CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,008 vulnerabilities with CWE-119
CVE-2015-9205 CRITICAL
Qualcomm Snapdragon Mobile and Wear Firmware - Buffer Over-Read in PlayReady API
CVSS 9.8
CVE-2015-9204 CRITICAL
Qualcomm MSM8909W and Snapdragon Firmware - Buffer Overread in playready_leavedomain_generate_challenge()
CVSS 9.8
CVE-2015-9203 CRITICAL
Qualcomm Multiple Chipsets Firmware - Buffer Overread via playready_set_domainid
CVSS 9.8
CVE-2015-9202 CRITICAL
Qualcomm Multiple Chipsets Firmware - Buffer Overread in Playready Module
CVSS 9.8
CVE-2015-9199 CRITICAL
Qualcomm Snapdragon Automobile and Mobile Firmware - Memory Corruption via QSEE Buffer Address Registration
CVSS 9.8
CVE-2015-9195 CRITICAL
Qualcomm Mdm9625 Firmware - Memory Corruption
CVSS 9.8
CVE-2015-9192 CRITICAL
Qualcomm Snapdragon Firmware - Memory Corruption in Content Protection Manager
CVSS 9.8
CVE-2015-9188 CRITICAL
Qualcomm Snapdragon Firmware - Memory Corruption via Secure DEMUX Command Handler
CVSS 9.8
CVE-2015-9187 CRITICAL
Qualcomm Multiple Chipsets Firmware - Unauthorized Secure Memory Access via Buffer Overflow
CVSS 9.8
CVE-2015-9186 CRITICAL
Qualcomm MDM9206 and related firmware - Buffer Over-read in PlayReady API
CVSS 9.8
CVE-2015-9185 CRITICAL
Qualcomm Snapdragon Firmware - Memory Corruption via Secure DEMUX Response Buffer Overflow
CVSS 9.8
CVE-2015-9184 CRITICAL
Qualcomm MSM8909W and Snapdragon Firmware - Buffer Overflow in wv_dash_core_load_keys_v8
CVSS 9.8
CVE-2015-9183 CRITICAL
Qualcomm SD 410/12, SD 617, SD 650/52, SD 800, SD 808, SD 810 Firmware - Buffer Overflow via Set Certificates Command
CVSS 9.8
CVE-2015-9182 CRITICAL
Qualcomm Multiple Chipsets Firmware - Buffer Over-Read in OEMCrypto_GenerateSignature()
CVSS 9.8
CVE-2015-9181 CRITICAL
Qualcomm MSM8909W and Snapdragon Firmware - Buffer Over-Read in Crypto API Function
CVSS 9.8
CVE-2015-9180 CRITICAL
Qualcomm Snapdragon Firmware - Memory Corruption via SDMX_process Response Pointer
CVSS 9.8
CVE-2015-9179 CRITICAL
Qualcomm MSM8974 Firmware - Buffer Overflow in OEMCrypto_DeriveKeysFromSessionKey
CVSS 9.8
CVE-2015-9178 CRITICAL
Qualcomm Snapdragon Firmware - Memory Corruption via RMP Secure Command Processing
CVSS 9.8
CVE-2015-9177 CRITICAL
Qualcomm Multiple Chipsets Firmware - Buffer Over-Read in Crypto API
CVSS 9.8
CVE-2015-9176 HIGH
Qualcomm Mdm9206 Firmware - Information Disclosure
CVSS 7.5
CVE-2015-9174 CRITICAL
Qualcomm SD 410/12, SD 617, SD 650/52, SD 800, SD 808, SD 810 Firmware Memory Corruption
CVSS 9.8
CVE-2015-9173 CRITICAL
Qualcomm SD 410/412/617/650/652/800/808/810 Firmware - Memory Corruption via memscpy Return Value Mismanagement
CVSS 9.8
CVE-2015-9172 CRITICAL
Qualcomm Snapdragon Firmware - Buffer Over-Read in WideVine API Function
CVSS 9.8
CVE-2015-9171 CRITICAL
Qualcomm Multiple Chipsets - Buffer Over-Read via OEMCrypto_Dash_InstallEncapKeybox
CVSS 9.8
CVE-2015-9170 CRITICAL
Qualcomm Multiple Chipsets Firmware - Buffer Overread in wv_dash_core_refresh_keys()
CVSS 9.8
Details
Vulnerabilities 14,008
Exploit Likelihood High