CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,008 vulnerabilities with CWE-119
CVE-2016-1930 CRITICAL
Mozilla Firefox <44.0 - Firefox ESR <38.6 - DoS
CVSS 9.8
CVE-2016-0868 CRITICAL
Rockwell Automation Allen-Bradley MicroLogix - Buffer Overflow
CVSS 9.8
CVE-2016-1924 MEDIUM
OpenJPEG < 2.1.0 - Denial of Service via Crafted JPEG 2000 Image
CVSS 6.5
CVE-2016-1923 MEDIUM
OpenJpeg 2016.1.18 - Buffer Overflow
CVSS 6.5
CVE-2016-0869 MEDIUM
MICROSYS PROMOTIC <8.3.11 - Buffer Overflow
CVSS 5.0
CVE-2016-1619 HIGH
Google Chrome < 47.0.2526.106 - Out-of-Bounds Read in PDFium sycc422_to_rgb and sycc444_to_rgb Functions
CVSS 7.6
CVE-2016-1928 CRITICAL
SAP HANA - Buffer Overflow in XS Engine via JSON HTTP Request
CVSS 9.8
CVE-2016-1901 CRITICAL
CGit <0.12 - Buffer Overflow
CVSS 9.8
CVE-2016-1867 MEDIUM
JasPer 1.900.1 - Denial of Service via Crafted JPEG 2000 Image
CVSS 6.5
CVE-2016-1907 MEDIUM
OpenSSH - Denial of Service via Crafted Network Traffic
CVSS 5.3
CVE-2016-1903 CRITICAL
PHP <5.5.31, <5.6.17, <7.0.2 - Info Disclosure/DoS
CVSS 9.1
CVE-2016-0860 HIGH
Advantech WebAccess <8.1 - Buffer Overflow
CVSS 7.5
CVE-2016-0858 HIGH
Advantech WebAccess < 8.0 - Remote Code Execution via Race Condition
CVSS 8.1
CVE-2016-0857 CRITICAL
Advantech WebAccess < 8.0 - Remote Code Execution via Heap-Based Buffer Overflow
CVSS 9.8
CVE-2016-0856 CRITICAL
Advantech WebAccess < 8.0 - Remote Code Execution via Stack-Based Buffer Overflow
CVSS 9.8
CVE-2016-0851 HIGH
Advantech WebAccess < 8.0 - Denial of Service via Out-of-Bounds Memory Access
CVSS 7.5
CVE-2016-0778 HIGH
OpenSSH 5.x-7.x < 7.1p2 - Denial of Service via Roaming Connection Descriptor Mismanagement
CVSS 8.1
CVE-2016-0946 CRITICAL
Adobe Reader/Acrobat <11.0.14, DC Classic <15.006.30119, DC Continu...
CVSS 9.8
CVE-2016-0945 CRITICAL
Adobe Reader/Acrobat <11.0.14, DC Classic <15.006.30119, DC Continu...
CVSS 9.8
CVE-2016-0944 CRITICAL
Adobe Reader/Acrobat <11.0.14, DC Classic <15.006.30119, DC Continu...
CVSS 9.8
CVE-2016-0942 CRITICAL
Adobe Reader/Acrobat <11.0.14, DC Classic <15.006.30119, DC Continu...
CVSS 9.8
CVE-2016-0939 HIGH
Adobe Reader/Acrobat <11.0.14, DC Classic <15.006.30119, DC Continu...
CVSS 8.8
CVE-2016-0938 HIGH
Adobe Reader/Acrobat <11.0.14, DC Classic <15.006.30119, DC Continu...
CVSS 8.8
CVE-2016-0936 HIGH
Adobe Reader/Acrobat <11.0.14, DC Classic <15.006.30119, DC Continu...
CVSS 8.8
CVE-2016-0933 CRITICAL
Adobe Reader/Acrobat <11.0.14, DC Classic <15.006.30119, DC Continu...
CVSS 9.8
Details
Vulnerabilities 14,008
Exploit Likelihood High