CWE-119
High likelihoodImproper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
14,008 vulnerabilities with CWE-119
CVE-2015-8981
CRITICAL
PoDoFo - Heap-based Buffer Overflow in PdfParser::ReadXRefSubsection
CVSS 9.8
CVE-2015-4409
MEDIUM
Hikvision DS-76xxx and DS-77xxx Series Firmware < 3.3.4 - Authenticated Denial of Service via Crafted HTTP Request
CVSS 6.5
CVE-2015-4408
MEDIUM
Hikvision DS-76xxx and DS-77xxx Series Firmware < 3.3.4 - Authenticated Denial of Service via ISAPI HTTP Request
CVSS 6.5
CVE-2015-4407
MEDIUM
Hikvision DS-76xxNI-E1/2 and DS-77xxxNI-E4 Firmware < 3.4.0 - Authenticated Denial of Service via Crafted HTTP Request
CVSS 6.5
CVE-2015-8979
HIGH
Debian Linux < 3.6.0 - Memory Corruption
CVSS 7.5
CVE-2015-4049
MEDIUM
Unisys MCP-FIRMWARE 40.0 - Authenticated Denial of Service via EPSILON Codefile Memory Corruption
CVSS 6.8
CVE-2015-2181
HIGH
Roundcube Webmail < 1.1.0 - Buffer Overflow via Password or Username
CVSS 8.8
CVE-2015-7975
MEDIUM
NTP < 4.2.8p6 and 4.3.x < 4.3.90 - Denial of Service via nextvar Function
CVSS 6.2
CVE-2015-8972
CRITICAL
GNU Chess < 6.2.4 - Stack-Based Buffer Overflow in ValidateMove Function
CVSS 9.8
CVE-2015-2868
CRITICAL
Trane ComfortLink II SCC firmware >=2.0.2 <2.0.2 - Remote Code Execution via DSS Service REG Request
CVSS 9.8
CVE-2015-5073
CRITICAL
IBM Powerkvm < 8.37 - Information Disclosure
CVSS 9.1
CVE-2015-3217
HIGH
PCRE 7.8 8.32-8.37 and PCRE2 10.10 - Denial of Service via Crafted Regular Expression
CVSS 7.5
CVE-2015-8929
MEDIUM
Suse Linux Enterprise Desktop < 3.1.901a - Memory Corruption
CVSS 5.5
CVE-2015-8919
HIGH
Canonical Ubuntu Linux < 3.1.901a - Memory Corruption
CVSS 7.5
CVE-2015-8918
HIGH
Novell Suse Linux Enterprise Software... - Memory Corruption
CVSS 7.5
CVE-2015-8947
HIGH
HarfBuzz < 1.0.4 - Buffer Over-Read in hb-ot-layout-gpos-table.hh
CVSS 7.6
CVE-2015-8808
MEDIUM
GraphicsMagick < 1.3.17 - Denial of Service in GIF DecodeImage Function
CVSS 5.5
CVE-2015-3192
MEDIUM
Pivotal Spring Framework <3.2.14 & 4.x <4.1.7 - DoS
CVSS 5.5
CVE-2015-8893
MEDIUM
Android < 6.0.1 - Denial of Service via Crafted Application
CVSS 5.5
CVE-2015-7029
CRITICAL
Apple AirPort Base Station Firmware < 7.6.7 and 7.7.x < 7.7.7 - Remote Code Execution via DNS Data Misparsing
CVSS 9.8
CVE-2015-7987
CRITICAL
mDNSResponder <625.41.2 - Buffer Overflow
CVSS 9.8
CVE-2015-8869
CRITICAL
Fedora < 4.02.3 - Information Disclosure
CVSS 9.1
CVE-2015-5261
HIGH
SPICE <0.12.6 - Buffer Overflow
CVSS 7.1
CVE-2015-5260
HIGH
SPICE <0.12.6 - Buffer Overflow
CVSS 7.8
CVE-2015-8878
MEDIUM
PHP 5.5.0-5.5.27 - Denial of Service via Race Condition in Temporary File Handling
CVSS 5.9
Details
Vulnerabilities
14,008
Exploit Likelihood
High