CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,011 vulnerabilities with CWE-119
CVE-2014-9843 CRITICAL
ImageMagick 6.8.9.9 - Memory Corruption in DecodePSDPixels
CVSS 9.8
CVE-2014-9913 MEDIUM
Info-Zip UnZip 6.0 - Buffer Overflow in list_files Function
CVSS 4.0
CVE-2014-9912 CRITICAL
PHP < 5.3.29, 5.4.x < 5.4.30, 5.5.x < 5.5.14 - Buffer Overflow via locale_get_display_name
CVSS 9.8
CVE-2014-9911 CRITICAL
International Components for Unicode < 54.1 - Stack-based Buffer Overflow in ures_getByKeyWithFallback
CVSS 9.8
CVE-2014-9882 HIGH
Android <2016-08-05 - Privilege Escalation
CVSS 7.8
CVE-2014-9874 HIGH
Android <2016-08-05 - Privilege Escalation
CVSS 7.8
CVE-2014-9871 HIGH
Qualcomm Android <2016-08-05 - Privilege Escalation
CVSS 7.8
CVE-2014-9902 CRITICAL
Android < 6.0.1 - Remote Code Execution via Crafted 802.11 Management Frame
CVSS 9.8
CVE-2014-9788 HIGH
Qualcomm Android <2016-07-05 - Privilege Escalation
CVSS 7.8
CVE-2014-9786 HIGH
Android <2016-07-05 - Privilege Escalation
CVSS 7.8
CVE-2014-9784 HIGH
Qualcomm Android <2016-07-05 - Privilege Escalation
CVSS 7.8
CVE-2014-9781 HIGH
Android <2016-07-05 - Privilege Escalation
CVSS 7.8
CVE-2014-9778 HIGH
Android <2016-07-05 - Privilege Escalation
CVSS 7.8
CVE-2014-9777 HIGH
Android <2016-07-05 - Privilege Escalation
CVSS 7.8
CVE-2014-9765 HIGH
xdelta3 <3.0.9 - Remote Code Execution
CVSS 8.8
CVE-2014-9761 CRITICAL
GNU C Library <2.23 - Buffer Overflow
CVSS 9.8
CVE-2014-9655 MEDIUM
LibTIFF - Denial of Service
CVSS 6.5
CVE-2014-9769 HIGH
PCRE 8.35 - Denial of Service via Nested Alternatives Optimization
CVSS 7.3
CVE-2014-6450
Juniper Junos OS Multiple Versions - DoS via Crafted IPv6 Packets
CVE-2014-9202
Advantech WebAccess <8.0_20150816 - Buffer Overflow
CVE-2014-8611
Apple iOS < 9 and macOS < 10.10.5 - Heap-Based Buffer Overflow in stdio __sflush Function
CVE-2014-7216
Yahoo! Messenger <11.5.0.228 - Buffer Overflow
CVE-2014-9208
Advantech WebAccess <8.0.1 - Buffer Overflow
CVE-2014-9728
Linux Kernel < 3.18.1 - Denial of Service via UDF Filesystem Length Validation
CVE-2014-9651
CHICKEN <4.9.0.2-5.0 - Buffer Overflow
Details
Vulnerabilities 14,011
Exploit Likelihood High