CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,008 vulnerabilities with CWE-119
CVE-2016-0830 MEDIUM
Android 6.x - Denial of Service via Bluetooth Configuration File Overflow
CVSS 6.5
CVE-2016-0816 CRITICAL
Android 6.x - Remote Code Execution or Denial of Service via Crafted Media File
CVSS 9.8
CVE-2016-1002 HIGH
Adobe Flash Player Remote Code Execution or DoS via Memory Corruption
CVSS 8.8
CVE-2016-0992 HIGH
Adobe Flash Player <18.0.0.333 & 19.x-21.x - Memory Corruption
CVSS 8.8
CVE-2016-0989 HIGH
Adobe Flash Player <18.0.0.333 & 19.x-21.x - Memory Corruption
CVSS 8.8
CVE-2016-0986 HIGH
Adobe Flash Player <18.0.0.333 & 19.x-21.x - Memory Corruption
CVSS 8.8
CVE-2016-0962 HIGH
Adobe Flash Player <18.0.0.333 & 19.x-21.x - Memory Corruption
CVSS 8.8
CVE-2016-0961 HIGH
Adobe Flash Player <18.0.0.333,19.x-21.x - Memory Corruption
CVSS 8.8
CVE-2016-0960 HIGH
Adobe Flash Player <18.0.0.333 & 19.x-21.x - Memory Corruption
CVSS 8.8
CVE-2016-1327 CRITICAL
Cisco DPC2203 and EPC2203 Cable Modem Firmware - Remote Code Execution via HTTP Request
CVSS 9.8
CVE-2016-1312 HIGH
Cisco ASA 5500 CSC-SSM Firmware < 6.6.1164.0 - Denial of Service via HTTPS Packet Flood
CVSS 7.5
CVE-2016-1009 CRITICAL
Adobe Acrobat and Reader < 11.0.15 - Remote Code Execution via Memory Corruption
CVSS 9.8
CVE-2016-1007 CRITICAL
Adobe Acrobat and Reader < 11.0.15 - Memory Corruption
CVSS 9.8
CVE-2016-0954 CRITICAL
Adobe Digital Editions <4.5.1 - Memory Corruption
CVSS 9.8
CVE-2016-0134 HIGH
Microsoft Office - Remote Code Execution via Crafted Office Document
CVSS 7.8
CVE-2016-0130 HIGH
Microsoft Edge - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2016-0129 HIGH
Microsoft Edge - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2016-0124 HIGH
Microsoft Edge - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2016-0123 HIGH
Microsoft Edge - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2016-0116 HIGH
Microsoft Edge - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2016-0114 HIGH
Internet Explorer 11 - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2016-0113 HIGH
Microsoft Internet Explorer 9-11 - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2016-0112 HIGH
Microsoft Internet Explorer 9-11 - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2016-0111 HIGH
Microsoft Internet Explorer 9-11 and Edge - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2016-0110 HIGH
Microsoft Internet Explorer 10-11 and Edge - Remote Code Execution via Memory Corruption
CVSS 7.5
Details
Vulnerabilities 14,008
Exploit Likelihood High