CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,008 vulnerabilities with CWE-119
CVE-2016-1645 HIGH
Google Chrome < 49.0.2623.87 - Out-of-Bounds Write via JPEG 2000 Data
CVSS 8.8
CVE-2016-0771 MEDIUM
Samba 4.x < 4.1.23, 4.2.x < 4.2.9, 4.3.x < 4.3.6, 4.4.x < 4.4.0rc4 - Authenticated Denial of Service via DNS TXT Record
CVSS 5.9
CVE-2016-2802 HIGH
Firefox < 44.0.2 - Buffer Over-read via Graphite Smart Font
CVSS 8.8
CVE-2016-2801 HIGH
Opensuse Leap < 1.3.5 - Memory Corruption
CVSS 8.8
CVE-2016-2800 HIGH
Firefox < 44.0.2 - Buffer Over-read via Graphite Smart Font
CVSS 8.8
CVE-2016-2799 HIGH
Oracle Linux < 44.0.2 - Memory Corruption
CVSS 8.8
CVE-2016-2798 HIGH
Firefox < 45.0 - Buffer Over-Read via Graphite Smart Font
CVSS 8.8
CVE-2016-2797 HIGH
Oracle Linux < 44.0.2 - Memory Corruption
CVSS 8.8
CVE-2016-2796 HIGH
Graphite2 < 1.3.6 - Heap-Based Buffer Overflow via Crafted Graphite Smart Font
CVSS 8.8
CVE-2016-2794 HIGH
Firefox < 44.0.2 - Buffer Over-Read via Graphite Smart Font
CVSS 8.8
CVE-2016-2793 HIGH
Oracle Linux < 44.0.2 - Memory Corruption
CVSS 8.8
CVE-2016-2792 HIGH
Graphite2 < 1.3.6 - Buffer Over-Read via Crafted Graphite Smart Font
CVSS 8.8
CVE-2016-2791 HIGH
Opensuse Leap < 44.0.2 - Memory Corruption
CVSS 8.8
CVE-2016-1977 HIGH
Graphite <1.3.6 - Memory Corruption
CVSS 8.8
CVE-2016-1974 HIGH
Firefox < 44.0.2 - Remote Code Execution via Unicode Data in HTML/XML/SVG
CVSS 8.8
CVE-2016-1971 HIGH
Mozilla Firefox <45.0 - Memory Corruption
CVSS 8.8
CVE-2016-1970 HIGH
Mozilla Firefox <45.0 - Memory Corruption
CVSS 8.8
CVE-2016-1969 HIGH
Graphite2 < 1.3.6 - Memory Corruption via Crafted Smart Font
CVSS 8.8
CVE-2016-1963 HIGH
Mozilla Firefox <45.0 - Memory Corruption
CVSS 7.4
CVE-2016-1959 HIGH
Firefox < 44.0.2 - Remote Code Execution via ServiceWorkerManager Clients API
CVSS 8.8
CVE-2016-1957 MEDIUM
Mozilla Firefox <45.0, Firefox ESR <38.7 - Memory Consumption
CVSS 4.3
CVE-2016-1953 HIGH
Mozilla Firefox <45.0 - Memory Corruption
CVSS 8.8
CVE-2016-1952 HIGH
Mozilla Firefox <45.0 - Firefox ESR <38.7 - DoS/Code Injection
CVSS 8.8
CVE-2016-1950 HIGH
Mozilla Network Security Services < 3.19.2.3, 3.20.x-3.21.x < 3.21.1 - Remote Code Execution
CVSS 8.8
CVE-2016-1621 CRITICAL
Android <4.4.4, <5.1.1 LMY49H, <6.0 - Memory Corruption
CVSS 9.8
Details
Vulnerabilities 14,008
Exploit Likelihood High