CWE-119
High likelihoodImproper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
14,011 vulnerabilities with CWE-119
CVE-2012-4750
CRITICAL
Ezhometech EzServer 7.0 - Remote Code Execution via AMF Request memcpy Overflow
CVSS 9.8
CVE-2012-6712
CRITICAL
Linux Kernel 2.6.27-3.3 - Buffer Overflow in iwl-agn-sta.c
CVSS 9.8
CVE-2012-6711
HIGH
GNU Bash < 4.3 - Heap-Based Buffer Overflow via echo -e Built-in Function
CVSS 7.0
CVE-2012-0771
HIGH
Adobe Shockwave Player <11.6.4.634 - Memory Corruption
CVSS 8.8
CVE-2012-5361
HIGH
FFmpeg < 0.10.15 - Remote Code Execution via Crafted WMV File
CVSS 7.8
CVE-2012-6704
HIGH
Linux Kernel < 3.2.85 - Memory Corruption via Negative sk_sndbuf/sk_rcvbuf Values
CVSS 7.8
CVE-2012-6700
HIGH
Debian Linux - Memory Corruption
CVSS 7.5
CVE-2012-6699
HIGH
Debian Linux - Memory Corruption
CVSS 7.5
CVE-2012-6698
HIGH
Debian Linux - Memory Corruption
CVSS 7.5
CVE-2012-5451
TVMOBiLi <2.1.0.3974 - Buffer Overflow
CVE-2012-4988
XnView 1.99 and 1.99.1 - Remote Code Execution via Crafted JLS Image File
CVE-2012-5106
FreeFloat FTP Server 1.0 - Buffer Overflow
CVE-2012-0273
MinaliC 2.0.0 - Remote Code Execution via Stack-Based Buffer Overflow
CVE-2012-2052
Adobe Photoshop CS5 12.x-12.0.4 and CS5.1 12.1.x-12.1.0 - Remote Code Execution via U3D Library Collada Asset Element
CVE-2012-5044
Cisco IOS < 15.3(1)T - Denial of Service via VoIP Traffic
CVE-2012-1317
Cisco IOS - Denial of Service via High-Rate Multicast Packet Flood
CVE-2012-6429
Samsung Kies < 2.5.0.12114_1 - Remote Code Execution via SyncService.dll PrepareSync Password Argument
CVE-2012-4886
Kingsoft WPS Office <8.1.0.3238 - Buffer Overflow
CVE-2012-0270
Csound < 5.16.6 - Remote Code Execution via Crafted HETRO or PVOC File
CVE-2012-2108
Csound < 5.17.2 - Stack-based Buffer Overflow via Crafted File Conversion
CVE-2012-6618
FFmpeg < 1.0.2 - Denial of Service via Crafted MP3 File
CVE-2012-6616
FFmpeg < 1.0.2 - Denial of Service via Crafted 3GPP TS 26.245 Data
CVE-2012-6303
Snack Sound Toolkit - Heap-based Buffer Overflow in GetWavHeader
CVE-2012-4709
Invensys Wonderware InTouch HMI <2012 R2 - Info Disclosure
CVE-2012-4424
glibc < 2.17 - Stack-based Buffer Overflow via Long String in strcoll_l
Details
Vulnerabilities
14,011
Exploit Likelihood
High