CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,011 vulnerabilities with CWE-119
CVE-2013-4527
QEMU <1.7.2 - Remote Code Execution
CVE-2013-4526
QEMU <1.7.2 - Remote Code Execution
CVE-2013-4150
QEMU 1.5.0-1.7.x - Denial of Service or Remote Code Execution via Virtio-Net Queue Handling
CVE-2013-4149
QEMU 1.3.0-1.7.1 - Buffer Overflow in virtio-net MAC Table Handling
CVE-2013-7409
ALLPlayer 5.6.2-5.8.1 - Buffer Overflow via .m3u Playlist File
CVE-2013-6691
Cisco Adaptive Security Appliance Software < 9.0(4.1) - Denial of Service via WebVPN CIFS Share List
CVE-2013-7388
Trimble SketchUp <13.0.3689 - Buffer Overflow
CVE-2013-3664
Trimble SketchUp < 2013 (13.0.3689) - Remote Code Execution via MAC Pict Texture Color Palette Table
CVE-2013-3662
SketchUp < 8.0 - Remote Code Execution via MAC Pict Texture Color Palette Table
CVE-2013-3843
Monkey HTTP Daemon < 1.2.1 - Stack-Based Buffer Overflow via Crafted HTTP Header
CVE-2013-3663
SketchUp < 8.0 - Remote Code Execution via Crafted RLE8 Compressed BMP
CVE-2013-2298
BOINC Client 7.x - Stack-based Buffer Overflow in XML Parser
CVE-2013-2019
BOINC 6.10.58 and 6.12.34 - Stack-based Buffer Overflow via Multiple file_signature Elements
CVE-2013-1864
Portable Tool Library < 2.10.10 - Denial of Service via PXML Entity Expansion
CVE-2013-4730
pcman's ftp server 2.0.7 - Unauthenticated Buffer Overflow via USER Command
CVE-2013-4571
MediaWiki < 1.19.10, 1.2x < 1.21.4, 1.22.x < 1.22.1 - Buffer Overflow in php-luasandbox
CVE-2013-5660
Power Software WinArchiver 3.2 - Remote Code Execution via Crafted ZIP File
CVE-2013-4565
ppthtml < 0.5.1 - Heap-Based Buffer Overflow via Crafted PPT File
CVE-2013-6370
json-c < 0.12-20140410 - Buffer Overflow in printbuf APIs
CVE-2013-4290
OpenJPEG < 1.5.2 - Stack-Based Buffer Overflow in JP3D Compression
CVE-2013-4694
Winamp <5.64 Build 3418 - Buffer Overflow
CVE-2013-6369
JBIG-KIT < 2.1 - Stack-Based Buffer Overflow in jbg_dec_in Function
CVE-2013-5680
HylaFAX+ 5.2.4-5.5.3 - Heap-Based Buffer Overflow via Long USER Command
CVE-2013-3930
Core FTP < 2.2 - Remote Code Execution via CWD Command Reply
CVE-2013-0729
Tracker Software PDF-XChange <2.5.208 - RCE
Details
Vulnerabilities 14,011
Exploit Likelihood High