CWE-119
High likelihoodImproper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
14,016 vulnerabilities with CWE-119
CVE-2012-1051
XnView 1.98.5 - Remote Code Execution via JPEG2000 QCD Marker Segment
CVE-2012-0978
LuraWave JP2 Browser Plug-In <2.1.1.11 - Buffer Overflow
CVE-2012-0977
LuraWave JP2 ActiveX Control <2.1.5.11 - Buffer Overflow
CVE-2012-0449
Mozilla Firefox < 3.6.26 and 4.x-9.0 - Remote Code Execution via Malformed XSLT Stylesheet
CVE-2012-0444
Mozilla Firefox < 3.6.26 and 4.x-9.0 - Remote Code Execution via Ogg Vorbis File
CVE-2012-0929
HIGH
Schneider Electric Modicon Quantum PLC - Buffer Overflow
CVSS 7.5
CVE-2012-0029
qemu-kvm 0.12 - Heap-Based Buffer Overflow in e1000 Legacy Mode Packet Processing
CVE-2012-0807
Suhosin < 0.9.33 - Stack-Based Buffer Overflow via Long Set-Cookie Header
CVE-2012-0806
duckcorp bip < 0.8.8 - Authenticated Buffer Overflow via TCP Connection Handling
CVE-2012-0395
EMC NetWorker <7.6.3 - Buffer Overflow
CVE-2012-0916
RenRen Talk 2.9 - Remote Code Execution via Crafted Image in Chat Message
CVE-2012-0897
IrfanView < 4.33 - Remote Code Execution via JPEG2000 QCD Marker Segment
CVE-2012-0266
NTR ActiveX Control < 2.0.4.8 - Remote Code Execution via Long bstrUrl or bstrParams
CVE-2011-5327
CRITICAL
Linux Kernel 2.6.39-3.1 - Memory Corruption in tcm_loop_make_naa_tpg
CVSS 9.8
CVE-2011-5320
MEDIUM
glibc < 2.14.1 - Denial of Service via scanf Large String Input
CVSS 6.2
CVE-2011-3438
HIGH
Safari 5.0.6 - Remote Code Execution via WebKit Memory Corruption
CVSS 8.8
CVE-2011-3428
CRITICAL
QuickTime < 7.7.1 - Remote Code Execution
CVSS 9.8
CVE-2011-5295
Gogago YouTube Video Converter 1.1.6 - Buffer Overflow via Download Method in MDIEEx.dll
CVE-2011-5293
ThreeDify Designer 5.0.2 - Arbitrary File Write via cmdSave Method
CVE-2011-5288
ThreeDify Designer 5.0.2 - Remote Code Execution via ActiveX Method Buffer Overflow
CVE-2011-3623
VideoLAN VLC media player <1.0.2 - RCE
CVE-2011-2592
Citrix Access Gateway Plug-in 9.x < 9.3-57.5 and 10.0 < 10.0-69.4 - Remote Code Execution via CSEC HTTP Response Header
CVE-2011-3625
mplayer2 - Stack-based Buffer Overflow in SAMI Subtitle Parser
CVE-2011-5280
BOINC 6.13.x - Denial of Service via Stack-Based Buffer Overflow in Trickle-Up Handling
CVE-2011-3346
QEMU < 0.15.2 - Denial of Service via Crafted SAI READ CAPACITY SCSI Command
Details
Vulnerabilities
14,016
Exploit Likelihood
High