CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

13,962 vulnerabilities with CWE-119
CVE-2025-20053 HIGH
Intel(R) Xeon(R) Processor - Privilege Escalation
CVSS 7.2
CVE-2025-55159 MEDIUM
slab 0.4.10 - Memory Corruption via get_disjoint_mut Bounds Check Bypass
CVE-2025-8851 MEDIUM
libtiff < 4.5.1 - Stack-based Buffer Overflow in tiffcrop readSeparateStripsetoBuffer
CVSS 5.3
CVE-2025-8846 MEDIUM
NASM Netwide Assembler 2.17rc0 - Stack-Based Buffer Overflow in parse_line Function
CVSS 5.3
CVE-2025-8845 MEDIUM
NASM Netwide Assembler 2.17rc0 - Stack-Based Buffer Overflow in assemble_file Function
CVSS 5.3
CVE-2025-8843 MEDIUM
NASM Netwide Assembler 2.17rc0 - Heap-Based Buffer Overflow in macho_no_dead_strip
CVSS 5.3
CVE-2025-8842 MEDIUM
NASM Netwide Assembler 2.17rc0 - Use-After-Free in do_directive Function
CVSS 5.3
CVE-2025-8837 MEDIUM
JasPer < 4.2.5 - Use-After-Free in JPEG2000 File Handler
CVSS 5.3
CVE-2025-8833 HIGH
Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 - Stack-based Buffer Overflow via langSelectionOnly Parameter
CVSS 8.8
CVE-2025-8832 HIGH
Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 - Stack-based Buffer Overflow via DMZIPAddress Parameter
CVSS 8.8
CVE-2025-8831 HIGH
Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 - Stack-based Buffer Overflow via remoteManagement portNumber
CVSS 8.8
CVE-2025-8826 HIGH
Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 - Stack-based Buffer Overflow via apcli_AuthMode Parameter
CVSS 8.8
CVE-2025-8824 HIGH
Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 - Stack-based Buffer Overflow via setRIP Function
CVSS 8.8
CVE-2025-8822 HIGH
Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 - Stack-based Buffer Overflow via opMode Argument
CVSS 8.8
CVE-2025-8820 HIGH
Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 - Stack-based Buffer Overflow via wirelessBasic submit_SSID1 Parameter
CVSS 8.8
CVE-2025-8819 HIGH
Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 - Stack-based Buffer Overflow via setWan staticIp Parameter
CVSS 8.8
CVE-2025-8817 HIGH
Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 - Stack-based Buffer Overflow via setLan lan2enabled Parameter
CVSS 8.8
CVE-2025-8816 HIGH
Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 - Stack-based Buffer Overflow via ethConv Argument
CVSS 8.8
CVE-2025-8810 HIGH
Tenda AC20 16.03.08.05 - Stack-Based Buffer Overflow via SetFirewallCfg firewallEn Parameter
CVSS 8.8
CVE-2025-8746 LOW
GNU libopts < 27.6 - Memory Corruption in __strstr_sse2
CVSS 3.3
CVE-2025-8736 MEDIUM
GNU cflow < 1.8 - Buffer Overflow in Lexer yylex Function
CVSS 5.3
CVE-2025-8585 MEDIUM
libav < 12.3 - Double Free in DSS File Demuxer
CVSS 5.3
CVE-2025-4423 HIGH
InsydeH2O < L05.05.40.011803.172079 - Buffer Overflow
CVSS 8.2
CVE-2025-43277 HIGH
macOS Sonoma <14.8 - Memory Corruption
CVSS 7.8
CVE-2025-43214 MEDIUM
Safari < 18.6 - Memory Corruption via Malicious Web Content
CVSS 6.5
Details
Vulnerabilities 13,962
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits