CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,008 vulnerabilities with CWE-119
CVE-2016-0931 HIGH
Adobe Reader/Acrobat <11.0.14, DC Classic <15.006.30119, DC Continu...
CVSS 8.8
CVE-2016-0035 HIGH
Microsoft Excel - Remote Code Execution via Crafted Office Document
CVSS 7.8
CVE-2016-0024 HIGH
Microsoft Edge - Remote Code Execution via Chakra JavaScript Engine Memory Corruption
CVSS 8.8
CVE-2016-0015 HIGH
Microsoft Windows - Remote Code Execution via Crafted File in DirectShow
CVSS 7.8
CVE-2016-0010 HIGH
Microsoft Office and Excel for Mac - Remote Code Execution via Crafted Office Document
CVSS 7.8
CVE-2016-0003 CRITICAL
Microsoft Edge - Remote Code Execution via Memory Corruption
CVSS 9.6
CVE-2016-0002 HIGH
Microsoft JScript and VBScript - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2016-1131 HIGH
Takumi Yamada DX Library <3.16 - RCE
CVSS 7.8
CVE-2016-1283 CRITICAL
PCRE 8.38 - Heap-Based Buffer Overflow
CVSS 9.8
CVE-2015-20001 HIGH
Rust < 1.2.0 - Memory Safety Violation via BinaryHeap Panic
CVSS 7.5
CVE-2015-0565 CRITICAL
Google Native Client - Memory Corruption via CLFLUSH Instruction
CVSS 10.0
CVE-2015-5290 HIGH
ircd-ratbox 3.0.9 - Denial of Service in MONITOR Command Handler
CVSS 7.5
CVE-2015-3166 CRITICAL
PostgreSQL <9.0.20-9.4.2 - Info Disclosure
CVSS 9.8
CVE-2015-1006 CRITICAL
Opto 22 PAC Project Professional < R9.4006 - Heap-Based Buffer Overflow
CVSS 9.8
CVE-2015-1007 HIGH
Opto 22 PAC Project Professional < R9.4008 - Stack-based Buffer Overflow via Crafted Configuration File
CVSS 7.8
CVE-2015-6458 HIGH
Moxa SoftCMS < 1.3 - Buffer Overflow
CVSS 8.8
CVE-2015-6457 HIGH
Moxa SoftCMS < 1.3 - Buffer Overflow
CVSS 8.8
CVE-2015-9262 CRITICAL
Debian Linux < 1.1.15 - Memory Corruption
CVSS 9.8
CVE-2015-9224 CRITICAL
Qualcomm MDM9206 and related firmware - Buffer Overflow in QURTK_write()
CVSS 9.8
CVE-2015-9223 CRITICAL
Qualcomm MDM9615, MDM9625, MDM9635M, SD 400, SD 600, and SD 800 Firmware - Buffer Overflow in Audio Buffer Processing
CVSS 9.8
CVE-2015-9212 CRITICAL
Qualcomm MSM8909W, SD 210/212/205, SD 400, SD 410/12, SD 800 Firmware - Buffer Overread via TZ_PR_CMD_SAVE_KEY Command
CVSS 9.8
CVE-2015-9211 CRITICAL
Qualcomm Multiple Chipsets Firmware - Buffer Overread in Playready Module
CVSS 9.8
CVE-2015-9210 CRITICAL
Qualcomm Multiple Chipsets Firmware - Memory Overread in playready_licacq_process_response()
CVSS 9.8
CVE-2015-9207 CRITICAL
Qualcomm Snapdragon Mobile and Wear Firmware - Buffer Overread via playready_getadditional_responsedata
CVSS 9.8
CVE-2015-9206 CRITICAL
Qualcomm Snapdragon Mobile and Wear Firmware - Buffer Overread in Playready XML Message Encoding
CVSS 9.8
Details
Vulnerabilities 14,008
Exploit Likelihood High