CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,008 vulnerabilities with CWE-119
CVE-2015-9164 CRITICAL
Qualcomm MSM8909W and Snapdragon Firmware - Buffer Overread in Playready
CVSS 9.8
CVE-2015-9161 CRITICAL
Qualcomm Snapdragon Mobile and Wear Firmware - Buffer Overflow via TOCTOU in playready_reader_bind()
CVSS 9.8
CVE-2015-9159 CRITICAL
Qualcomm Multiple Chipsets Firmware - Buffer Overflow in OEMCrypto_GetRandom
CVSS 9.8
CVE-2015-9158 CRITICAL
Qualcomm Multiple Chipsets Firmware - Buffer Overflow in QTEE Crypto Function
CVSS 9.8
CVE-2015-9157 CRITICAL
Qualcomm Snapdragon Mobile and Wear Firmware - Buffer Overflow via Widevine Dash Command Handler Race Condition
CVSS 9.8
CVE-2015-9156 CRITICAL
Qualcomm Mdm9206 Firmware - Memory Corruption
CVSS 9.8
CVE-2015-9153 CRITICAL
Qualcomm Snapdragon Firmware - Buffer Over-Read in DRM Function
CVSS 9.8
CVE-2015-9150 CRITICAL
Qualcomm MDM9625, MDM9635M, SD 400, and SD 800 Firmware - Buffer Overflow via Diag Event Length Calculation
CVSS 9.8
CVE-2015-9148 CRITICAL
Qualcomm Snapdragon Automobile and Mobile Firmware - Buffer Overflow via Diag User-PD Command Registration
CVSS 9.8
CVE-2015-9144 CRITICAL
Qualcomm MDM9206 and Snapdragon Firmware - Buffer Overflow in Scheduling Message Processing
CVSS 9.8
CVE-2015-9143 CRITICAL
Qualcomm MDM9206 and Snapdragon Firmware - Buffer Overflow via eMMC CDT Meta Offset
CVSS 9.8
CVE-2015-9141 CRITICAL
Qualcomm Mdm9206 Firmware - Memory Corruption
CVSS 9.8
CVE-2015-9138 CRITICAL
Qualcomm MDM9206 and related firmware - Buffer Overflow in RSA Encryption via ce_util_to_unsigned_bin
CVSS 9.8
CVE-2015-9136 CRITICAL
Qualcomm Mdm9206 Firmware - Memory Corruption
CVSS 9.8
CVE-2015-9128 CRITICAL
Qualcomm Multiple Chips - Buffer Overread
CVSS 9.8
CVE-2015-9126 CRITICAL
Qualcomm MDM9607 and Snapdragon Firmware - Buffer Overflow via 1X Circuit Service Message
CVSS 9.8
CVE-2015-9122 CRITICAL
Qualcomm MDM9206 and Snapdragon Firmware - Buffer Overflow via SIM Card Stream APDU Response
CVSS 9.8
CVE-2015-9118 CRITICAL
Qualcomm Mdm9615 Firmware - Memory Corruption
CVSS 9.8
CVE-2015-9112 CRITICAL
Qualcomm MDM9625, SD 400, SD 800, SD 820, and SD 820A Firmware - Buffer Overflow in QSEE
CVSS 9.8
CVE-2015-5315 MEDIUM
wpa_supplicant 2.0-2.5 - Denial of Service via EAP-pwd Message Fragment Handling
CVSS 5.9
CVE-2015-5314 MEDIUM
wpa_supplicant 2.0-2.5 - Denial of Service via EAP-pwd Final Fragment Length Validation
CVSS 5.9
CVE-2015-1290 HIGH
Google V8 engine <44.0.2403.89 - Memory Corruption
CVSS 8.8
CVE-2015-3249 CRITICAL
Apache Traffic Server <5.3.1 - DoS/Code Injection
CVSS 9.8
CVE-2015-4422 HIGH
Huawei Mate 7 Firmware < V100R001CHNC00B126SP03 - Memory Corruption in TEEOS Module
CVSS 7.0
CVE-2015-4421 HIGH
Huawei Mate 7 Firmware < V100R001CHNC00B126SP03 - Memory Corruption in tzdriver Module
CVSS 7.5
Details
Vulnerabilities 14,008
Exploit Likelihood High