CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,011 vulnerabilities with CWE-119
CVE-2013-0680
Cogent Real-Time Systems - Buffer Overflow
CVE-2013-1174
Cisco Tivoli Business Service Manager - DoS
CVE-2013-2761
Schneider Electric Modicon M340 - Authenticated Denial of Service via Crafted FTP Traffic
CVE-2013-0799
Mozilla Maintenance Service <20.0 - Buffer Overflow
CVE-2013-0791
Firefox < 20.0 - Memory Corruption via Crafted Certificate
CVE-2013-1664
OpenStack Keystone Essex/Folsom/Grizzly, Nova Essex/Folsom, Cinder Folsom DoS via XML Entity Expansion
CVE-2013-2686
Asterisk Open Source <1.8.20.2-11.2.2 - DoS
CVE-2013-2685
Asterisk Open Source <11.2.2 - Buffer Overflow
CVE-2013-0130
Coreftp < 2.2 - Memory Corruption
CVE-2013-1085
Novell GroupWise Messenger <2.2.2 - Buffer Overflow
CVE-2013-0512
IBM Security AppScan Enterprise 5.6/8.x < 8.7 & Rational Policy Tester 5.6/8.x < 8.5.0.4 - Stack-based Buffer Overflow
CVE-2013-1861
MariaDB 5.1.x-5.5.x - Denial of Service via Crafted Geometry Feature
CVE-2013-1492
MySQL 5.1.x < 5.1.68 and 5.5.x < 5.5.30 - Buffer Overflow in yaSSL
CVE-2013-1148
Cisco IOS and IOS XE - Denial of Service via Crafted IP SLA Packets
CVE-2013-1147
Cisco IOS 12.3-12.4 and 15.0-15.3 - Denial of Service via Protocol Translation TCP Connection Handling
CVE-2013-1146
Cisco IOS 12.2 and 15.0-15.3 - Denial of Service via Smart Install Image List Parameters
CVE-2013-1143
Cisco IOS 12.2/15.0-15.2 & IOS XE 3.1.xS-3.4.xS<3.4.5S/3.5.xS-3.7.xS<3.7.2S DoS via RSVP MPLS-TE PATH
CVE-2013-2494
ISC DHCP 4.2.x < 4.2.5-P1 - Denial of Service via Regular Expression in libdns
CVE-2013-2266
ISC BIND 9.7.x-9.8.4-P1, 9.8.5-9.8.5b1, 9.9.x-9.9.2-P1, 9.9.3-9.9.3b1 - Denial of Service via Crafted Regular Expression
CVE-2013-0923
Google Chrome <26.0.1410.43 - Memory Corruption
CVE-2013-0917
Google Chrome < 26.0.1410.43 - Denial of Service via Out-of-Bounds Read in URL Loader
CVE-2013-1860
Linux Kernel < 3.8.4 - Heap-Based Buffer Overflow in wdm_in_callback
CVE-2013-1796
Linux Kernel < 3.8.4 - Memory Corruption via KVM MSR_KVM_SYSTEM_TIME Misalignment
CVE-2013-0675
Siemens WinCC <7.2 - Buffer Overflow
CVE-2013-0674
Siemens SIMATIC PCS7 < 8.0 and WinCC < 7.2 - Remote Code Execution via RegReader ActiveX Control
Details
Vulnerabilities 14,011
Exploit Likelihood High