CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,011 vulnerabilities with CWE-119
CVE-2014-1746
Google Chrome < 35.0.1916.114 - Denial of Service via InMemoryUrlProtocol Integer Overflow
CVE-2014-3791
Easy File Sharing Web Server 6.8 - Remote Code Execution via UserID Cookie Buffer Overflow
CVE-2014-3776
CHICKEN < 4.9.0 - Buffer Overflow in srfi-4 read-u8vector! Procedure
CVE-2014-3735
Intel Indeo Video 4.5 - Denial of Service via Crafted AVI File
CVE-2014-3715
Xen 4.4.x - Buffer Overflow via Crafted 32-bit Guest Kernel
CVE-2014-3452
K-lite Codec Pack < 10.4.5 - Denial of Service via Crafted JPG File
CVE-2014-0749
TORQUE Resource Manager 2.5.x-2.5.13 - Remote Code Execution via Large Count Value
CVE-2014-0782
Yokogawa CENTUM CS 1000/3000, VP, Exaopc, B/M9000CS/VP - Remote Code Execution
CVE-2014-0210
libXfont < 1.4.8 and 1.4.9x < 1.4.99.901 - Remote Code Execution via Crafted XFS Protocol Reply
CVE-2014-3443
JetAudio < 8.1.1 - Denial of Service via Crafted OGG File
CVE-2014-3441
VideoLAN VLC Media Player 2.1.3 - Denial of Service via Crafted PNG File
CVE-2014-1815
Microsoft Internet Explorer <11 - Code Injection
CVE-2014-0529
Adobe Acrobat and Reader - Buffer Overflow
CVE-2014-0526
Adobe Acrobat and Reader 10.x < 10.1.10 and 11.x < 11.0.07 - Remote Code Execution via Memory Corruption
CVE-2014-0524
Adobe Acrobat and Reader 10.x-10.1.9 and 11.x-11.0.06 - Remote Code Execution via Memory Corruption
CVE-2014-0523
Adobe Acrobat and Reader 10.x < 10.1.10 and 11.x < 11.0.07 - Remote Code Execution via Memory Corruption
CVE-2014-0522
Adobe Reader and Acrobat 10.x < 10.1.10 and 11.x < 11.0.07 - Remote Code Execution via Memory Corruption
CVE-2014-0513
Adobe Illustrator CS6 < 16.0.5 and 16.2.x < 16.2.2 - Stack-based Buffer Overflow
CVE-2014-0310
Microsoft Internet Explorer <11 - Code Injection
CVE-2014-3243
SOAPpy < 0.12.6 - Denial of Service via Nested Entity Expansion
CVE-2014-2136
Cisco ARF player <SP32 EP16 - T28.12 - T29.2 - RCE
CVE-2014-2135
Cisco ARF player <SP32 EP16/T28.12/T29.2 - RCE
CVE-2014-2134
Cisco WebEx Recording Format <T29.2 - RCE
CVE-2014-2133
Cisco ARF player <SP32 EP16/T28.12/T29.2 - RCE
CVE-2014-2132
Cisco WebEx Recording Format Player and Advanced Recording Format Player - Denial of Service via Crafted WRF or ARF File
Details
Vulnerabilities 14,011
Exploit Likelihood High