CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,011 vulnerabilities with CWE-119
CVE-2014-2825
Microsoft Internet Explorer 10 and 11 - Remote Code Execution via Memory Corruption
CVE-2014-2824
Microsoft Internet Explorer 8 - Remote Code Execution via Memory Corruption
CVE-2014-2823
Microsoft Internet Explorer 11 - Remote Code Execution via Memory Corruption
CVE-2014-2822
Microsoft Internet Explorer 11 - Remote Code Execution via Memory Corruption
CVE-2014-2821
Microsoft Internet Explorer 8 and 9 - Remote Code Execution via Memory Corruption
CVE-2014-2820
Internet Explorer 6-11 - Remote Code Execution via Memory Corruption
CVE-2014-2818
Microsoft Internet Explorer 10 - Remote Code Execution or Denial of Service via Memory Corruption
CVE-2014-2811
Microsoft Internet Explorer 11 - Remote Code Execution via Memory Corruption
CVE-2014-2810
Microsoft Internet Explorer 11 - Remote Code Execution via Memory Corruption
CVE-2014-2808
Microsoft Internet Explorer 10 and 11 - Remote Code Execution via Memory Corruption
CVE-2014-2796
Microsoft Internet Explorer 10 and 11 - Remote Code Execution via Memory Corruption
CVE-2014-2784
Microsoft Internet Explorer 8-11 - Remote Code Execution via Memory Corruption
CVE-2014-2774
Microsoft Internet Explorer 6-11 - Remote Code Execution via Memory Corruption
CVE-2014-2357
SUBNET SubSTATION Server <2.12 HF18808 - DoS
CVE-2014-4647
Embarcadero ER/Studio Data Architect - Buffer Overflow
CVE-2014-3459
SolarWinds Network Configuration Manager < 7.3 - Remote Code Execution via PEstrarg1 Property
CVE-2014-3434
Symantec Endpoint Protection 11.x-12.x - Local Buffer Overflow via sysplant Driver IOCTL
CVE-2014-5165
Wireshark 1.10.x < 1.10.9 - Denial of Service via ASN.1 BER Dissector Padding Validation
CVE-2014-5164
Wireshark - Denial of Service in RLC Dissector via Crafted Packet
CVE-2014-5163
Wireshark 1.10.x < 1.10.9 - Denial of Service in APN Decode Functionality
CVE-2014-5162
Wireshark - Denial of Service via Catapult DCT2000 Dissector Buffer Underflow
CVE-2014-5161
Wireshark 1.10.x < 1.10.9 - Denial of Service via IrDA Dissector Buffer Underflow
CVE-2014-3488
Netty < 3.9.2 - Denial of Service via SSLv2Hello Message
CVE-2014-4979
Apple QuickTime - Memory Corruption
CVE-2014-4927
ACME micro_httpd - Denial of Service via Long URI in GET Request
Details
Vulnerabilities 14,011
Exploit Likelihood High