CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,008 vulnerabilities with CWE-119
CVE-2016-3282 HIGH
Microsoft Office - Remote Code Execution via Crafted Office Document
CVSS 7.8
CVE-2016-3281 HIGH
Microsoft Office - Remote Code Execution via Crafted Office Document
CVSS 7.8
CVE-2016-3280 HIGH
Microsoft Office - Remote Code Execution via Crafted Office Document
CVSS 7.8
CVE-2016-3278 HIGH
Microsoft Outlook 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016 - Remote Code Execution via Crafted Office Document
CVSS 7.8
CVE-2016-3269 HIGH
Microsoft Edge - Remote Code Execution via Chakra JavaScript Engine Memory Corruption
CVSS 8.8
CVE-2016-3265 HIGH
Microsoft Edge - Remote Code Execution via Chakra JavaScript Engine Memory Corruption
CVSS 8.8
CVE-2016-3264 HIGH
Microsoft Edge and Internet Explorer 9-11 - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2016-3260 HIGH
Microsoft Edge and Internet Explorer - Remote Code Execution via Scripting Engine Memory Corruption
CVSS 8.8
CVE-2016-3259 HIGH
Microsoft Edge and Internet Explorer - Remote Code Execution via Scripting Engine Memory Corruption
CVSS 8.8
CVE-2016-3248 HIGH
Microsoft Edge - Remote Code Execution via Scripting Engine Memory Corruption
CVSS 8.8
CVE-2016-3246 HIGH
Microsoft Edge - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2016-3243 HIGH
Microsoft Internet Explorer 10 and 11 - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2016-3242 HIGH
Microsoft Internet Explorer 9-11 - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2016-3241 HIGH
Microsoft Internet Explorer 9-11 - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2016-3240 HIGH
Microsoft Internet Explorer 9-11 - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2016-3204 HIGH
Internet Explorer 9-11 - Remote Code Execution via Scripting Engine Memory Corruption
CVSS 8.8
CVE-2016-5781 HIGH
WECON LeviStudio - Stack-based Buffer Overflow via Crafted File
CVSS 7.8
CVE-2016-5308 MEDIUM
Symantec Client Intrusion Detection System < 15.1.2 - Denial of Service via Malformed PE File
CVSS 5.5
CVE-2016-4533 HIGH
WECON LeviStudio - Remote Code Execution via Crafted File
CVSS 7.8
CVE-2016-3758 HIGH
Android <4.4.4, <5.0.2, <5.1.1, <2016-07-01 - Buffer Overflow
CVSS 7.8
CVE-2016-3745 CRITICAL
Android <4.4.4, <5.0.2, <5.1.1, <2016-07-01 - Buffer Overflow
CVSS 9.8
CVE-2016-3744 HIGH
Android <4.4.4, <5.0.2, <5.1.1, <2016-07-01 - Buffer Overflow
CVSS 7.5
CVE-2016-2508 HIGH
Android 4.x-5.1.x and 6.x before 2016-07-01 - Remote Code Execution via Crafted Media File
CVSS 7.8
CVE-2016-2507 HIGH
Android < 2016-07-01 - Remote Code Execution via Crafted Media File
CVSS 7.8
CVE-2016-2506 CRITICAL
Android 4.x-5.1.x and 6.x before 2016-07-01 - Remote Code Execution via Crafted Media File in DRMExtractor
CVSS 9.8
Details
Vulnerabilities 14,008
Exploit Likelihood High