CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,008 vulnerabilities with CWE-119
CVE-2015-7092 MEDIUM
Apple QuickTime < 7.7.8 - Remote Code Execution via Crafted TXXX Frame in ID3 Tag
CVSS 6.6
CVE-2015-7091 MEDIUM
Apple QuickTime < 7.7.8 - Remote Code Execution via Crafted Movie File
CVSS 6.6
CVE-2015-7090 MEDIUM
Apple QuickTime < 7.7.8 - Remote Code Execution via Crafted Movie File
CVSS 6.6
CVE-2015-7089 MEDIUM
Apple QuickTime < 7.7.8 - Remote Code Execution via Crafted Movie File
CVSS 6.6
CVE-2015-7088 MEDIUM
Apple QuickTime < 7.7.8 - Remote Code Execution via Crafted Movie File
CVSS 6.6
CVE-2015-7087 MEDIUM
Apple QuickTime < 7.7.8 - Remote Code Execution via Crafted Movie File
CVSS 6.6
CVE-2015-7086 MEDIUM
Apple QuickTime < 7.7.8 - Remote Code Execution via Crafted Movie File
CVSS 6.6
CVE-2015-7085 MEDIUM
Apple QuickTime < 7.7.8 - Remote Code Execution via Crafted Movie File
CVSS 6.6
CVE-2015-5259 HIGH
Apache Subversion - Remote Code Execution via Integer Overflow in read_string Function
CVSS 8.6
CVE-2015-6636 CRITICAL
Android mediaserver - Remote Code Execution via Crafted Media File
CVSS 9.8
CVE-2015-8726 MEDIUM
Wireshark 1.12.x < 1.12.9 and 2.0.x < 2.0.1 - Denial of Service via VeriWave File Parser
CVSS 5.5
CVE-2015-8725 MEDIUM
Wireshark 1.12.x-1.12.9 and 2.0.x-2.0.1 - Denial of Service via DIAMETER Dissector IPv6 Prefix Length Validation
CVSS 5.5
CVE-2015-8723 MEDIUM
Wireshark 1.12.x < 1.12.9 and 2.0.x < 2.0.1 - Denial of Service via AirPDcapPacketProcess Buffer Overflow
CVSS 5.5
CVE-2015-8713 MEDIUM
Wireshark 1.12.x < 1.12.9 - Denial of Service via UMTS FP Dissector Memory Access
CVSS 5.5
CVE-2015-7422 MEDIUM
IBM i Access 7.1 - Denial of Service via Buffer Overflow
CVSS 5.5
CVE-2015-2023 HIGH
IBM i Access 7.1 - Local Privilege Escalation via Buffer Overflow
CVSS 8.8
CVE-2015-2895 HIGH
Idera Uptime Infrastructure Monitor 7.4 - Buffer Overflow
CVSS 7.3
CVE-2015-8645 HIGH
Adobe AIR < 20.0.0.233 - Remote Code Execution via Memory Corruption
CVSS 8.8
CVE-2015-8636 HIGH
Adobe AIR < 20.0.0.233 - Remote Code Execution via Memory Corruption
CVSS 8.8
CVE-2015-8460 HIGH
Adobe Flash Player <18.0.0.324, 19.x, 20.x - Memory Corruption
CVSS 8.8
CVE-2015-8459 CRITICAL
Adobe Flash Player <18.0.0.324,19.x,20.x - Memory Corruption
CVSS 10.0
CVE-2015-8663 HIGH
FFmpeg - Denial of Service via Crafted .mov File
CVSS 8.3
CVE-2015-8662 HIGH
FFmpeg < 2.8.3 - Denial of Service via JPEG 2000 DWT Decoding
CVSS 7.3
CVE-2015-8661 HIGH
FFmpeg < 2.8.3 - Denial of Service via H.264 Slice Header Thread Validation
CVSS 8.3
CVE-2015-7937
Schneider Electric Modicon M340 PLC - Buffer Overflow
Details
Vulnerabilities 14,008
Exploit Likelihood High