CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,008 vulnerabilities with CWE-119
CVE-2015-5291
PolarSSL <1.2.17, ARM mbed TLS <1.3.14, <2.1.2 - Buffer Overflow
CVE-2015-8030
SAP 3D Visual Enterprise Viewer - RCE
CVE-2015-8029
SAP 3D Visual Enterprise Viewer - RCE
CVE-2015-8028
SAP 3D Visual Enterprise Viewer - Buffer Overflow
CVE-2015-7814
Xen < 4.6.0 - Denial of Service via Race Condition in relinquish_memory
CVE-2015-6006
Medicomp MEDCIN Engine <2.22.20153.226 - RCE/DoS
CVE-2015-5040
IBM Domino 8.5.1-8.5.3 and 9.x - Remote Code Execution via Crafted GIF Image
CVE-2015-4994
IBM Domino 8.5.1-8.5.3 and 9.x - Buffer Overflow via Crafted GIF Image
CVE-2015-2901
Medicomp MEDCIN Engine <2.22.20142.166 - RCE
CVE-2015-2900
MEDCIN Engine <2.22.20153.226 - DoS
CVE-2015-2899
MEDCIN Engine <2.22.20153.226 - Buffer Overflow
CVE-2015-2898
Medicomp MEDCIN Engine <2.22.20153.226 - RCE
CVE-2015-7649
Adobe Shockwave Player <12.2.1.171 - Memory Corruption
CVE-2015-6492 HIGH
Allen-Bradley MicroLogix 1100 < 14.000 and 1400 < 15.002 - Denial of Service via Crafted HTTP Request
CVSS 7.5
CVE-2015-6490 CRITICAL
Allen-Bradley MicroLogix 1100 < 14.000 and 1400 <= 15.003 - Remote Code Execution
CVSS 9.8
CVE-2015-7986
SAP HANA <1.00.095 - Memory Corruption
CVE-2015-5220
Red Hat JBoss Enterprise Application Platform < 6.4.3 and WildFly < 2.0.0 - Denial of Service via Large Request Header
CVE-2015-6340
Cisco ASR 5000 Software 19.0.M0.60737 - Denial of Service via Crafted PMIPv6 Header
CVE-2015-7673
Gdk-pixbuf <2.32.0 - Memory Corruption
CVE-2015-5289
PostgreSQL < 9.3.10 - Denial of Service via JSON Parsing Stack Overflow
CVE-2015-1001
IniNet embeddedWebServer <2.02 - RCE
CVE-2015-7021
macOS < 10.11.1 - Local Privilege Escalation via Graphics Drivers Memory Corruption
CVE-2015-7020
Apple macOS X < 10.11.1 - Kernel Memory Exposure and Denial of Service via NVIDIA Driver
CVE-2015-7019
Apple macOS X < 10.11.1 - Kernel Memory Read and Denial of Service via NVIDIA Driver
CVE-2015-7018
Apple Iphone OS < 9.0.2 - Memory Corruption
Details
Vulnerabilities 14,008
Exploit Likelihood High