CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Description
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9
CVEs mapped to this weakness (10,979)
page 112 of 549| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-15205 | Cri | 0.52 | 9.0 | 0.01 | Sep 25, 2020 | In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the `data_splits` argument of `tf.raw_ops.StringNGrams` lacks validation. This allows a user to pass values that can cause heap overflow errors and even leak contents of memory In the linked code snippet, all… | ||
| CVE-2018-8464 | Hig | 0.52 | 7.5 | 0.43 | Sep 13, 2018 | An remote code execution vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory, aka "Microsoft Edge PDF Remote Code Execution Vulnerability." This affects Microsoft Edge. | ||
| CVE-2018-15172 | Hig | 0.52 | 7.5 | 0.08 | Aug 15, 2018 | TP-Link WR840N devices have a buffer overflow via a long Authorization HTTP header. | ||
| CVE-2018-5925 | Hig | 0.52 | 7.8 | 0.11 | Aug 13, 2018 | A security vulnerability has been identified with certain HP Inkjet printers. A maliciously crafted file sent to an affected device can cause a static buffer overflow, which could allow remote code execution. | ||
| CVE-2018-5872 | Hig | 0.52 | 8.0 | 0.00 | Jul 6, 2018 | While parsing over-the-air information elements in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, the use of an out-of-range pointer offset can occur. | ||
| CVE-2018-10253 | Hig | 0.52 | 7.5 | 0.08 | Apr 21, 2018 | Paessler PRTG Network Monitor before 18.1.39.1648 mishandles stack memory during unspecified API calls. | ||
| CVE-2018-5378 | Hig | 0.52 | 7.1 | 0.75 | Feb 19, 2018 | The Quagga BGP daemon (bgpd) prior to version 1.2.3 does not properly bounds check the data sent with a NOTIFY to a peer, if an attribute length is invalid. Arbitrary data from the bgpd process may be sent over the network to a peer and/or bgpd may crash. | ||
| CVE-2017-17088 | Hig | 0.52 | 7.5 | 0.07 | Dec 19, 2017 | The Enterprise version of SyncBreeze 10.2.12 and earlier is affected by a Remote Denial of Service vulnerability. The web server does not check bounds when reading server requests in the Host header on making a connection, resulting in a classic Buffer Overflow that causes a… | ||
| CVE-2017-11935 | Hig | 0.52 | 7.8 | 0.19 | Dec 12, 2017 | Microsoft Office 2016 Click-to-Run (C2R) allows a remote code execution vulnerability due to the way files are handled in memory, aka "Microsoft Excel Remote Code Execution Vulnerability". | ||
| CVE-2017-11940 | Hig | 0.52 | 7.8 | 0.20 | Dec 8, 2017 | The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, 1709 and Windows Server 2016, Windows Server, version 1709, Microsoft Exchange Server 2013 and… | ||
| CVE-2017-17099 | Hig | 0.52 | 7.8 | 0.12 | Dec 3, 2017 | There exists an unauthenticated SEH based Buffer Overflow vulnerability in the HTTP server of Flexense SyncBreeze Enterprise v10.1.16. When sending a GET request with an excessive length, it is possible for a malicious user to overwrite the SEH record and execute a payload that… | ||
| CVE-2017-2714 | Hig | 0.52 | 8.0 | 0.01 | Nov 22, 2017 | The GaussDB in FusionSphere OpenStack V100R005C10SPC705 and earlier versions has a buffer overflow vulnerability. An authenticated attacker on the LAN can exploit this vulnerability to execute arbitrary code or cause a denial of service (DoS) condition in the affected system. | ||
| CVE-2017-16902 | Hig | 0.52 | 7.5 | 0.08 | Nov 20, 2017 | On the Vonage VDV-23 115 3.2.11-0.9.40 home router, sending a long string of characters in the loginPassword and/or loginUsername field to goform/login causes the router to reboot. | ||
| CVE-2017-11825 | Hig | 0.52 | 7.8 | 0.22 | Oct 13, 2017 | Microsoft Office 2016 Click-to-Run (C2R) and Microsoft Office 2016 for Mac allow an attacker to use a specially crafted file to perform actions in the security context of the current user, due to how Microsoft Office handles files in memory, aka "Microsoft Office Remote Code… | ||
| CVE-2017-15035 | Hig | 0.52 | 7.5 | 0.06 | Oct 5, 2017 | EmTec PyroBatchFTP before 3.18 allows remote servers to cause a denial of service (application crash). | ||
| CVE-2017-8744 | Hig | 0.52 | 7.8 | 0.17 | Sep 13, 2017 | A remote code execution vulnerability exists in Excel Services, Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, and Microsoft Excel 2016 when they fail to properly handle… | ||
| CVE-2017-8743 | Hig | 0.52 | 7.8 | 0.21 | Sep 13, 2017 | A remote code execution vulnerability exists in Microsoft PowerPoint 2016, Microsoft SharePoint Enterprise Server 2016, and Office Online Server when they fail to properly handle objects in memory, aka "PowerPoint Remote Code Execution Vulnerability". This CVE ID is unique from… | ||
| CVE-2017-8742 | Hig | 0.52 | 7.8 | 0.21 | Sep 13, 2017 | A remote code execution vulnerability exists in Microsoft PowerPoint 2007 Service Pack 3, Microsoft PowerPoint 2010 Service Pack 2, Microsoft PowerPoint 2013 Service Pack 1, Microsoft PowerPoint 2013 RT Service Pack 1, Microsoft PowerPoint 2016, Microsoft PowerPoint Viewer 2007,… | ||
| CVE-2017-8725 | Hig | 0.52 | 7.8 | 0.20 | Sep 13, 2017 | A remote code execution vulnerability exists in Microsoft Publisher 2007 Service Pack 3 and Microsoft Publisher 2010 Service Pack 2 when they fail to properly handle objects in memory, aka "Microsoft Office Publisher Remote Code Execution". | ||
| CVE-2017-8632 | Hig | 0.52 | 7.8 | 0.17 | Sep 13, 2017 | A remote code execution vulnerability exists in Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Web Apps 2013, Microsoft Excel for Mac 2011, Microsoft Excel 2016 for Mac, and… |
- risk 0.52cvss 9.0epss 0.01
In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the `data_splits` argument of `tf.raw_ops.StringNGrams` lacks validation. This allows a user to pass values that can cause heap overflow errors and even leak contents of memory In the linked code snippet, all…
- risk 0.52cvss 7.5epss 0.43
An remote code execution vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory, aka "Microsoft Edge PDF Remote Code Execution Vulnerability." This affects Microsoft Edge.
