CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,011 vulnerabilities with CWE-119
CVE-2013-1226
Cisco NX-OS - Denial of Service via Crafted Ethernet Frame
CVE-2013-1428
tinc < 1.0.21 and 1.1 < 1.1pre7 - Authenticated Stack-Based Buffer Overflow via Large TCP Packet
CVE-2013-0338
libxml2 < 2.9.0 - Denial of Service via Internal Entity Expansion
CVE-2013-1183
Cisco Unified Computing System < 1.1(1j) and 1.2 < 1.2(1b) - Remote Code Execution via IPMI UDP Packet
CVE-2013-1180
Cisco NX-OS 4.x-5.x < 5.2(5) and 6.x < 6.1(1) - Authenticated Remote Code Execution via SNMP Request
CVE-2013-1179
Cisco NX-OS <5.2.5 - Buffer Overflow
CVE-2013-1178
Cisco NX-OS - Remote Code Execution via Malformed CDP Packets
CVE-2013-0728
ERDAS APOLLO ECWP <13.00.0001 - Buffer Overflow
CVE-2013-1217
Cisco IOS - Denial of Service via SNMP Request Buffer Overflow
CVE-2013-0541
IBM WebSphere Application Server <6.1.0.47-8.5.0.2 - Buffer Overflow
CVE-2013-3075
Mitsubishi MX Component 3 - Buffer Overflow
CVE-2013-2832
Google Chrome OS <26.0.1410.57 - Info Disclosure
CVE-2013-2760
Groovy Media Player 3.2.0 - Remote Code Execution via Long String in .m3u File
CVE-2013-0270 MEDIUM
OpenStack Keystone < 2012.1.3 and < 8.0.0a0 - Denial of Service via Long Tenant Name
CVSS 6.5
CVE-2013-1173
Cisco AnyConnect < - Buffer Overflow
CVE-2013-1912
HAProxy 1.4-1.4.22 and 1.5-dev-1.5-dev17 - Buffer Overflow via Pipelined HTTP Requests
CVE-2013-1383
Adobe Shockwave Player < 12.0.2.122 - Remote Code Execution
CVE-2013-1379
Adobe Flash Player < 10.3.183.75 and 11.x < 11.7.700.169 - Remote Code Execution
CVE-2013-1378
Adobe Flash Player < 10.3.183.75 and 11.x < 11.7.700.169 - Remote Code Execution
CVE-2013-1295
Microsoft Windows - Privilege Escalation
CVE-2013-1790
poppler < 0.22.1 - Memory Corruption via CCITTFaxStream::lookChar
CVE-2013-1788
poppler < 0.22.0 - Memory Corruption in Splash, Function, and Stream Components
CVE-2013-0131
NVIDIA GPU Driver < 304.88, 310.x < 310.44, 313.x < 313.30 - Buffer Overflow via Large ARGB Cursor
CVE-2013-0109
NVIDIA Display Driver <307.78 & R310<311.00 - Privilege Escalation/DoS via Exception Handling
CVE-2013-0682
Cogent DataHub <7.3.0-6.4.22 - DoS/Arbitrary Code Execution
Details
Vulnerabilities 14,011
Exploit Likelihood High