VYPR

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

ClassStableLikelihood: High

Description

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9

CVEs mapped to this weakness (10,979)

page 112 of 549
  • CVE-2020-15205CriSep 25, 2020
    risk 0.52cvss 9.0epss 0.01

    In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the `data_splits` argument of `tf.raw_ops.StringNGrams` lacks validation. This allows a user to pass values that can cause heap overflow errors and even leak contents of memory In the linked code snippet, all…

  • CVE-2018-8464HigSep 13, 2018
    risk 0.52cvss 7.5epss 0.43

    An remote code execution vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory, aka "Microsoft Edge PDF Remote Code Execution Vulnerability." This affects Microsoft Edge.

  • CVE-2018-15172HigAug 15, 2018
    risk 0.52cvss 7.5epss 0.08

    TP-Link WR840N devices have a buffer overflow via a long Authorization HTTP header.

  • CVE-2018-5925HigAug 13, 2018
    risk 0.52cvss 7.8epss 0.11

    A security vulnerability has been identified with certain HP Inkjet printers. A maliciously crafted file sent to an affected device can cause a static buffer overflow, which could allow remote code execution.

  • CVE-2018-5872HigJul 6, 2018
    risk 0.52cvss 8.0epss 0.00

    While parsing over-the-air information elements in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, the use of an out-of-range pointer offset can occur.

  • CVE-2018-10253HigApr 21, 2018
    risk 0.52cvss 7.5epss 0.08

    Paessler PRTG Network Monitor before 18.1.39.1648 mishandles stack memory during unspecified API calls.

  • CVE-2018-5378HigFeb 19, 2018
    risk 0.52cvss 7.1epss 0.75

    The Quagga BGP daemon (bgpd) prior to version 1.2.3 does not properly bounds check the data sent with a NOTIFY to a peer, if an attribute length is invalid. Arbitrary data from the bgpd process may be sent over the network to a peer and/or bgpd may crash.

  • CVE-2017-17088HigDec 19, 2017
    risk 0.52cvss 7.5epss 0.07

    The Enterprise version of SyncBreeze 10.2.12 and earlier is affected by a Remote Denial of Service vulnerability. The web server does not check bounds when reading server requests in the Host header on making a connection, resulting in a classic Buffer Overflow that causes a…

  • CVE-2017-11935HigDec 12, 2017
    risk 0.52cvss 7.8epss 0.19

    Microsoft Office 2016 Click-to-Run (C2R) allows a remote code execution vulnerability due to the way files are handled in memory, aka "Microsoft Excel Remote Code Execution Vulnerability".

  • CVE-2017-11940HigDec 8, 2017
    risk 0.52cvss 7.8epss 0.20

    The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, 1709 and Windows Server 2016, Windows Server, version 1709, Microsoft Exchange Server 2013 and…

  • CVE-2017-17099HigDec 3, 2017
    risk 0.52cvss 7.8epss 0.12

    There exists an unauthenticated SEH based Buffer Overflow vulnerability in the HTTP server of Flexense SyncBreeze Enterprise v10.1.16. When sending a GET request with an excessive length, it is possible for a malicious user to overwrite the SEH record and execute a payload that…

  • CVE-2017-2714HigNov 22, 2017
    risk 0.52cvss 8.0epss 0.01

    The GaussDB in FusionSphere OpenStack V100R005C10SPC705 and earlier versions has a buffer overflow vulnerability. An authenticated attacker on the LAN can exploit this vulnerability to execute arbitrary code or cause a denial of service (DoS) condition in the affected system.

  • CVE-2017-16902HigNov 20, 2017
    risk 0.52cvss 7.5epss 0.08

    On the Vonage VDV-23 115 3.2.11-0.9.40 home router, sending a long string of characters in the loginPassword and/or loginUsername field to goform/login causes the router to reboot.

  • CVE-2017-11825HigOct 13, 2017
    risk 0.52cvss 7.8epss 0.22

    Microsoft Office 2016 Click-to-Run (C2R) and Microsoft Office 2016 for Mac allow an attacker to use a specially crafted file to perform actions in the security context of the current user, due to how Microsoft Office handles files in memory, aka "Microsoft Office Remote Code…

  • CVE-2017-15035HigOct 5, 2017
    risk 0.52cvss 7.5epss 0.06

    EmTec PyroBatchFTP before 3.18 allows remote servers to cause a denial of service (application crash).

  • CVE-2017-8744HigSep 13, 2017
    risk 0.52cvss 7.8epss 0.17

    A remote code execution vulnerability exists in Excel Services, Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, and Microsoft Excel 2016 when they fail to properly handle…

  • CVE-2017-8743HigSep 13, 2017
    risk 0.52cvss 7.8epss 0.21

    A remote code execution vulnerability exists in Microsoft PowerPoint 2016, Microsoft SharePoint Enterprise Server 2016, and Office Online Server when they fail to properly handle objects in memory, aka "PowerPoint Remote Code Execution Vulnerability". This CVE ID is unique from…

  • CVE-2017-8742HigSep 13, 2017
    risk 0.52cvss 7.8epss 0.21

    A remote code execution vulnerability exists in Microsoft PowerPoint 2007 Service Pack 3, Microsoft PowerPoint 2010 Service Pack 2, Microsoft PowerPoint 2013 Service Pack 1, Microsoft PowerPoint 2013 RT Service Pack 1, Microsoft PowerPoint 2016, Microsoft PowerPoint Viewer 2007,…

  • CVE-2017-8725HigSep 13, 2017
    risk 0.52cvss 7.8epss 0.20

    A remote code execution vulnerability exists in Microsoft Publisher 2007 Service Pack 3 and Microsoft Publisher 2010 Service Pack 2 when they fail to properly handle objects in memory, aka "Microsoft Office Publisher Remote Code Execution".

  • CVE-2017-8632HigSep 13, 2017
    risk 0.52cvss 7.8epss 0.17

    A remote code execution vulnerability exists in Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Web Apps 2013, Microsoft Excel for Mac 2011, Microsoft Excel 2016 for Mac, and…