CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,011 vulnerabilities with CWE-119
CVE-2014-2795
Microsoft Internet Explorer 8-11 - Remote Code Execution via Memory Corruption
CVE-2014-2794
Microsoft Internet Explorer 6 and 7 - Remote Code Execution via Memory Corruption
CVE-2014-2792
Internet Explorer 9-11 - Remote Code Execution via Memory Corruption
CVE-2014-2791
Microsoft Internet Explorer 9 - Remote Code Execution via Memory Corruption
CVE-2014-2790
Microsoft Internet Explorer 11 - Remote Code Execution via Memory Corruption
CVE-2014-2789
Microsoft Internet Explorer 8-11 - Remote Code Execution via Memory Corruption
CVE-2014-2788
Microsoft Internet Explorer 6 and 7 - Remote Code Execution via Memory Corruption
CVE-2014-2787
Microsoft Internet Explorer 11 - Remote Code Execution via Memory Corruption
CVE-2014-2786
Microsoft Internet Explorer 9-11 - Remote Code Execution via Memory Corruption
CVE-2014-2785
Microsoft Internet Explorer 7 - Remote Code Execution via Memory Corruption
CVE-2014-4646
Foxit PDF SDK DLL < 3.1.1.2927 - Buffer Overflow via FPDFBookmark_GetTitle
CVE-2014-3113
RealPlayer < 17.0.10.8 - Remote Code Execution via MP4 Atom Parsing
CVE-2014-3100
Android 4.3 - Stack-Based Buffer Overflow in KeyStore Service via Long Key Name
CVE-2014-1382
Apple Safari < 6.1.5 and 7.x < 7.0.5 - Remote Code Execution via Memory Corruption
CVE-2014-1371
macOS X < 10.9.4 - Remote Code Execution via Dock Message Handling
CVE-2014-1370
macOS < 10.9.4 - Remote Code Execution via Crafted AppleDouble File in ZIP Archive
CVE-2014-1368
Safari < 6.1.5 and 7.x < 7.0.5 - Remote Code Execution via Memory Corruption
CVE-2014-1367
Apple iOS < 7.1.2, Safari < 6.1.5/7.x < 7.0.5, tvOS < 6.1.2 - RCE via Crafted Web Site
CVE-2014-1366
Apple tvOS < 6.1.1 - Remote Code Execution via Memory Corruption
CVE-2014-1365
Safari < 6.1.5 and 7.x < 7.0.5 - Remote Code Execution via Memory Corruption
CVE-2014-1364
Safari < 6.1.4 and 7.x < 7.0.5 - Remote Code Execution via Memory Corruption
CVE-2014-1363
Apple tvOS < 6.1.1 and Safari < 6.1.4 - Remote Code Execution via Memory Corruption
CVE-2014-1362
Apple tvOS < 6.1.1 - Remote Code Execution via Memory Corruption
CVE-2014-1357
Apple tvOS < 6.1.2 - Heap-based Buffer Overflow via Crafted Log Messages
CVE-2014-1356
Apple macOS X and iOS - Heap-based Buffer Overflow via IPC Messages
Details
Vulnerabilities 14,011
Exploit Likelihood High