CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,008 vulnerabilities with CWE-119
CVE-2015-3868
Android < 5.1 - Remote Code Execution via Crafted Media File
CVE-2015-3867
Android < 5.1.1 - Remote Code Execution via Crafted Media File
CVE-2015-3823
Android < 5.1 - Remote Code Execution via Crafted Media File
CVE-2015-7392
FreeSWITCH < 1.4.23 and 1.6.x < 1.6.2 - Heap-Based Buffer Overflow in cJSON_Parse
CVE-2015-5653
Canary Labs Trend Web Server <9.5.2 - RCE
CVE-2015-3842
Android < 5.1.1 LMY48I - Remote Code Execution via Crafted Application in libeffects
CVE-2015-3835
Android < 5.1 - Remote Code Execution via OMXNodeInstance::emptyBuffer Buffer Overflow
CVE-2015-3832
Android < 5.1 - Remote Code Execution via MP4 NAL Unit Size Handling
CVE-2015-3831
Android < 5.1.1 - Buffer Overflow in BpMediaHTTPConnection readAt Function
CVE-2015-3828
Android < 5.1 - Remote Code Execution via Crafted 3GPP Metadata
CVE-2015-3827
Android < 5.1 - Remote Code Execution via Crafted MPEG-4 covr Atoms
CVE-2015-3826
Android < 5.1.1 - Denial of Service via Crafted 3GPP Metadata in MPEG4Extractor
CVE-2015-3824
Android < 5.1 - Remote Code Execution via Crafted MPEG-4 tx3g Atom
CVE-2015-5950
NVIDIA display driver <353.82/<341.81 - Local Privilege Escalation
CVE-2015-6806
GNU Screen < 4.3.1 - Denial of Service via Escape Sequence with Large Repeat Count
CVE-2015-5957
Remind <3.1.15 - Buffer Overflow
CVE-2015-1781
Suse Linux Enterprise Debuginfo < 2.21 - Memory Corruption
CVE-2015-5279
QEMU < 2.4.0 - Heap-Based Buffer Overflow in ne2000_receive Function
CVE-2015-7180
Firefox < 40.0.3 - Memory Corruption via ReadbackResultWriterD3D11::Run
CVE-2015-7179
Firefox < 41.0 - Remote Code Execution via VertexBufferInterface Memory Allocation
CVE-2015-7178
Firefox < 41.0 - Remote Code Execution via Shader Access Mishandling
CVE-2015-7177
Firefox < 40.0.3 - Memory Corruption via InitTextures Function
CVE-2015-7176
Firefox < 41.0 - Denial of Service via AnimationThread sscanf Buffer Overflow
CVE-2015-7175
Firefox < 40.0.3 - Memory Corruption via XULContentSinkImpl::AddText Overflow
CVE-2015-7174
Firefox < 40.0.3 - Memory Corruption via nsAttrAndChildArray::GrowBy Overflow
Details
Vulnerabilities 14,008
Exploit Likelihood High