CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,011 vulnerabilities with CWE-119
CVE-2015-1711
Microsoft Internet Explorer 11 - Memory Corruption
CVE-2015-1710
Microsoft Internet Explorer <11 - Code Injection
CVE-2015-1709
Microsoft Internet Explorer <11 - Code Injection
CVE-2015-1708
Microsoft Internet Explorer <9 - Code Injection
CVE-2015-1706
Microsoft Internet Explorer 11 - Memory Corruption
CVE-2015-1705
Microsoft Internet Explorer <11 - Code Injection
CVE-2015-1694
Microsoft Internet Explorer <11 - Code Injection
CVE-2015-1691
Microsoft Internet Explorer 8-9 - Code Injection
CVE-2015-1689
Microsoft Internet Explorer <11 - Code Injection
CVE-2015-1683
Microsoft Office 2007 SP3 - Remote Code Execution via Crafted Document
CVE-2015-1682
Microsoft Office and Excel - Remote Code Execution via Crafted Document
CVE-2015-1681
Microsoft Windows - Denial of Service via Crafted .msc File
CVE-2015-1658
Microsoft Internet Explorer 11 - Memory Corruption
CVE-2015-3622
GNU Libtasn1 <4.5 - DoS
CVE-2015-1860
Fedora < 4.8.6 - Memory Corruption
CVE-2015-1859
Fedora < 4.8.6 - Memory Corruption
CVE-2015-1858
Digia QT < 4.8.6 - Memory Corruption
CVE-2015-3633
Foxit Reader, Enterprise Reader, and PhantomPDF < 7.1.5 - Denial of Service via Digital Signature Handling
CVE-2015-3632
Foxit Reader, Enterprise Reader, and PhantomPDF < 7.1.5 - Denial of Service via Crafted GIF in PDF
CVE-2015-1863
Canonical Ubuntu Linux - Memory Corruption
CVE-2015-3310
Paul's PPP Package <2.4.6 - Buffer Overflow
CVE-2015-3145
cURL/libcurl <7.42 - DoS
CVE-2015-3144
Oracle MySQL Enterprise Monitor < 2.3.20 - Denial of Service via Zero-Length Hostname
CVE-2015-1246
Google Chrome <42.0.2311.90 - DoS
CVE-2015-1240
Google Chrome <42.0.2311.90 - DoS
Details
Vulnerabilities 14,011
Exploit Likelihood High