CWE-119
High likelihoodImproper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
14,008 vulnerabilities with CWE-119
CVE-2016-2497
HIGH
Android 4.x-5.1.x and 6.x before 2016-08-01 - Intent-Filter Priority Manipulation
CVSS 7.3
CVE-2016-5252
HIGH
Oracle Linux < 47.0.1 - Memory Corruption
CVSS 8.8
CVE-2016-2838
HIGH
Firefox < 48.0 - Remote Code Execution via SVG Directional Content
CVSS 8.8
CVE-2016-2837
MEDIUM
Firefox < 48.0 - Remote Code Execution via ClearKey CDM Heap Overflow
CVSS 6.3
CVE-2016-2836
HIGH
Firefox < 48.0 - Remote Code Execution via Browser Engine Memory Corruption
CVSS 8.8
CVE-2016-6297
HIGH
PHP < 5.5.37 - Denial of Service via Integer Overflow in php_stream_zip_opener
CVSS 8.8
CVE-2016-6296
CRITICAL
PHP < 5.5.37 - Heap-Based Buffer Overflow via xmlrpc_encode_request
CVSS 9.8
CVE-2016-6293
CRITICAL
International Components for Unicode < 57.1 - Out-of-Bounds Read via uloc_acceptLanguageFromHTTP
CVSS 9.8
CVE-2016-6291
CRITICAL
PHP <5.5.38, <5.6.24, <7.0.9 - DoS/Info Disclosure
CVSS 9.8
CVE-2016-6288
CRITICAL
PHP < 5.5.37 - Buffer Over-read via php_url_parse_ex Function
CVSS 9.8
CVE-2016-5129
HIGH
Google Chrome < 52.0.2743.82 - Memory Corruption via Left-Trimmed Objects
CVSS 8.8
CVE-2016-1709
HIGH
Google sfntly <2016-06-10 - Buffer Overflow
CVSS 8.8
CVE-2016-4653
HIGH
Apple iOS <9.3.3, macOS <10.11.6, tvOS <9.2.2, watchOS <2.2.2 - Local Privilege Escalation via Memory Corruption
CVSS 7.8
CVE-2016-4647
HIGH
macOS < 10.11.6 - Privilege Escalation and Denial of Service via Crafted Audio File
CVSS 7.8
CVE-2016-4640
HIGH
macOS < 10.11.6 - Remote Code Execution and Information Disclosure via Crafted App
CVSS 7.8
CVE-2016-4637
HIGH
Apple iOS <9.3.3, macOS <10.11.6, tvOS <9.2.2, watchOS <2.2.2 - Remote Code Execution via Crafted BMP Image
CVSS 8.8
CVE-2016-4634
HIGH
Apple OS X < 10.11.6 - Memory Corruption in Graphics Drivers
CVSS 7.8
CVE-2016-4632
HIGH
Apple iOS <9.3.3, macOS <10.11.6, tvOS <9.2.2, watchOS <2.2.2 - Denial of Service via ImageIO Memory Consumption
CVSS 7.5
CVE-2016-4631
HIGH
Apple iOS < 9.3.3, macOS < 10.11.6, tvOS < 9.2.2, watchOS < 2.2.2 - Remote Code Execution via Crafted TIFF File
CVSS 8.8
CVE-2016-4630
HIGH
macOS < 10.11.6 - Remote Code Execution via Crafted EXR Image with B44 Compression
CVSS 8.8
CVE-2016-4629
CRITICAL
macOS < 10.11.6 - Remote Code Execution via Crafted EXR Image
CVSS 9.8
CVE-2016-4624
HIGH
Safari < 9.1.2 - Remote Code Execution via Memory Corruption
CVSS 8.8
CVE-2016-4623
HIGH
Safari < 9.1.2 - Remote Code Execution via Memory Corruption
CVSS 8.8
CVE-2016-4622
HIGH
Safari < 9.1.2 - Remote Code Execution via Memory Corruption
CVSS 8.8
CVE-2016-4621
HIGH
macOS < 10.11.6 - Remote Code Execution via Memory Corruption in libc++abi
CVSS 7.8
Details
Vulnerabilities
14,008
Exploit Likelihood
High