CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,008 vulnerabilities with CWE-119
CVE-2016-4478 HIGH
Opensuse Leap < 7.2.6 - Memory Corruption
CVSS 7.5
CVE-2016-4356 HIGH
Libksba < 1.3.3 - Denial of Service via Out-of-Bounds Read in DN Decoder
CVSS 7.5
CVE-2016-4355 HIGH
Libksba < 1.3.3 - Denial of Service via Crafted BER Data
CVSS 7.5
CVE-2016-4354 HIGH
Libksba <1.3.3 - DoS
CVSS 7.5
CVE-2016-5234 HIGH
Huawei VP9660 VP9650 VP9630 and RSE6500 < V500R002C00SPC200 - Remote Code Execution via Crafted Packet
CVSS 8.1
CVE-2016-2824 HIGH
Firefox < 47.0 and Firefox ESR < 45.2 - Out-of-Bounds Write via WebGL Shader Array Access
CVSS 8.8
CVE-2016-2819 HIGH
Opensuse Leap < 46.0.1 - Memory Corruption
CVSS 8.8
CVE-2016-2818 HIGH
Firefox < 47.0 and Firefox ESR 45.x < 45.2 - Remote Code Execution via Memory Corruption
CVSS 8.8
CVE-2016-2815 HIGH
Firefox < 47.0 - Remote Code Execution via Browser Engine Memory Corruption
CVSS 8.8
CVE-2016-2485 HIGH
Android < 4.4.4/5.0.2/5.1.1/2016-06-01 - Privilege Escalation via OMX Buffer Size Validation Bypass
CVSS 7.8
CVE-2016-2484 HIGH
Android < 4.4.4/5.0.2/5.1.1/2016-06-01 - Memory Corruption in libstagefright GSM/G711 Codec
CVSS 7.8
CVE-2016-2483 HIGH
Android mm-video-v4l2 venc - Privilege Escalation via Buffer Count Mishandling
CVSS 7.8
CVE-2016-2482 HIGH
Android mm-video-v4l2 vdec - Privilege Escalation via Buffer Count Mishandling
CVSS 7.8
CVE-2016-2481 HIGH
Android < 4.4.4, 5.0.x < 5.0.2, 5.1.x < 5.1.1, 6.x < 2016-06-01 - Privilege Escalation via mm-video-v4l2
CVSS 7.8
CVE-2016-2479 HIGH
Android < 2016-06-01 - Privilege Escalation via mm-video-v4l2 vdec Buffer Mishandling
CVSS 7.8
CVE-2016-2476 HIGH
Android mediaserver - Memory Corruption via OMX Buffer Size Mismatch
CVSS 7.8
CVE-2016-2463 HIGH
Android < 2016-06-01 - Remote Code Execution via Crafted Media File in h264dec
CVSS 8.4
CVE-2016-1421 HIGH
Cisco IP Phone 8800 Series RCE/DoS via Crafted HTTP Request
CVSS 7.5
CVE-2016-4447 HIGH
HP Icewall Federation Agent < 9.3.2 - Memory Corruption
CVSS 7.5
CVE-2016-0749 CRITICAL
SPICE - DoS/Buffer Overflow
CVSS 9.8
CVE-2016-5108 CRITICAL
Debian Linux < 2.2.3 - Memory Corruption
CVSS 9.8
CVE-2016-4359 CRITICAL
HPE LoadRunner <12.50 - Buffer Overflow
CVSS 9.8
CVE-2016-1405 HIGH
ClamAV - Denial of Service via Crafted Document
CVSS 7.5
CVE-2016-2335 HIGH
Opensuse - Memory Corruption
CVSS 8.8
CVE-2016-1702 MEDIUM
Skia <51.0.2704.79 - DoS
CVSS 6.5
Details
Vulnerabilities 14,008
Exploit Likelihood High