CWE-119
High likelihoodImproper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
14,008 vulnerabilities with CWE-119
CVE-2016-1043
CRITICAL
Adobe Acrobat and Reader < 11.0.16 - Remote Code Execution
CVSS 9.8
CVE-2016-1037
CRITICAL
Adobe Acrobat and Reader < 11.0.16 - Remote Code Execution via Memory Corruption
CVSS 9.8
CVE-2016-0198
HIGH
Microsoft Office - Remote Code Execution via Crafted Office Document
CVSS 7.8
CVE-2016-0195
HIGH
Microsoft Windows - Remote Code Execution via Crafted Document in Imaging Component
CVSS 8.8
CVE-2016-0193
HIGH
Microsoft Edge - Remote Code Execution via Chakra JavaScript Engine Memory Corruption
CVSS 7.5
CVE-2016-0192
HIGH
Microsoft Browser <11 - Memory Corruption
CVSS 7.5
CVE-2016-0191
HIGH
Microsoft Edge - Remote Code Execution via Chakra JavaScript Engine Memory Corruption
CVSS 7.5
CVE-2016-0187
HIGH
Microsoft JScript and VBScript 5.8 - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2016-0186
HIGH
Microsoft Edge - Remote Code Execution via Chakra JavaScript Engine Memory Corruption
CVSS 7.5
CVE-2016-0140
HIGH
Microsoft Office 2007 SP3/2010 SP2 & SharePoint/Office Web Apps 2010 SP2 - RCE via Crafted Document
CVSS 7.8
CVE-2016-0126
HIGH
Microsoft Office 2013 SP1, 2013 RT SP1, and 2016 - Remote Code Execution via Crafted Office Document
CVSS 7.8
CVE-2016-2439
HIGH
Android 4.x < 4.4.4, 5.0.x < 5.0.2, 5.1.x < 5.1.1, 6.x < 2016-05-01 - Buffer Overflow via Bluetooth PIN Value
CVSS 8.8
CVE-2016-2429
CRITICAL
Android mediaserver libFLAC < 2016-05-01 - Remote Code Execution via Crafted Media File
CVSS 9.8
CVE-2016-2428
CRITICAL
Android mediaserver - Remote Code Execution via Crafted Media File
CVSS 9.8
CVE-2016-2176
HIGH
OpenSSL < 1.0.1s - Buffer Over-Read via EBCDIC ASN.1 Data
CVSS 8.2
CVE-2016-2108
CRITICAL
Redhat Enterprise Linux Desktop < 1.0.1n - Memory Corruption
CVSS 9.8
CVE-2016-4418
MEDIUM
Wireshark 1.12.x < 1.12.10 and 2.x < 2.0.2 - Denial of Service via ASN.1 BER Dissector
CVSS 5.9
CVE-2016-4417
MEDIUM
Wireshark 1.12.x < 1.12.10 and 2.x < 2.0.2 - Denial of Service via GSM A-bis OML Dissector
CVSS 5.9
CVE-2016-4416
MEDIUM
Wireshark 2.x - Denial of Service via IEEE 802.11 Grouping Subfield
CVSS 5.9
CVE-2016-4415
MEDIUM
Wireshark 2.x < 2.0.2 - Denial of Service via Ixia IxVeriWave File Parser
CVSS 5.9
CVE-2016-2814
HIGH
Firefox < 45.0.2 - Remote Code Execution via Crafted CENC Offsets
CVSS 8.8
CVE-2016-2808
HIGH
Firefox < 45.0.2 - Remote Code Execution via JavaScript Watch Implementation
CVSS 7.5
CVE-2016-2807
HIGH
Firefox < 46.0 - Memory Corruption
CVSS 8.8
CVE-2016-2806
HIGH
Debian Linux < 45.0.2 - Memory Corruption
CVSS 8.8
CVE-2016-2805
HIGH
Firefox ESR 38.x - Remote Code Execution via Memory Corruption
CVSS 8.8
Details
Vulnerabilities
14,008
Exploit Likelihood
High