CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,008 vulnerabilities with CWE-119
CVE-2016-3861 HIGH
Android <4.4.4, <5.0.2, <5.1.1, <2016-09-01 - RCE
CVSS 7.8
CVE-2016-3858 HIGH
Android <2016-09-05 - Privilege Escalation
CVSS 7.8
CVE-2016-5157 HIGH
Opensuse Leap < 52.0.2743.116 - Memory Corruption
CVSS 8.8
CVE-2016-5154 HIGH
Google Chrome < 53.0.2785.89 - Heap-Based Buffer Overflow in PDFium via JBig2 Image
CVSS 8.8
CVE-2016-7179 MEDIUM
Debian Linux - Memory Corruption
CVSS 5.9
CVE-2016-7177 MEDIUM
Debian Linux - Memory Corruption
CVSS 5.9
CVE-2016-7176 MEDIUM
Wireshark 2.x < 2.0.6 - Denial of Service via H.225 Dissector Buffer Overlap
CVSS 5.9
CVE-2016-0385 LOW
IBM WebSphere Application Server <9.0.0.1 - Buffer Overflow
CVSS 3.1
CVE-2016-5680 HIGH
NUUO NVRmini <3.0.0 - Buffer Overflow
CVSS 8.8
CVE-2016-7115 CRITICAL
mac-telnet < 0.4.3 - Remote Code Execution via MT_CPTYPE_PASSSALT Control Packet
CVSS 9.8
CVE-2016-4270 CRITICAL
Adobe Reader and Acrobat <11.0.17, DC Classic <15.006.30198, DC Con...
CVSS 9.8
CVE-2016-4269 CRITICAL
Adobe Reader and Acrobat <11.0.17, DC Classic <15.006.30198, DC Con...
CVSS 9.8
CVE-2016-4268 CRITICAL
Adobe Reader and Acrobat <11.0.17, DC Classic <15.006.30198, DC Con...
CVSS 9.8
CVE-2016-4267 CRITICAL
Adobe Reader and Acrobat <11.0.17, DC Classic <15.006.30198, DC Con...
CVSS 9.8
CVE-2016-4266 CRITICAL
Adobe Reader and Acrobat <11.0.17, DC Classic <15.006.30198, DC Con...
CVSS 9.8
CVE-2016-4265 CRITICAL
Adobe Reader and Acrobat <11.0.17, DC Classic <15.006.30198, DC Con...
CVSS 9.8
CVE-2016-4119 CRITICAL
Adobe Reader and Acrobat <11.0.16, DC Classic <15.006.30172, DC Con...
CVSS 9.8
CVE-2016-5681 CRITICAL
D-Link DIR-868L/822/880L/850L/895L/817LW/818LW/890L/823/885L - Stack-based Buffer Overflow via Session Cookie
CVSS 9.8
CVE-2016-6909 CRITICAL
FortiOS 4.1.0-4.1.10, 4.2.0-4.2.12, 4.3.0-4.3.8 & FortiSwitch <3.4.2 - RCE via Cookie Parser Buffer Overflow
CVSS 9.8
CVE-2016-6363 MEDIUM
Cisco Aironet <8.2.121.0-8.3.102.0 - DoS
CVSS 6.5
CVE-2016-6254 CRITICAL
collectd <5.4.3, <5.5.2 - Buffer Overflow
CVSS 9.1
CVE-2016-4654 HIGH
iPhone OS - Remote Code Execution via IOMobileFrameBuffer Memory Corruption
CVSS 7.8
CVE-2016-6207 MEDIUM
libgd < 2.2.3 - Denial of Service via Integer Overflow in _gdContributionsAlloc
CVSS 6.5
CVE-2016-5408 CRITICAL
Oracle Linux - Memory Corruption
CVSS 9.8
CVE-2016-3322 HIGH
Microsoft Edge and Internet Explorer 11 - Remote Code Execution via Memory Corruption
CVSS 7.5
Details
Vulnerabilities 14,008
Exploit Likelihood High