CWE-119
High likelihoodImproper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
14,008 vulnerabilities with CWE-119
CVE-2015-6108
Microsoft Windows and Office - Remote Code Execution via Crafted Embedded Font
CVE-2015-6107
Microsoft Windows and Office - Remote Code Execution via Crafted Embedded Font
CVE-2015-6106
Microsoft Windows Font Library - Remote Code Execution via Crafted Embedded Font
CVE-2015-6083
Microsoft Internet Explorer <11 - Code Injection
CVE-2015-6040
Microsoft Office < - Code Injection
CVE-2015-8507
Android 6.0 <2015-12-01 - Memory Corruption
CVE-2015-8506
Android <5.1.1 LMY48Z & 6.0 - Memory Corruption
CVE-2015-8505
Android < 5.1.1 - Remote Code Execution via Crafted Media File
CVE-2015-6634
Android < 5.1.1 - Remote Code Execution via Crafted Media File
CVE-2015-6633
Android < 5.1.1 LMY48Z and 6.0 < 2015-12-01 - Remote Code Execution via Crafted Media File
CVE-2015-6617
Android Skia < 5.1.1 LMY48Z and 6.0 < 2015-12-01 - Remote Code Execution via Crafted Media File
CVE-2015-6616
Android < 5.1.1 LMY48Z and 6.0 before 2015-12-01 - Remote Code Execution via Crafted Media File
CVE-2015-8480
Google Chrome < 46.0.2490.86 - Use-After-Free in VideoFramePool
CVE-2015-8479
Google Chrome <47.0.2526.73 - Use After Free
CVE-2015-6778
Google Chrome < 46.0.2490.86 - Out-of-Bounds Memory Access in CJBig2_SymbolDict
CVE-2015-6776
Google Chrome < 46.0.2490.86 - Use-After-Free in PDFium JPEG 2000 Handling
CVE-2015-6773
Google Chrome < 46.0.2490.86 - Out-of-Bounds Memory Access in Skia Convolution Implementation
CVE-2015-6771
Google Chrome < 46.0.2490.86 - Out-of-Bounds Memory Access in V8 Array Operations
CVE-2015-6764
CRITICAL
Google Chrome < 46.0.2490.86 - Denial of Service via JSON Stringifier Array Handling
CVSS 9.8
CVE-2015-8076
Cyrus IMAP <2.3.19-2.5.4 - Info Disclosure
CVE-2015-8395
PCRE < 8.38 - Denial of Service via Crafted Regular Expression
CVE-2015-8392
PCRE < 8.38 - Denial of Service via Crafted Regular Expression
CVE-2015-8391
CRITICAL
PCRE < 8.38 - Denial of Service via Crafted Regular Expression with Nested [:
CVSS 9.8
CVE-2015-8389
CRITICAL
PCRE < 8.37 - Denial of Service via Recursive Regular Expression Pattern
CVSS 9.8
CVE-2015-8388
PCRE <8.38 - Buffer Overflow
Details
Vulnerabilities
14,008
Exploit Likelihood
High