CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,008 vulnerabilities with CWE-119
CVE-2016-0109 HIGH
Microsoft Edge and Internet Explorer 11 - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2016-0108 HIGH
Microsoft Internet Explorer 11 - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2016-0107 HIGH
Microsoft Internet Explorer 9-11 - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2016-0106 HIGH
Microsoft Internet Explorer 11 - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2016-0105 HIGH
Microsoft Edge and Internet Explorer 9-11 - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2016-0104 HIGH
Microsoft Internet Explorer 10 - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2016-0103 HIGH
Microsoft Internet Explorer 11 - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2016-0102 HIGH
Microsoft Edge and Internet Explorer 11 - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2016-0021 HIGH
Microsoft InfoPath 2007 SP3, 2010 SP2, and 2013 SP1 - Remote Code Execution via Crafted Office Document
CVSS 7.8
CVE-2016-1358 MEDIUM
Cisco Prime Infrastructure <3.1 - XXE
CVSS 6.4
CVE-2016-2842 CRITICAL
OpenSSL 1.0.1-1.0.1r and 1.0.2-1.0.2f - Denial of Service via Memory Allocation Failure in doapr_outch
CVSS 9.8
CVE-2016-0799 CRITICAL
OpenSSL 1.0.1-1.0.1r and 1.0.2-1.0.2f - Denial of Service via fmtstr Function
CVSS 9.8
CVE-2016-0216 CRITICAL
IBM Tivoli Storage Manager FastBack <6.1.11.1 - Buffer Overflow
CVSS 9.8
CVE-2016-0213 CRITICAL
IBM Tivoli Storage Manager FastBack <6.1.11.1 - Buffer Overflow
CVSS 9.8
CVE-2016-0212 CRITICAL
IBM Tivoli Storage Manager FastBack <6.1.11.1 - Buffer Overflow
CVSS 9.8
CVE-2016-2532 MEDIUM
Wireshark 1.12.x < 1.12.10 and 2.0.x < 2.0.2 - Denial of Service via LLRP Dissector Recursion
CVSS 5.9
CVE-2016-2531 MEDIUM
Wireshark 1.12.x < 1.12.10 and 2.0.x < 2.0.2 - Denial of Service via RSL Dissector Off-by-One Error
CVSS 5.9
CVE-2016-2530 MEDIUM
Wireshark 1.12.x < 1.12.10 and 2.0.x < 2.0.2 - Denial of Service via RSL Dissector TLV Type Handling
CVSS 5.9
CVE-2016-2529 MEDIUM
Wireshark 2.0.x < 2.0.2 - Denial of Service via iSeries File Parser
CVSS 5.5
CVE-2016-2522 MEDIUM
Wireshark 2.0.x < 2.0.2 - Denial of Service via ASN.1 BER Dissector
CVSS 5.9
CVE-2016-2037 MEDIUM
cpio 2.11 - Denial of Service via Crafted cpio File
CVSS 6.5
CVE-2016-1628 MEDIUM
Google Chrome < 48.0.2564.109 - Remote Code Execution via Crafted JPEG 2000 Image in PDF
CVSS 6.3
CVE-2016-0795 HIGH
LibreOffice <5.0.5 - Memory Corruption
CVSS 7.8
CVE-2016-0794 HIGH
LibreOffice <5.0.4 - Memory Corruption
CVSS 7.8
CVE-2016-0773 HIGH
PostgreSQL DoS via Large Unicode Character Range in Regular Expression
CVSS 7.5
Details
Vulnerabilities 14,008
Exploit Likelihood High