CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,008 vulnerabilities with CWE-119
CVE-2016-1626 MEDIUM
Google Chrome < 48.0.2564.109 - Denial of Service via Crafted PDF Document
CVSS 4.3
CVE-2016-1624 HIGH
Brotli <48.0.2564.109 - Buffer Overflow
CVSS 8.8
CVE-2016-1526 HIGH
Mozilla Firefox <43.0 & ESR 38.x <38.6.1 - Info Disclosure
CVSS 8.1
CVE-2016-1522 HIGH
Mozilla Firefox <43.0 & ESR 38.x <38.6.1 - Heap-Based Buffer Overflow
CVSS 8.8
CVE-2016-1521 HIGH
Mozilla Firefox <43.0 & ESR 38.x <38.6.1 - Denial of Service
CVSS 8.8
CVE-2016-2073 MEDIUM
libxml2 < 2.9.4 - Denial of Service via Crafted XML Document in htmlParseNameComplex
CVSS 6.5
CVE-2016-2330 HIGH
FFmpeg < 2.8.6 - Denial of Service via Crafted TGA File
CVSS 8.8
CVE-2016-2329 HIGH
Opensuse Leap < 2.8.5 - Memory Corruption
CVSS 8.8
CVE-2016-2328 HIGH
FFmpeg < 2.8.6 - Denial of Service via Crafted .cine File
CVSS 8.8
CVE-2016-2327 HIGH
FFmpeg < 2.8.4 - Denial of Service via Crafted AVI File
CVSS 8.8
CVE-2016-1287 CRITICAL
Cisco Adaptive Security Appliance Software - Remote Code Execution via IKEv1/IKEv2 UDP Packet Buffer Overflow
CVSS 9.8
CVE-2016-0953 CRITICAL
Adobe Photoshop CC <15.2.4 & Bridge CC <6.2 - Memory Corruption
CVSS 9.8
CVE-2016-0952 CRITICAL
Adobe Photoshop CC <15.2.4 & Bridge CC <6.2 - Memory Corruption
CVSS 9.8
CVE-2016-0951 CRITICAL
Adobe Photoshop CC <15.2.4 & Bridge CC <6.2 - Memory Corruption
CVSS 9.8
CVE-2016-0084 HIGH
Microsoft Edge - Remote Code Execution via Memory Corruption
CVSS 8.8
CVE-2016-0072 HIGH
Microsoft Internet Explorer 9-11 - Remote Code Execution via Memory Corruption
CVSS 8.8
CVE-2016-0071 HIGH
Microsoft Internet Explorer 9 - Remote Code Execution via Memory Corruption
CVSS 8.8
CVE-2016-0067 HIGH
Microsoft Internet Explorer 9-11 - Remote Code Execution via Memory Corruption
CVSS 8.8
CVE-2016-0064 HIGH
Microsoft Internet Explorer 10 - Remote Code Execution or Denial of Service via Memory Corruption
CVSS 8.8
CVE-2016-0063 HIGH
Microsoft Internet Explorer 9-11 - Remote Code Execution via Memory Corruption
CVSS 8.8
CVE-2016-0062 HIGH
Microsoft Edge and Internet Explorer 11 - Remote Code Execution via Memory Corruption
CVSS 8.8
CVE-2016-0061 HIGH
Microsoft Edge and Internet Explorer 9-11 - Remote Code Execution via Memory Corruption
CVSS 8.8
CVE-2016-0060 HIGH
Microsoft Internet Explorer 9-11 and Edge - Remote Code Execution via Memory Corruption
CVSS 8.8
CVE-2016-0058 HIGH
Microsoft Windows PDF Library - Remote Code Execution via Crafted PDF Document
CVSS 7.8
CVE-2016-0056 HIGH
Microsoft Office and Word - Remote Code Execution via Crafted Office Document
CVSS 7.8
Details
Vulnerabilities 14,008
Exploit Likelihood High