CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,011 vulnerabilities with CWE-119
CVE-2014-4502
sgminer <4.2.2, cgminer <4.3.5, BFGMiner <4.1.0 - Buffer Overflow
CVE-2014-4501
sgminer <4.2.2, cgminer <4.3.5, BFGMiner <3.3.0 - Buffer Overflow
CVE-2014-3939
Autodesk SketchBook Pro <6.2.6 - Buffer Overflow
CVE-2014-1549
Firefox < 30.0 and Thunderbird < 24.7 - Remote Code Execution via Web Audio Buffer Overflow
CVE-2014-4947
Citrix XenServer <6.2 SP1 - Buffer Overflow
CVE-2014-4342
MIT Kerberos 5 <1.12.2 - DoS
CVE-2014-2364
Advantech WebAccess < 7.2 - Remote Code Execution via Long String in ActiveX Control Parameters
CVE-2014-3953
FreeBSD <8.4 p14, <9.1 p17, <9.2 p10, <10.0 p7 - Info Disclosure
CVE-2014-3952
FreeBSD <8.4p14, <9.1p17, <9.2p10, <10.0p7 - Info Disclosure
CVE-2014-3888
Yokogawa CENTUM CS 1000-VP - Buffer Overflow
CVE-2014-3311
Cisco WebEx Meetings Client - Remote Code Execution via File-Sharing Feature
CVE-2014-3891
RimArts Becky! Internet Mail <2.68 - RCE
CVE-2014-3478 MEDIUM
file < 5.19 - Denial of Service via Pascal String in FILE_PSTRING Conversion
CVSS 6.5
CVE-2014-0207 MEDIUM
file < 5.19 - Denial of Service via Crafted CDF File
CVSS 6.5
CVE-2014-2813
Microsoft Internet Explorer 9-11 - Remote Code Execution via Memory Corruption
CVE-2014-2809
Microsoft Internet Explorer 6-11 - Remote Code Execution via Memory Corruption
CVE-2014-2807
Microsoft Internet Explorer 6-11 - Remote Code Execution via Crafted Web Site
CVE-2014-2806
Microsoft Internet Explorer 11 - Remote Code Execution via Memory Corruption
CVE-2014-2804
Microsoft Internet Explorer 8-11 - Remote Code Execution via Memory Corruption
CVE-2014-2803
Microsoft Internet Explorer 8-10 - Remote Code Execution via Memory Corruption
CVE-2014-2802
Microsoft Internet Explorer 11 - Remote Code Execution via Memory Corruption
CVE-2014-2801
Microsoft Internet Explorer 10 and 11 - Remote Code Execution via Memory Corruption
CVE-2014-2800
Microsoft Internet Explorer 6-11 - Remote Code Execution via Memory Corruption
CVE-2014-2798
Microsoft Internet Explorer 8-11 - Remote Code Execution via Memory Corruption
CVE-2014-2797
Microsoft Internet Explorer 6-8 - Remote Code Execution via Memory Corruption
Details
Vulnerabilities 14,011
Exploit Likelihood High