CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,011 vulnerabilities with CWE-119
CVE-2014-7913
dhcpcd < 6.9.0 - Remote Code Execution via DHCP Message Handling
CVE-2014-7912
dhcpcd < 6.1.0 - Remote Code Execution via DHCPACK Option Length Mismatch
CVE-2014-8176
OpenSSL < 0.9.8za, 1.0.0 < 1.0.0m, 1.0.1 < 1.0.1h - Denial of Service via DTLS ChangeCipherSpec Handling
CVE-2014-8146
iTunes < 12.1.3 - Heap-Based Buffer Overflow in Unicode Bidirectional Algorithm
CVE-2014-9204
Rockwell Automation RSLinx Classic <3.73.00 - Buffer Overflow
CVE-2014-9160
Adobe Reader/Acrobat <10.1.14, <11.0.11 - Buffer Overflow
CVE-2014-9488
GNU less <475 - Info Disclosure
CVE-2014-8390
Schneider Electric VAMPSET < 2.2.145 - Privilege Escalation via Malformed CFG or DAT File
CVE-2014-2830
cifs-utils < 6.3 - Stack-based Buffer Overflow
CVE-2014-9709
PHP < 5.5.21 and 5.6.x < 5.6.5 - Denial of Service via Crafted GIF Image Handling
CVE-2014-9705
PHP < 5.4.37 - Heap-based Buffer Overflow in enchant_broker_request_dict
CVE-2014-9652
PHP < 5.4.37 - Denial of Service via mconvert Function in softmagic.c
CVE-2014-9205
MICROSYS PROMOTIC <8.2.19, <8.3.2 - Buffer Overflow
CVE-2014-9206
Schneider Electric Invensys - Buffer Overflow
CVE-2014-9679
CUPS < 2.0.1 - Buffer Overflow via Malformed Compressed Raster File
CVE-2014-8385
Advantech EKI-1200 Gateway Series Firmware < 1.62 - Remote Code Execution
CVE-2014-9673
FreeType <2.5.4 - DoS
CVE-2014-9672
FreeType <2.5.4 - DoS/Info Disclosure
CVE-2014-9668
FreeType <2.5.4 - DoS
CVE-2014-9667
FreeType <2.5.4 - DoS
CVE-2014-9665
FreeType <2.5.4 - DoS
CVE-2014-9664
FreeType <2.5.4 - DoS
CVE-2014-9663
FreeType < 2.5.3 - Out-of-Bounds Read in tt_cmap4_validate
CVE-2014-9662
FreeType <2.5.4 - DoS
CVE-2014-9659
FreeType <2.5.4 - Denial of Service
Details
Vulnerabilities 14,011
Exploit Likelihood High