CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,011 vulnerabilities with CWE-119
CVE-2014-1340
Apple Safari < 6.1.5 and 7.x < 7.0.5 - Remote Code Execution via Memory Corruption
CVE-2014-1325
Apple Safari < 6.1.5 and 7.x < 7.0.5 - Remote Code Execution via Memory Corruption
CVE-2014-4643
Core FTP LE 2.2 build 1798 - Buffer Overflow
CVE-2014-3493
Samba 3.6.x-4.1.x - Authenticated Denial of Service via Unicode Pathname Conversion Failure
CVE-2014-4337
cups-filters < 1.0.52 - Denial of Service via Crafted Packet Data in process_browse_data
CVE-2014-4334
Ubisoft Rayman Legends <1.3.140380 - Buffer Overflow
CVE-2014-2782
Microsoft Internet Explorer 9-11 - Remote Code Execution via Memory Corruption
CVE-2014-4049
PHP < 5.3.29 - Heap-Based Buffer Overflow via DNS TXT Record Parsing
CVE-2014-4021
Xen 3.2.x-4.4.x - Information Disclosure via Improper Memory Page Cleaning
CVE-2014-4174
Wireshark 1.10.x < 1.10.4 - Remote Code Execution via Crafted Packet-Trace File
CVE-2014-4190
Huawei Campus Series Switches - Buffer Overflow
CVE-2014-4044
OpenAFS 1.6.8 - Denial of Service via Uninitialized Memory Access in Host Structure
CVE-2014-2004
SEIL PPP Access Concentrator - Denial of Service via Crafted TCP Packet
CVE-2014-4158
Kolibri 2.0 - Remote Code Execution via Long URI in GET Request
CVE-2014-2978
DirectFB 1.4.4 - Remote Code Execution via Voodoo Interface Out-of-Bounds Write
CVE-2014-3157
Google Chrome < 35.0.1916.153 - Heap-Based Buffer Overflow in FFmpegVideoDecoder
CVE-2014-3156
Google Chrome < 35.0.1916.153 - Buffer Overflow via Clipboard Bitmap Data
CVE-2014-1543
Firefox < 29.0.1 - Remote Code Execution via Gamepad API
CVE-2014-1542
Opensuse < 29.0.1 - Memory Corruption
CVE-2014-1534
Firefox < 29.0.1 - Memory Corruption and Remote Code Execution
CVE-2014-0536
Adobe Flash Player < 13.0.0.223 and 14.x < 14.0.0.125 - Remote Code Execution via Memory Corruption
CVE-2014-2778
Microsoft Word 2007 SP3 and Office Compatibility Pack SP3 - Remote Code Execution via Crafted Embedded Font
CVE-2014-2776
Microsoft Internet Explorer 11 - Remote Code Execution via Memory Corruption
CVE-2014-2775
Microsoft Internet Explorer 9-11 - Remote Code Execution via Memory Corruption
CVE-2014-2773
Microsoft Internet Explorer 6-8 - Remote Code Execution via Memory Corruption
Details
Vulnerabilities 14,011
Exploit Likelihood High