CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,011 vulnerabilities with CWE-119
CVE-2013-0850
FFmpeg < 1.1 - Out-of-Bounds Array Access in H.264 Slice Header Decoding
CVE-2013-0848
FFmpeg < 1.1 - Out-of-Bounds Array Access via Crafted HuffYUV Data
CVE-2013-0847
FFmpeg < 1.1 - Out-of-Bounds Array Access via ID3v2 Header Data
CVE-2013-0845
FFmpeg < 1.0.4 - Out-of-Bounds Write via Crafted Block Length
CVE-2013-6640
Google Chrome < 31.0.1650.63 - Denial of Service via DehoistArrayIndex Out-of-Bounds Read
CVE-2013-6639
Google Chrome < 31.0.1650.63 - Out-of-Bounds Write via DehoistArrayIndex
CVE-2013-6638
Google Chrome < 31.0.1650.63 - Remote Code Execution via V8 Typed Array Initialization
CVE-2013-6935
VideoCharge Watermark Master 2.2.23 - Remote Code Execution via Long SourcePath in WCF File
CVE-2013-6029
AT&T Connect Participant Application < 9.5.51 - Remote Code Execution via Malformed .SVT File
CVE-2013-6937
VideoCharge Watermark Master 2.2.23 - Remote Code Execution via Long Name Attribute in .wstyle File
CVE-2013-6712
PHP through 5.5.6 - Denial of Service via DateInterval Parsing
CVE-2013-6382
Linux Kernel <= 3.12.1 - Memory Corruption via XFS Ioctl Buffer Underflow
CVE-2013-6381
Linux Kernel < 3.2.54 - Buffer Overflow via SNMP Ioctl Call
CVE-2013-6874
Light Alloy < 4.7.3 - Remote Code Execution via Long URL in .m3u File
CVE-2013-4164
Ruby 1.8 1.9-1.9.3-p484 2.0-2.0.0-p353 2.1-2.1.0 preview2 - Heap-based Buffer Overflow via String to Float Conversion
CVE-2013-0869
FFmpeg < 1.1.2 - Out-of-Bounds Array Access in H.264 SPS and Slice Handling
CVE-2013-0868
FFmpeg < 1.1.2 - Out-of-Bounds Write via Crafted Huffyuv Data
CVE-2013-0866
FFmpeg <1.0.4, <1.1.2 - Info Disclosure
CVE-2013-0865
FFmpeg <1.0.4 and <1.1.2 - Memory Corruption
CVE-2013-0863
FFmpeg <1.0.4, <1.1.2 - Buffer Overflow
CVE-2013-0861
FFmpeg <1.0.4, <1.1.1 - Memory Corruption
CVE-2013-0223
Opensuse - Memory Corruption
CVE-2013-0222
Opensuse - Memory Corruption
CVE-2013-4264
FFmpeg < 2.0.1 - Denial of Service via G2M4 Encoded File
CVE-2013-4263
FFmpeg < 2.0 - Heap-Based Buffer Overflow via Crafted Plane
Details
Vulnerabilities 14,011
Exploit Likelihood High