CWE-119
High likelihoodImproper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
14,011 vulnerabilities with CWE-119
CVE-2014-7938
Chrome < 40.0.2214.91 - Memory Corruption in Fonts Implementation
CVE-2014-7937
FFmpeg < 2.4.2 - Use-After-Free via Crafted Vorbis I Data
CVE-2014-8386
Advantech AdamView < 4.3 - Remote Code Execution via Crafted GNI File Parameters
CVE-2014-2355
GE Proficy HMI/SCADA-CIMPLICITY <8.2 - Privilege Escalation
CVE-2014-9595
SAP NetWeaver Dispatcher - Buffer Overflow
CVE-2014-9594
SAP NetWeaver Dispatcher - Buffer Overflow
CVE-2014-8738
GNU binutils <2.24 - DoS
CVE-2014-10031
Qualcomm Eudora WorldMail 9.0.333.0 - Remote Code Execution via IMAPd UID Command
CVE-2014-100014
SolidWorks Workgroup PDM 2014 SP2 - Remote Code Execution via Long String in Opcode to Port 3000
CVE-2014-10022
Apache Traffic Server < 5.1.1 - Denial of Service via Internal Buffer Sizing
CVE-2014-10011
TRENDnet TV-IP422W and TV-IP422WN - Stack-Based Buffer Overflow in UltraCam ActiveX Control
CVE-2014-9495
HIGH
libpng <1.5.21, <1.6.16 - Buffer Overflow
CVSS 8.8
CVE-2014-9190
Schneider Electric Wonderware InTouch Access Anywhere Server <11.0 ...
CVE-2014-9427
PHP <5.4.36, 5.5.x<5.5.20, 5.6.x<5.6.4 - Info Disclosure
CVE-2014-9458
Hex-Rays IDA Pro <6.6 - Buffer Overflow
CVE-2014-9456
Notepad++ 6.6.9 - Buffer Overflow via Long Time Attribute in XML Event Element
CVE-2014-9451
VDG Security SENSE 2.3.13 - Remote Code Execution via AuthenticateUser Request
CVE-2014-9449
Exiv2 0.24 - Denial of Service via Long IKEY INFO Tag in AVI File
CVE-2014-9448
Mini-stream RM-MP3 Converter <3.1.2.1.2010.03.30 - Buffer Overflow
CVE-2014-8145
Sound eXchange < 14.4.1 - Heap-Based Buffer Overflow via Crafted WAV File
CVE-2014-9188
Schneider Electric ProClima <6.1.7 - Buffer Overflow
CVE-2014-8514
Schneider Electric ProClima < 6.0.1 - Buffer Overflow in MDraw30.ocx ActiveX Control
CVE-2014-8513
Schneider Electric ProClima < 6.0.1 - Buffer Overflow in MDraw30.ocx ActiveX Control
CVE-2014-8512
Schneider Electric ProClima < 6.0.1 - Buffer Overflow in Atx45.ocx ActiveX Control
CVE-2014-8511
Schneider Electric ProClima < 6.0.1 - Buffer Overflow in Atx45.ocx ActiveX Control
Details
Vulnerabilities
14,011
Exploit Likelihood
High