CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,011 vulnerabilities with CWE-119
CVE-2015-1238
Google Chrome < 42.0.2311.90 - Out-of-Bounds Write in Skia
CVE-2015-0530
EMC NetWorker < 8.0.4.3, 8.1.x < 8.1.2.6, 8.2.x < 8.2.1.2 - Buffer Overflow in nsr_render_log
CVE-2015-1821
chrony < 1.31 - Authenticated Heap-based Buffer Overflow via NTP or cmdmon Subnet Configuration
CVE-2015-1898
IBM Tivoli Storage Manager FastBack 6.1 - Local Privilege Escalation via Stack-Based Buffer Overflow
CVE-2015-1897
IBM Tivoli Storage Manager FastBack 6.1 - Local Privilege Escalation via Stack-Based Buffer Overflow in FastBackMount
CVE-2015-0907
Lhaplus < 1.70 - Remote Code Execution via Crafted Archive
CVE-2015-0348
Redhat Enterprise Linux Desktop Supplementary - Memory Corruption
CVE-2015-2831
das_watchdog 0.9.0 - Local Buffer Overflow via XAUTHORITY Environment Variable
CVE-2015-2788
Debian Linux < 1.18 - Memory Corruption
CVE-2015-2806
Canonical Ubuntu Linux < 4.3 - Memory Corruption
CVE-2015-1144
Apple OS X <10.10.3 - Privilege Escalation
CVE-2015-1140
Apple OS X <10.10.3 - Privilege Escalation
CVE-2015-1100
Apple macOS X < 10.10.2 - Denial of Service via Out-of-Bounds Memory Access
CVE-2015-1098 HIGH
Apple iWork <8.3-10.10.3 - RCE
CVSS 7.3
CVE-2015-2782
Debian Linux - Memory Corruption
CVE-2015-1473
GNU C Library <2.21 - DoS
CVE-2015-1472
GNU C Library <2.21 - Buffer Overflow
CVE-2015-0134
IBM Domino Buffer Overflow in SSLv2 Implementation
CVE-2015-0903
Saitoh Kikaku Maruo Editor <= 8.51 - Buffer Overflow via Crafted .hmbook File
CVE-2015-2820
SAP Afaria 7.0.6001.5 - Denial of Service via XcListener Buffer Overflow
CVE-2015-2815
SAP NetWeaver KERNEL 7.00 (7000.52.12.34966) and 7.40 (7400.12.21.30308) - Authenticated Buffer Overflow in C_SAPGPARAM
CVE-2015-0811
Firefox < 36.0.4 - Out-of-Bounds Read in QCMS Image Transformation
CVE-2015-0838
Debian Linux < 0.9.8 - Memory Corruption
CVE-2015-2785
Byzanz - Heap-Based Buffer Overflow via Crafted ByzanzRecording File
CVE-2015-2154
tcpdump < 4.7.0 - Denial of Service via Crafted Checksum Value
Details
Vulnerabilities 14,011
Exploit Likelihood High