CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,008 vulnerabilities with CWE-119
CVE-2015-8386 CRITICAL
PCRE < 8.38 - Buffer Overflow via Lookbehind Assertions and Mutually Recursive Subpatterns
CVSS 9.8
CVE-2015-8385
PCRE <8.38 - Buffer Overflow
CVE-2015-8384
PCRE < 8.38 - Buffer Overflow via Recursive Back References
CVE-2015-8383 CRITICAL
PCRE < 8.37 - Buffer Overflow via Repeated Conditional Groups
CVSS 9.8
CVE-2015-8382
PCRE - Use-After-Free in pcre_exec.c Match Function
CVE-2015-8381
PCRE < 8.38 - Heap-Based Buffer Overflow via Crafted Regular Expression
CVE-2015-8380
PCRE < 8.38 - Heap-Based Buffer Overflow via Crafted Regular Expression
CVE-2015-2327
PCRE < 8.35 - Denial of Service via Recursive Back Reference Pattern
CVE-2015-8365
FFmpeg <2.6.5, 2.7.x <2.7.3, 2.8.x <=2.8.2 - DoS
CVE-2015-8363
FFmpeg <2.6.5, <2.7.x-2.7.3, <2.8.x-2.8.2 - DoS
CVE-2015-8330
SAP Plant Connectivity - Denial of Service via Crafted xMII Requests
CVE-2015-8328
NVIDIA GPU graphics driver <341.92, <354.35, <358.87 - Info Disclosure
CVE-2015-8083
Huawei eSpace Firmware < v100r001c20 - Denial of Service via Timeout Message Processing
CVE-2015-7942
libxml2 - Denial of Service
CVE-2015-7941
libxml2 2.9.2 - DoS
CVE-2015-8221
Google Picasa < 3.9.140 - Remote Code Execution via CAMF Section Integer Overflow
CVE-2015-8220
SolarWinds DameWare Mini Remote Control <12.0.1 - Buffer Overflow
CVE-2015-7805
libsndfile 1.0.25 - Buffer Overflow
CVE-2015-7897
Samsung Galaxy S6 Edge - Memory Corruption
CVE-2015-3977
Schneider Electric IMT25 - Buffer Overflow
CVE-2015-2698
MIT Kerberos 5 1.14 pre-release 2015-09-14 - Authenticated Memory Corruption via gss_export_sec_context Function
CVE-2015-6098
Windows Vista/Server 2008/7 NDIS Buffer Overflow Local Privilege Escalation
CVE-2015-6097
Windows Journal - Remote Code Execution via Crafted Journal File
CVE-2015-6094
Microsoft Excel Remote Code Execution via Crafted Office Document
CVE-2015-6093
Microsoft Office 2007-2016, SharePoint 2010/2013, Office Web Apps - RCE via Crafted Document
Details
Vulnerabilities 14,008
Exploit Likelihood High