CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,008 vulnerabilities with CWE-119
CVE-2016-4544 CRITICAL
PHP < 5.5.35, 5.6.x < 5.6.21, 7.x < 7.0.6 - Denial of Service via TIFF Header Processing
CVSS 9.8
CVE-2016-4543 CRITICAL
HP System Management Homepage < 7.5.5.6 - Memory Corruption
CVSS 9.8
CVE-2016-4542 CRITICAL
PHP < 5.5.35, 5.6.x < 5.6.21, 7.x < 7.0.6 - Denial of Service via EXIF Header Processing
CVSS 9.8
CVE-2016-4539 CRITICAL
PHP < 5.5.35, 5.6.x < 5.6.21, 7.x < 7.0.6 - Denial of Service via xml_parse_into_struct
CVSS 9.8
CVE-2016-4342 HIGH
PHP <5.5.32, 5.6.x <5.6.18, 7.x <7.0.3 - DoS
CVSS 8.8
CVE-2016-1402 HIGH
Cisco Identity Services Engine < 1.2.0.899 patch 7 - Denial of Service via Crafted PAP Authentication Request
CVSS 7.5
CVE-2016-4441 MEDIUM
QEMU < 2.6.0 - Denial of Service via SCSI Controller DMA Length Check
CVSS 6.0
CVE-2016-4439 MEDIUM
QEMU 53C9X FSC - DoS/Arbitrary Code Execution
CVSS 6.7
CVE-2016-4073 CRITICAL
PHP <5.5.34, <5.6.20, <7.0.5 - Buffer Overflow
CVSS 9.8
CVE-2016-1859 HIGH
Apple iOS <9.3.2, Safari <9.1.1, tvOS <9.2.1 - Memory Corruption
CVSS 8.8
CVE-2016-1857 HIGH
Safari < 9.1.1 - Remote Code Execution via Memory Corruption
CVSS 8.8
CVE-2016-1856 HIGH
Safari < 9.1.1 - Remote Code Execution via Memory Corruption
CVSS 8.8
CVE-2016-1855 HIGH
Safari < 9.1.1 - Remote Code Execution via Memory Corruption
CVSS 8.8
CVE-2016-1854 HIGH
Safari < 9.1.1 - Remote Code Execution via Memory Corruption
CVSS 8.8
CVE-2016-1850 HIGH
Apple OS X <10.11.5 - Memory Corruption
CVSS 7.8
CVE-2016-1848 HIGH
Apple OS X <10.11.5 - Memory Corruption
CVSS 7.8
CVE-2016-1847 HIGH
Apple iOS <9.3.2, macOS <10.11.5, tvOS <9.2.1, watchOS <2.2.1 - Remote Code Execution via OpenGL Memory Corruption
CVSS 8.8
CVE-2016-1846 HIGH
NVIDIA Graphics Drivers <10.11.5 - RCE/DoS
CVSS 7.8
CVE-2016-1841 HIGH
Apple iOS <9.3.2, macOS <10.11.5, tvOS <9.2.1, watchOS <2.2.1 - Remote Code Execution via libxslt Memory Corruption
CVSS 8.8
CVE-2016-1840 HIGH
libxml2 <2.9.4 - Buffer Overflow
CVSS 7.8
CVE-2016-1835 HIGH
libxml2 <2.9.4 - Use After Free
CVSS 8.8
CVE-2016-1834 HIGH
libxml2 <2.9.4 - Buffer Overflow
CVSS 7.8
CVE-2016-1832 HIGH
Apple iOS <9.3.2, OS X <10.11.5, tvOS <9.2.1, watchOS <2.2.1 - Memo...
CVSS 7.8
CVE-2016-1831 HIGH
Apple iOS <9.3.2 & OS X <10.11.5 - RCE/DoS
CVSS 7.8
CVE-2016-1830 HIGH
Apple iOS <9.3.2, OS X <10.11.5, tvOS <9.2.1, watchOS <2.2.1 - RCE/DoS
CVSS 7.8
Details
Vulnerabilities 14,008
Exploit Likelihood High