CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,011 vulnerabilities with CWE-119
CVE-2014-5263
QEMU 1.6.0 - Denial of Service via Missing VMSTATE_END_OF_LIST Macro
CVE-2014-3597
PHP < 5.4.32 and 5.5.x < 5.5.16 - Remote Code Execution via Crafted DNS Record
CVE-2014-5384
FreeBSD and NetBSD - Denial of Service via VIQR Module in iconv
CVE-2014-5349
Baidu Spark Browser 26.5.9999.3511 - Stack-Based Buffer Overflow via Nested window.print Calls
CVE-2014-0876
IBM Tivoli Storage Manager 5.x-6.2.5.1, 6.3.x-6.3.1, 6.4.x-6.4.1 - Buffer Overflow in Java GUI Configuration Wizard
CVE-2014-1390
Safari < 6.1.6 and 7.x < 7.0.6 - Remote Code Execution via Memory Corruption
CVE-2014-1389
Apple Safari < 6.1.6 and 7.x < 7.0.6 - Remote Code Execution via Crafted Web Site
CVE-2014-1388
Apple Safari < 6.1.6 and 7.x < 7.0.6 - Remote Code Execution via Memory Corruption
CVE-2014-1387
Apple Safari < 6.1.6 and 7.x < 7.0.6 - Remote Code Execution via Memory Corruption
CVE-2014-1386
Apple Safari < 6.1.6 and 7.x < 7.0.6 - Remote Code Execution via Memory Corruption
CVE-2014-1385
Safari < 6.1.6 and 7.x < 7.0.6 - Remote Code Execution via Memory Corruption
CVE-2014-1384
Apple Safari < 6.1.6 and 7.x < 7.0.6 - Remote Code Execution via Crafted Web Site
CVE-2014-3512
OpenSSL 1.0.1 - Buffer Overflow in SRP Parameter Handling
CVE-2014-4067
Microsoft Internet Explorer 10-11 - Memory Corruption
CVE-2014-4064
Microsoft Windows - Info Disclosure
CVE-2014-4063
Microsoft Internet Explorer 6-11 - Memory Corruption
CVE-2014-4058
Microsoft Internet Explorer <11 - Code Injection
CVE-2014-4057
Microsoft Internet Explorer 11 - Memory Corruption
CVE-2014-4056
Microsoft Internet Explorer <10 - Code Injection
CVE-2014-4055
Microsoft Internet Explorer 10-11 - Memory Corruption
CVE-2014-4052
Microsoft Internet Explorer <10 - Code Injection
CVE-2014-4051
Microsoft Internet Explorer <11 - Code Injection
CVE-2014-4050
Microsoft Internet Explorer 10-11 - Memory Corruption
CVE-2014-2827
Microsoft Internet Explorer 6-11 - Remote Code Execution via Memory Corruption
CVE-2014-2826
Microsoft Internet Explorer 6-11 - Remote Code Execution via Memory Corruption
Details
Vulnerabilities 14,011
Exploit Likelihood High