CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,008 vulnerabilities with CWE-119
CVE-2015-8593 CRITICAL
Qualcomm Android - Buffer Overflow
CVSS 9.8
CVE-2015-2675 HIGH
librest - Denial of Service via OAuth Pointer Truncation
CVSS 7.5
CVE-2015-0576 HIGH
Google Android - Memory Corruption
CVSS 7.0
CVE-2015-1817 CRITICAL
musl libc 0.9.15-1.0.4 and 1.1.0-1.1.7 - Stack-based Buffer Overflow in inet_pton
CVSS 9.8
CVE-2015-1783 HIGH
Fedora < 2.4.0 - Memory Corruption
CVSS 7.5
CVE-2015-7894 HIGH
Samsung Galaxy S6 Edge Firmware - Remote Code Execution via Crafted JPG Image
CVSS 8.8
CVE-2015-0786 CRITICAL
Novell ZENworks Configuration Management - Stack-based Buffer Overflow in Preboot Policy Service Logging
CVSS 9.8
CVE-2015-6585 HIGH
Hangul Word Processor - Remote Code Execution via Crafted HWPX Para Text Tag
CVSS 7.8
CVE-2015-1438 HIGH
Panda Security Kernel Memory Access Driver <1.0.0.13 - Buffer Overflow
CVSS 7.8
CVE-2015-1332 HIGH
Oxide-Qt <1.9.1 - DoS/Code Injection
CVSS 8.8
CVE-2015-9101 MEDIUM
LAME 3.98-3.99.5 - Heap-Based Buffer Over-Read in fill_buffer_resample
CVSS 5.5
CVE-2015-9028 HIGH
Android - Buffer Overflow in Cryptographic Routine
CVSS 7.8
CVE-2015-9025 HIGH
Android - Buffer Overflow in QTEE Application
CVSS 7.8
CVE-2015-9023 HIGH
Android - Buffer Overflow in PlayReady API
CVSS 7.8
CVE-2015-3220 HIGH
tlslite < 0.4.9 - Denial of Service via Runtime Exception
CVSS 7.5
CVE-2015-8999 HIGH
Android - Buffer Overflow in TrustZone ELF File Loading
CVSS 7.8
CVE-2015-1522 HIGH
Bro < 2.3.1 - Denial of Service via DNP3 Packet Length Handling
CVSS 7.5
CVE-2015-1521 HIGH
Bro < 2.3.1 - Denial of Service via DNP3 Packet Length Handling
CVSS 7.5
CVE-2015-8285 HIGH
QuickHeal Total Security - Denial of Service via webssx.sys Driver
CVSS 7.5
CVE-2015-8957 MEDIUM
ImageMagick < 6.9.0-3 - Denial of Service via Crafted SUN File
CVSS 6.5
CVE-2015-6674 CRITICAL
inspircd < 2.0.19 - Buffer Underflow
CVSS 9.8
CVE-2015-7292 CRITICAL
Amazon Fire OS < 2016-01-15 - Stack-Based Buffer Overflow in havok_write Function
CVSS 9.8
CVE-2015-7272 CRITICAL
Dell iDRAC 6 < 2.80 and 7/8 < 2.21.21.21 - Buffer Overflow via Long SSH Username
CVSS 9.8
CVE-2015-8764 HIGH
FreeRADIUS 3.0-3.0.8 - Buffer Overflow in EAP-PWD Module
CVSS 8.1
CVE-2015-8026 HIGH
exfat-utils <1.2.1 - Buffer Overflow
CVSS 7.8
Details
Vulnerabilities 14,008
Exploit Likelihood High