- risk 0.52cvss 7.5epss 0.08
TP-Link WR840N devices have a buffer overflow via a long Authorization HTTP header.
- risk 0.52cvss 7.8epss 0.11
A security vulnerability has been identified with certain HP Inkjet printers. A maliciously crafted file sent to an affected device can cause a static buffer overflow, which could allow remote code execution.
- risk 0.52cvss 8.0epss 0.00
While parsing over-the-air information elements in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, the use of an out-of-range pointer offset can occur.
- risk 0.52cvss 7.5epss 0.08
Paessler PRTG Network Monitor before 18.1.39.1648 mishandles stack memory during unspecified API calls.
- risk 0.52cvss 7.1epss 0.75
The Quagga BGP daemon (bgpd) prior to version 1.2.3 does not properly bounds check the data sent with a NOTIFY to a peer, if an attribute length is invalid. Arbitrary data from the bgpd process may be sent over the network to a peer and/or bgpd may crash.
- risk 0.52cvss 7.5epss 0.07
The Enterprise version of SyncBreeze 10.2.12 and earlier is affected by a Remote Denial of Service vulnerability. The web server does not check bounds when reading server requests in the Host header on making a connection, resulting in a classic Buffer Overflow that causes a…
- risk 0.52cvss 7.8epss 0.19
Microsoft Office 2016 Click-to-Run (C2R) allows a remote code execution vulnerability due to the way files are handled in memory, aka "Microsoft Excel Remote Code Execution Vulnerability".
- risk 0.52cvss 7.8epss 0.20
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, 1709 and Windows Server 2016, Windows Server, version 1709, Microsoft Exchange Server 2013 and…
- risk 0.52cvss 7.8epss 0.12
There exists an unauthenticated SEH based Buffer Overflow vulnerability in the HTTP server of Flexense SyncBreeze Enterprise v10.1.16. When sending a GET request with an excessive length, it is possible for a malicious user to overwrite the SEH record and execute a payload that…
- risk 0.52cvss 8.0epss 0.01
The GaussDB in FusionSphere OpenStack V100R005C10SPC705 and earlier versions has a buffer overflow vulnerability. An authenticated attacker on the LAN can exploit this vulnerability to execute arbitrary code or cause a denial of service (DoS) condition in the affected system.
- risk 0.52cvss 7.5epss 0.08
On the Vonage VDV-23 115 3.2.11-0.9.40 home router, sending a long string of characters in the loginPassword and/or loginUsername field to goform/login causes the router to reboot.
- risk 0.52cvss 7.8epss 0.22
Microsoft Office 2016 Click-to-Run (C2R) and Microsoft Office 2016 for Mac allow an attacker to use a specially crafted file to perform actions in the security context of the current user, due to how Microsoft Office handles files in memory, aka "Microsoft Office Remote Code…
- risk 0.52cvss 7.5epss 0.06
EmTec PyroBatchFTP before 3.18 allows remote servers to cause a denial of service (application crash).
- risk 0.52cvss 7.8epss 0.17
A remote code execution vulnerability exists in Excel Services, Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, and Microsoft Excel 2016 when they fail to properly handle…
- risk 0.52cvss 7.8epss 0.21
A remote code execution vulnerability exists in Microsoft PowerPoint 2016, Microsoft SharePoint Enterprise Server 2016, and Office Online Server when they fail to properly handle objects in memory, aka "PowerPoint Remote Code Execution Vulnerability". This CVE ID is unique from…
- risk 0.52cvss 7.8epss 0.21
A remote code execution vulnerability exists in Microsoft PowerPoint 2007 Service Pack 3, Microsoft PowerPoint 2010 Service Pack 2, Microsoft PowerPoint 2013 Service Pack 1, Microsoft PowerPoint 2013 RT Service Pack 1, Microsoft PowerPoint 2016, Microsoft PowerPoint Viewer 2007,…
- risk 0.52cvss 7.8epss 0.20
A remote code execution vulnerability exists in Microsoft Publisher 2007 Service Pack 3 and Microsoft Publisher 2010 Service Pack 2 when they fail to properly handle objects in memory, aka "Microsoft Office Publisher Remote Code Execution".
- risk 0.52cvss 7.8epss 0.17
A remote code execution vulnerability exists in Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Web Apps 2013, Microsoft Excel for Mac 2011, Microsoft Excel 2016 for Mac, and…