CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,008 vulnerabilities with CWE-119
CVE-2016-1829 HIGH
Apple iOS <9.3.2 - Privilege Escalation
CVSS 7.8
CVE-2016-1828 HIGH
Apple iOS <9.3.2, OS X <10.11.5, tvOS <9.2.1, watchOS <2.2.1 - RCE/DoS
CVSS 7.8
CVE-2016-1827 HIGH
Apple iOS <9.3.2 - Privilege Escalation
CVSS 7.8
CVE-2016-1825 HIGH
macOS < 10.11.5 - Memory Corruption in IOHIDFamily
CVSS 7.8
CVE-2016-1824 HIGH
Apple iOS <9.3.2 - Privilege Escalation
CVSS 7.8
CVE-2016-1822 HIGH
macOS < 10.11.5 - Remote Code Execution via IOFireWireFamily Memory Corruption
CVSS 7.8
CVE-2016-1820 HIGH
Apple macOS X < 10.11.5 - Buffer Overflow in IOAudioFamily
CVSS 7.8
CVE-2016-1818 HIGH
Apple iOS <9.3.2 - Privilege Escalation
CVSS 7.8
CVE-2016-1817 HIGH
Apple iOS <9.3.2 - Privilege Escalation
CVSS 7.8
CVE-2016-1815 HIGH
Apple macOS X < 10.11.5 - Remote Code Execution via IOAcceleratorFamily Memory Corruption
CVSS 7.8
CVE-2016-1812 HIGH
Intel Graphics Driver <10.11.5 - RCE
CVSS 7.8
CVE-2016-1810 HIGH
macOS < 10.11.5 - Remote Code Execution in Graphics Drivers
CVSS 7.8
CVE-2016-1808 HIGH
Apple iOS <9.3.2, OS X <10.11.5, tvOS <9.2.1, watchOS <2.2.1 - RCE/DoS
CVSS 7.8
CVE-2016-1804 HIGH
Apple OS X < 10.11.5 - Remote Code Execution in Multi-Touch Subsystem
CVSS 7.8
CVE-2016-1799 HIGH
macOS < 10.11.5 - Remote Code Execution via Crafted Audio App
CVSS 7.8
CVE-2016-1795 HIGH
Apple OS X < 10.11.5 - Remote Code Execution in AppleGraphicsPowerManagement
CVSS 7.8
CVE-2016-1792 HIGH
Apple OS X <10.11.5 - Privilege Escalation/DoS
CVSS 7.8
CVE-2016-1790 LOW
iPhone OS < 9.3.1 - Kernel Memory Layout Information Disclosure via Accessibility Component Buffer Overflow
CVSS 3.3
CVE-2016-2554 CRITICAL
PHP < 5.5.32, 5.6.x < 5.6.18, 7.x < 7.0.3 - Stack-Based Buffer Overflow in TAR Archive Handling
CVSS 9.8
CVE-2016-1669 HIGH
Google V8 <5.0.71.47 - Buffer Overflow
CVSS 8.8
CVE-2016-4024 CRITICAL
imlib2 < 1.4.9 - Remote Code Execution via Large Image Dimensions
CVSS 9.8
CVE-2016-3994 HIGH
imlib2 <1.4.9 - DoS/Info Disclosure
CVSS 8.2
CVE-2016-3993 HIGH
imlib2 < 1.4.9 - Denial of Service via Off-by-One Error in __imlib_MergeUpdate
CVSS 7.5
CVE-2016-2196 CRITICAL
Botan 1.11.x - Heap-based Buffer Overflow in P-521 Reduction Function
CVSS 9.8
CVE-2016-2195 CRITICAL
Botan < 1.10.11 and 1.11.x < 1.11.27 - Heap-Based Buffer Overflow via Crafted ECC Point
CVSS 9.8
Details
Vulnerabilities 14,008
Exploit Likelihood High