VYPR

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

ClassStableLikelihood: High

Description

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9

CVEs mapped to this weakness (10,979)

page 117 of 549
  • CVE-2016-0055HigFeb 10, 2016
    risk 0.52cvss 7.8epss 0.16

    Microsoft Office 2007 SP3 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

  • CVE-2016-0054HigFeb 10, 2016
    risk 0.52cvss 7.8epss 0.16

    Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, Excel…

  • CVE-2016-0053HigFeb 10, 2016
    risk 0.52cvss 7.8epss 0.20

    Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps Server 2013 SP1, and SharePoint Server 2013 SP1 allow remote…

  • CVE-2016-0052HigFeb 10, 2016
    risk 0.52cvss 7.8epss 0.20

    Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps Server 2013 SP1, and…

  • CVE-2016-0038HigFeb 10, 2016
    risk 0.52cvss 7.8epss 0.18

    Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted Journal file, aka "Windows Journal Memory…

  • CVE-2016-0022HigFeb 10, 2016
    risk 0.52cvss 7.8epss 0.20

    Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps Server 2013 SP1, and…

  • CVE-2016-0010HigJan 13, 2016
    risk 0.52cvss 7.8epss 0.22

    Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office 2016, Excel for Mac 2011, PowerPoint for Mac 2011, Word for Mac 2011, Excel 2016 for Mac, PowerPoint 2016 for Mac, Word 2016 for Mac, and Word Viewer allow remote attackers to execute…

  • CVE-2012-2897HigSep 26, 2012
    risk 0.52cvss 7.8epss 0.22

    The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT, as used by Google Chrome before 22.0.1229.79 and other…

  • CVE-2026-12193HigJun 15, 2026
    risk 0.51cvss 7.8epss 0.00

    A vulnerability was identified in VS Revo RevoUninstaller 2.5.x/2.6.x. The affected element is the function IOCtl_Handler in the library RevoDetector.sys of the component IOCTL Handler. Such manipulation leads to heap-based buffer overflow. The attack must be carried out…

  • CVE-2025-47408HigMay 4, 2026
    risk 0.51cvss 7.8epss 0.00

    Memory corruption when another driver calls an IOCTL with invalid input/output buffer.

  • CVE-2025-47405HigMay 4, 2026
    risk 0.51cvss 7.8epss 0.00

    Memory corruption when processing camera sensor input/output control codes with invalid output buffers.

  • CVE-2026-22167HigMay 1, 2026
    risk 0.51cvss 7.8epss 0.00

    Software installed and run as a non-privileged user may conduct improper GPU system calls to force GPU to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in…

  • CVE-2026-6776HigApr 21, 2026
    risk 0.51cvss 7.8epss 0.00

    Incorrect boundary conditions in the WebRTC: Networking component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.

  • CVE-2024-44238HigJan 16, 2026
    risk 0.51cvss 7.8epss 0.00

    The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1. An app may be able to corrupt coprocessor memory.

  • CVE-2025-5555HigOct 18, 2025
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been found in Nixdorf Wincor PORT IO Driver up to 1.0.0.1. This affects the function sub_11100 in the library wnport.sys of the component IOCTL Handler. Such manipulation leads to stack-based buffer overflow. Local access is required to approach this attack.…

  • CVE-2025-33044HigOct 14, 2025
    risk 0.51cvss 7.8epss 0.00

    APTIOV contains a vulnerability in BIOS where an attacker may cause an Improper Restriction of Operations within the Bounds of a Memory Buffer by local means. Successful exploitation of this vulnerability may lead to memory corruption and impact Integrity and Availability.

  • CVE-2025-43277HigJul 30, 2025
    risk 0.51cvss 7.8epss 0.00

    The issue was addressed with improved memory handling. This issue is fixed in iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, macOS Sonoma 14.8, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing a maliciously crafted audio file may lead to memory corruption.

  • CVE-2025-26597HigFeb 25, 2025
    risk 0.51cvss 7.8epss 0.00

    A buffer overflow flaw was found in X.Org and Xwayland. If XkbChangeTypesOfKey() is called with a 0 group, it will resize the key symbols table to 0 but leave the key actions unchanged. If the same function is later called with a non-zero value of groups, this will cause a…

  • CVE-2023-48267HigFeb 12, 2025
    risk 0.51cvss 7.9epss 0.00

    Improper buffer restrictions in some Intel(R) System Security Report and System Resources Defense firmware may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2024-27857HigJun 10, 2024
    risk 0.51cvss 7.8epss 0.02

    An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2. A remote attacker may be able to cause unexpected app termination or arbitrary code execution.