CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,008 vulnerabilities with CWE-119
CVE-2016-2804 HIGH
Firefox < 45.0.2 - Remote Code Execution via Memory Corruption
CVSS 8.8
CVE-2016-3134 HIGH
SUSE Linux Enterprise - Heap Memory Corruption via netfilter IPT_SO_SET_REPLACE
CVSS 8.4
CVE-2016-4054 HIGH
Squid <3.5.17, <4.0.9 - Remote Code Execution
CVSS 8.1
CVE-2016-4053 LOW
Squid <3.5.17-4.0.9 - Info Disclosure
CVSS 3.7
CVE-2016-4052 HIGH
Squid <3.5.17, <4.0.9 - Buffer Overflow
CVSS 8.1
CVE-2016-4051 HIGH
Squid <3.5.17, <4.0.9 - Buffer Overflow
CVSS 8.8
CVE-2016-4082 MEDIUM
Wireshark 1.12.x < 1.12.11 and 2.0.x < 2.0.3 - Denial of Service via GSM CBCH Dissector Array Indexing
CVSS 5.9
CVE-2016-4080 MEDIUM
Wireshark 1.12.x < 1.12.11 and 2.0.x < 2.0.3 - Denial of Service via PKTC Dissector Timestamp Parsing
CVSS 5.9
CVE-2016-4079 MEDIUM
Wireshark <1.12.11-2.0.3 - DoS
CVSS 5.9
CVE-2016-4006 MEDIUM
Wireshark 1.12.x < 1.12.11 and 2.0.x < 2.0.3 - Denial of Service via Protocol-Tree Depth Exhaustion
CVSS 5.9
CVE-2016-4065 HIGH
Foxit Reader & PhantomPDF <7.3.4 - DoS
CVSS 7.8
CVE-2016-3977 MEDIUM
giflib 5.1.2 - Buffer Overflow
CVSS 5.5
CVE-2016-3190 HIGH
Opensuse < 1.12.16 - Memory Corruption
CVSS 7.5
CVE-2016-2280 HIGH
Honeywell Uniformance Process History Database R310 R320 R321 - Buffer Overflow
CVSS 7.5
CVE-2016-3628 HIGH
TIBCO EMS <8.3.0-2.4.0 - Buffer Overflow
CVSS 8.8
CVE-2016-3186 MEDIUM
Opensuse - Memory Corruption
CVSS 6.2
CVE-2016-3941 MEDIUM
VLC media player <2.2.0 - Buffer Overflow
CVSS 5.5
CVE-2016-1653 HIGH
Google V8 <50.0.2661.75 - DoS
CVSS 8.8
CVE-2016-2418 CRITICAL
Android 6.x - Information Disclosure via Uninitialized Metadata Buffer Pointers
CVSS 9.8
CVE-2016-1503 CRITICAL
dhcpcd < 6.10.0 - Remote Code Execution via Malformed DHCP Response
CVSS 9.8
CVE-2016-0842 HIGH
Android 6.x - Remote Code Execution via H.264 MMCO Data
CVSS 8.4
CVE-2016-0841 CRITICAL
Android <4.4.4, <5.0.2, <5.1.1, <2016-04-01 - Memory Corruption
CVSS 9.8
CVE-2016-0840 HIGH
Android 6.x - Remote Code Execution via Crafted Media File
CVSS 8.4
CVE-2016-0839 CRITICAL
Android 6.x - Remote Code Execution via Crafted Media File
CVSS 9.8
CVE-2016-0838 CRITICAL
Android <4.4.4, <5.0.2, <5.1.1, <2016-04-01 - Memory Corruption
CVSS 9.8
Details
Vulnerabilities 14,008
Exploit Likelihood High