CWE-119
High likelihoodImproper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
14,011 vulnerabilities with CWE-119
CVE-2014-9140
tcpdump < 4.6.2 - Denial of Service via Crafted PPP Packet
CVE-2014-8123
antiword < 0.37 - Denial of Service via Crafted Document
CVE-2014-6040
glibc < 2.20 - Denial of Service via iconv Multibyte Character Handling
CVE-2014-9116
mutt 1.5.23 - Denial of Service
CVE-2014-9112
GNU Cpio 2.11 - Denial of Service via Large Block Value in Cpio Archive
CVE-2014-9050
ClamAV < 0.98.5 - Denial of Service via Crafted y0da Crypter PE File
CVE-2014-8884
Linux kernel <3.17.4 - Buffer Overflow
CVE-2014-9028
libFLAC < 1.3.0 - Heap-based Buffer Overflow via Crafted FLAC File
CVE-2014-8962
libFLAC < 1.3.0 - Remote Code Execution via Crafted FLAC File
CVE-2014-8439
HIGH
KEV
Adobe Flash Player < 11.2.202.418 - Remote Code Execution
CVSS 8.8
CVE-2014-8002
Cisco OpenH264 < 1.2.0 - Use-After-Free in decode_slice.cpp
CVE-2014-8001
Cisco OpenH264 < 1.2.0 - Remote Code Execution via Encoded Media File
CVE-2014-5314
Cybozu Office < 10.1.0, Mailwise < 5.1.4, and Dezie < 8.1.1 - Authenticated Buffer Overflow via Email Messages
CVE-2014-8713
Wireshark <1.10.11, <1.12.2 - Buffer Overflow
CVE-2014-8710
Wireshark - Denial of Service via SigComp UDVM Dissector Buffer Over-Read
CVE-2014-8626
PHP < 5.2.7 - Stack-Based Buffer Overflow in date_from_ISO8601
CVE-2014-8388
Advantech WebAccess < 7.2 - Remote Code Execution via ip_address Parameter
CVE-2014-8769
tcpdump <4.6.2 - Info Disclosure/DoS
CVE-2014-7904
Google Chrome < 39.0.2171.65 - Buffer Overflow in Skia
CVE-2014-7903
Google Chrome < 39.0.2171.65 - Buffer Overflow in PDFium OpenJPEG via Crafted JPEG Image
CVE-2014-3158
Point-to-Point Protocol < 2.4.6 - Heap-Based Buffer Overflow via Long Word in Options File
CVE-2014-4975
Ruby < 1.9.3 and 2.x through 2.1.2 - Denial of Service via Off-by-One Error in pack.c
CVE-2014-1635
Belkin N750 Router <F9K1103_WW_1.10.17m - Buffer Overflow
CVE-2014-0589
Adobe Flash Player 13.0-13.0.0.251 and 14.x-15.x < 15.0.0.223 - Remote Code Execution via Heap-Based Buffer Overflow
CVE-2014-0583
Adobe AIR < 15.0.0.356 - Heap-based Buffer Overflow
Details
Vulnerabilities
14,011
Exploit Likelihood
High