CWE-119
High likelihoodImproper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
14,008 vulnerabilities with CWE-119
CVE-2016-4616
CRITICAL
Apple iPhone OS < 9.3.3 - Memory Corruption in libxml2
CVSS 9.8
CVE-2016-4615
CRITICAL
Apple iOS < 9.3.3, macOS < 10.11.6, tvOS < 9.2.2, watchOS < 2.2.2, iCloud < 5.2.1, iTunes < 12.4.2 - Memory Corruption
CVSS 9.8
CVE-2016-4610
CRITICAL
Xmlsoft Libxslt < 1.1.29 - Memory Corruption
CVSS 9.8
CVE-2016-4609
CRITICAL
Xmlsoft Libxslt < 1.1.29 - Memory Corruption
CVSS 9.8
CVE-2016-4608
CRITICAL
Xmlsoft Libxslt < 1.1.28 - Memory Corruption
CVSS 9.8
CVE-2016-4607
CRITICAL
Xmlsoft Libxslt < 1.1.29 - Memory Corruption
CVSS 9.8
CVE-2016-4602
HIGH
macOS < 10.11.6 - Remote Code Execution via Crafted FlashPix Bitmap Image
CVSS 8.8
CVE-2016-4601
HIGH
macOS < 10.11.6 - Remote Code Execution via Crafted SGI Image
CVSS 8.8
CVE-2016-4600
HIGH
macOS < 10.11.6 - Remote Code Execution via Crafted FlashPix Bitmap Image
CVSS 8.8
CVE-2016-4599
HIGH
macOS < 10.11.6 - Remote Code Execution via Crafted Photoshop Document
CVSS 7.8
CVE-2016-4598
CRITICAL
macOS < 10.11.6 - Remote Code Execution via Crafted Image in QuickTime
CVSS 9.8
CVE-2016-4597
HIGH
macOS < 10.11.6 - Remote Code Execution via Crafted FlashPix Bitmap Image
CVSS 8.8
CVE-2016-4596
HIGH
macOS < 10.11.6 - Remote Code Execution via Crafted FlashPix Bitmap Image
CVSS 8.8
CVE-2016-4589
HIGH
WebKit - Remote Code Execution or Denial of Service via Memory Corruption
CVSS 8.8
CVE-2016-4588
HIGH
WebKit - Remote Code Execution or Denial of Service via Memory Corruption
CVSS 8.8
CVE-2016-4587
MEDIUM
WebKit - Information Disclosure via Uninitialized Memory
CVSS 6.5
CVE-2016-4586
HIGH
Apple Safari < 9.1.2 and tvOS < 9.2.2 - Remote Code Execution via Memory Corruption
CVSS 8.8
CVE-2016-4584
HIGH
Safari < 9.1.2 - Remote Code Execution via WebKit Page Loading
CVSS 8.8
CVE-2016-4582
HIGH
Apple iOS <9.3.3, macOS <10.11.6, tvOS <9.2.2, watchOS <2.2.2 - Local Privilege Escalation via Memory Corruption
CVSS 7.8
CVE-2016-5637
HIGH
libbpg 0.9.5-0.9.7 - Remote Code Execution via Crafted BPG Image
CVSS 8.8
CVE-2016-4254
CRITICAL
Adobe Reader and Acrobat <11.0.17, DC Classic <15.006.30198, DC Con...
CVSS 9.8
CVE-2016-4252
CRITICAL
Adobe Reader and Acrobat <11.0.17, DC Classic <15.006.30198, DC Con...
CVSS 9.8
CVE-2016-4251
CRITICAL
Adobe Reader and Acrobat <11.0.17, DC Classic <15.006.30198, DC Con...
CVSS 9.8
CVE-2016-4250
CRITICAL
Adobe Reader and Acrobat <11.0.17, DC Classic <15.006.30198, DC Con...
CVSS 9.8
CVE-2016-4214
CRITICAL
Adobe Reader and Acrobat <11.0.17, DC Classic <15.006.30198, DC Con...
CVSS 9.8
Details
Vulnerabilities
14,008
Exploit Likelihood
High