CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,008 vulnerabilities with CWE-119
CVE-2015-2427
Microsoft Internet Explorer 9 - Remote Code Execution via Memory Corruption
CVE-2015-7992
SAP HANA DB <1.00.73.00.389160 - DoS
CVE-2015-5214
LibreOffice <4.4.6,5.x <5.0.1 & Apache OpenOffice <4.1.2 - Denial of Service
CVE-2015-8096
Google Picasa 3.9.140 Build 239 and Build 248 - Remote Code Execution via Phase One Tag Processing
CVE-2015-7295
QEMU < 2.4.1 - Denial of Service via Jumbo Frame Flood on Virtio-Net Interface
CVE-2015-5218
util-linux < 2.27 - Denial of Service via Crafted File in colcrt
CVE-2015-5225
QEMU <2.4.0.1 - Buffer Overflow
CVE-2015-7696
Info-ZIP UnZip 6.0 - DoS/Heap-Based Buffer Overflow
CVE-2015-7199
Firefox < 41.0.2 - Memory Corruption via SVG Path Segments
CVE-2015-7198
Firefox < 41.0.2 - Memory Corruption via Crafted Texture Data
CVE-2015-7194
Firefox < 41.0.2 - Buffer Underflow via Crafted ZIP Archive
CVE-2015-7189
Firefox < 42.0 - Remote Code Execution via JPEGEncoder Race Condition
CVE-2015-7183
Firefox < 41.0.2 - Remote Code Execution via Integer Overflow in PL_ARENA_ALLOCATE
CVE-2015-7182 CRITICAL
Oracle Traffic Director < 3.19.2.0 - Memory Corruption
CVSS 9.8
CVE-2015-7181
Mozilla Network Security Services < 3.19.2.1 and 3.20.x < 3.20.1 - Use-After-Free via OCTET STRING Data
CVE-2015-4514
Firefox < 41.0.2 - Remote Code Execution via Memory Corruption
CVE-2015-4513
Firefox < 41.0.2 - Memory Corruption and Remote Code Execution
CVE-2015-7650
Adobe Reader/Acrobat <10.1.16/11.0.13 - Memory Corruption
CVE-2015-8073
Android 4.4 and 5.1 - Remote Code Execution via Crafted Media File
CVE-2015-8072
Android <5.1.1 LMY48X & 6.0 - Memory Corruption
CVE-2015-6610
Android < 5.1.1 LMY48X and 6.0 < 2015-11-01 - Memory Corruption in libstagefright
CVE-2015-6609
Android < 5.1.1 LMY48X and 6.0 < 2015-11-01 - Remote Code Execution via Crafted Audio File
CVE-2015-6608
Android 5.x < 5.1.1 LMY48X and 6.0 < 2015-11-01 - Remote Code Execution via Crafted Media File
CVE-2015-8036
ARM mbed TLS <2.1.2 - Buffer Overflow
CVE-2015-6031
MiniUPnPc <1.9.20150917 - Buffer Overflow
Details
Vulnerabilities 14,008
Exploit Likelihood High