 5.5
CVE-2016-3872 HIGH
Android <4.4.4, <5.0.2, <5.1.1, <2016-09-01, <2016-09-01 - Privileg...
CVSS 7.8
CVE-2016-3862 HIGH
Android <4.4.4, <5.0.2, <5.1.1, <2016-09-01 - Memory Corruption
CVSS 7.8
Details
Vulnerabilities 14,008
Exploit Likelihood High