CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,008 vulnerabilities with CWE-119
CVE-2016-1691 HIGH
Skia <51.0.2704.63 - DoS
CVSS 7.5
CVE-2016-1689 MEDIUM
Google Chrome <51.0.2704.63 - Buffer Overflow
CVSS 6.5
CVE-2016-1688 MEDIUM
Google V8 <5.0.71.40 - DoS
CVSS 6.5
CVE-2016-1686 MEDIUM
Google Chrome < 50.0.2661.102 - Denial of Service via PDF Decoder Initialization Failure
CVSS 6.5
CVE-2016-1685 MEDIUM
Google Chrome < 51.0.2704.63 - Denial of Service via PDFium Index Miscalculations
CVSS 6.5
CVE-2016-1683 HIGH
libxslt < 1.1.29 - Heap-Based Buffer Overflow via Namespace Node Handling
CVSS 7.5
CVE-2016-1681 HIGH
OpenJPEG - Buffer Overflow
CVSS 8.8
CVE-2016-1680 HIGH
Skia <51.0.2704.63 - Use After Free
CVSS 8.8
CVE-2016-1678 HIGH
Google V8 < 5.0.71 - Heap-Based Buffer Overflow via Lazy Deoptimization
CVSS 8.8
CVE-2016-4564 CRITICAL
ImageMagick < 6.9.3-0 - Buffer Overflow in DrawImage Function
CVSS 9.8
CVE-2016-4563 HIGH
ImageMagick < 6.9.3-0 - Buffer Overflow in TraceStrokePolygon
CVSS 8.8
CVE-2016-4562 HIGH
ImageMagick < 6.9.4-0 and 7.x < 7.0.1-2 - Buffer Overflow in DrawDashPolygon
CVSS 8.8
CVE-2016-4804 MEDIUM
dosfstools < 4.0 - Denial of Service via Crafted Filesystem
CVSS 6.2
CVE-2016-4454 MEDIUM
QEMU < 2.6.0 - Denial of Service via vmsvga_fifo_read_raw Out-of-Bounds Read
CVSS 6.0
CVE-2016-3075 HIGH
Opensuse < 2.23 - Memory Corruption
CVSS 7.5
CVE-2016-1234 HIGH
GNU C Library <2.24 - Buffer Overflow
CVSS 7.5
CVE-2016-3681 HIGH
Huawei Mate 8 NXT-AL <NXT-AL10C00B182 - Buffer Overflow
CVSS 7.8
CVE-2016-3680 HIGH
Huawei Mate 8 NXT-AL <NXT-AL10C00B182 - Buffer Overflow
CVSS 7.8
CVE-2016-0718 CRITICAL
Expat - Buffer Overflow
CVSS 9.8
CVE-2016-1385 MEDIUM
Cisco Adaptive Security Appliance Software - Denial of Service via XML Parser
CVSS 6.5
CVE-2016-1886 HIGH
FreeBSD <9.3 p42, 10.1 p34, 10.2 p17, 10.3 p3 - Memory Corruption via SETFKEY ioctl
CVSS 7.8
CVE-2016-0264 MEDIUM
IBM SDK, Java Technology Edition <6.0.16.25-8.0.3.0 - Remote Code Execution
CVSS 5.6
CVE-2016-4577 HIGH
Huawei USG9500 NGFW Module Secospace USG6300 USG6500 USG6600 - Buffer Overflow via Smart DNS Crafted Packet
CVSS 7.5
CVE-2016-4576 CRITICAL
Huawei IPS/NGFW/NIP6300/NIP6600/USG6300/USG6500/USG6600/USG9500/AntiDDoS8000 Buffer Overflow via ASPF Packet
CVSS 9.8
CVE-2016-4568 HIGH
Linux Kernel 4.4-4.4.8 - Memory Corruption via VIDIOC_DQBUF Ioctl
CVSS 7.8
Details
Vulnerabilities 14,008
Exploit Likelihood High