CWE-119
High likelihoodImproper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
14,008 vulnerabilities with CWE-119
CVE-2016-3318
HIGH
Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2013 RT SP1 - Remote Code Execution via Crafted File
CVSS 7.8
CVE-2016-3317
HIGH
Microsoft Office/Word Remote Code Execution via Crafted File
CVSS 7.8
CVE-2016-3316
HIGH
Microsoft Word 2013 SP1, 2013 RT SP1, 2016, and 2016 for Mac - Remote Code Execution via Crafted File
CVSS 7.8
CVE-2016-3313
HIGH
Microsoft Office 2007-2016 & Word Viewer RCE via Crafted File
CVSS 7.8
CVE-2016-3296
HIGH
Microsoft Edge - Remote Code Execution via Chakra JavaScript Engine
CVSS 7.5
CVE-2016-3293
HIGH
Microsoft Edge and Internet Explorer 9-11 - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2016-3290
HIGH
Microsoft Internet Explorer 11 - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2016-3289
HIGH
Microsoft Edge and Internet Explorer 11 - Remote Code Execution via Crafted Web Page
CVSS 7.5
CVE-2016-3288
HIGH
Microsoft Internet Explorer 11 - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2016-2063
HIGH
Linux Kernel 3.0-3.19.8 - Stack-Based Buffer Overflow in MSM Thermal Driver via Debugfs Interface
CVSS 7.8
CVE-2016-5140
CRITICAL
Google Chrome < 52.0.2743.82 - Heap-Based Buffer Overflow in OpenJPEG J2K Parser
CVSS 9.8
CVE-2016-5139
HIGH
Google Chrome < 52.0.2743.116 - Heap-Based Buffer Overflow via Crafted JPEG 2000 Data
CVSS 7.6
CVE-2016-5359
MEDIUM
Wireshark 1.12.x < 1.12.12 - Denial of Service via WBXML Dissector Offset Mishandling
CVSS 5.9
CVE-2016-5356
MEDIUM
Wireshark 1.12.x < 1.12.12 and 2.x < 2.0.4 - Denial of Service in CoSine File Parser
CVSS 5.9
CVE-2016-5116
CRITICAL
libgd < 2.2.0 - Stack-Based Buffer Under-Read in gd_xbm.c
CVSS 9.1
CVE-2016-5114
CRITICAL
PHP < 5.5.31, 5.6.x < 5.6.17, 7.x < 7.0.2 - Denial of Service via Long String in fpm_log.c
CVSS 9.1
CVE-2016-6516
HIGH
Linux Kernel <4.7 - Privilege Escalation
CVSS 7.4
CVE-2016-6187
HIGH
Linux kernel <4.6.5 - Privilege Escalation
CVSS 7.8
CVE-2016-5400
MEDIUM
Linux Kernel < 4.6.6 - Denial of Service via Airspy USB Driver Memory Leak
CVSS 4.3
CVE-2016-3825
HIGH
Android <5.0.2, <5.1.1, <2016-08-01 - Privilege Escalation
CVSS 7.8
CVE-2016-3824
HIGH
Android <4.4.4, <5.0.2, <5.1.1, <2016-08-01 - Privilege Escalation
CVSS 7.8
CVE-2016-3823
HIGH
Android <4.4.4, <5.0.2, <5.1.1, <2016-08-01 - Privilege Escalation
CVSS 7.8
CVE-2016-3822
HIGH
Android <4.4.4, <5.0.2, <5.1.1, <2016-08-01 - RCE
CVSS 7.8
CVE-2016-3820
CRITICAL
Android 6.x - Remote Code Execution via Crafted Media File in ih264d Decoder
CVSS 9.8
CVE-2016-3819
CRITICAL
Android <4.4.4, <5.0.2, <5.1.1, <2016-08-01 - RCE/DoS
CVSS 9.8
Details
Vulnerabilities
14,008
Exploit Likelihood
High