CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Description
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9
CVEs mapped to this weakness (10,979)
page 152 of 549| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-9754 | Hig | 0.51 | 7.8 | 0.03 | Jun 19, 2017 | The process_otr function in bfd/versados.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, does not validate a certain offset, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or… | ||
| CVE-2017-9753 | Hig | 0.51 | 7.8 | 0.03 | Jun 19, 2017 | The versados_mkobject function in bfd/versados.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, does not initialize a certain data structure, which allows remote attackers to cause a denial of service (buffer overflow and… | ||
| CVE-2017-9752 | Hig | 0.51 | 7.8 | 0.03 | Jun 19, 2017 | bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as… | ||
| CVE-2017-9751 | Hig | 0.51 | 7.8 | 0.03 | Jun 19, 2017 | opcodes/rl78-decode.opc in GNU Binutils 2.28 has an unbounded GETBYTE macro, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of… | ||
| CVE-2017-9745 | Hig | 0.51 | 7.8 | 0.03 | Jun 19, 2017 | The _bfd_vms_slurp_etir function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other… | ||
| CVE-2017-9744 | Hig | 0.51 | 7.8 | 0.03 | Jun 19, 2017 | The sh_elf_set_mach_from_flags function in bfd/elf32-sh.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified… | ||
| CVE-2017-9743 | Hig | 0.51 | 7.8 | 0.03 | Jun 19, 2017 | The print_insn_score32 function in opcodes/score7-dis.c:552 in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of… | ||
| CVE-2016-10395 | Hig | 0.51 | 7.8 | 0.00 | Jun 15, 2017 | In FlexNet Publisher versions before Luton SP1 (11.14.1.1) running FlexNet Publisher Licensing Service on Windows platform, a boundary error related to a named pipe within the FlexNet Publisher Licensing Service can be exploited to cause an out-of-bounds memory read access and… | ||
| CVE-2017-0637 | Hig | 0.51 | 7.8 | 0.01 | Jun 14, 2017 | A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the… | ||
| CVE-2017-8241 | Hig | 0.51 | 7.8 | 0.00 | Jun 13, 2017 | In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a WLAN function due to an incorrect message length. | ||
| CVE-2017-8238 | Hig | 0.51 | 7.8 | 0.00 | Jun 13, 2017 | In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a camera function. | ||
| CVE-2017-8237 | Hig | 0.51 | 7.8 | 0.00 | Jun 13, 2017 | In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists while loading a firmware image. | ||
| CVE-2017-8236 | Hig | 0.51 | 7.8 | 0.00 | Jun 13, 2017 | In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in an IPA driver. | ||
| CVE-2016-10342 | Hig | 0.51 | 7.8 | 0.01 | Jun 13, 2017 | In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a syscall handler. | ||
| CVE-2016-10340 | Hig | 0.51 | 7.8 | 0.01 | Jun 13, 2017 | In all Android releases from CAF using the Linux kernel, an integer underflow leading to buffer overflow vulnerability exists in a syscall handler. | ||
| CVE-2015-9028 | Hig | 0.51 | 7.8 | 0.01 | Jun 13, 2017 | In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a cryptographic routine. | ||
| CVE-2015-9025 | Hig | 0.51 | 7.8 | 0.01 | Jun 13, 2017 | In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a QTEE application. | ||
| CVE-2015-9023 | Hig | 0.51 | 7.8 | 0.01 | Jun 13, 2017 | In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in the PlayReady API. | ||
| CVE-2014-9963 | Hig | 0.51 | 7.8 | 0.01 | Jun 13, 2017 | In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in WideVine DRM. | ||
| CVE-2014-9960 | Hig | 0.51 | 7.8 | 0.01 | Jun 13, 2017 | In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in the PlayReady API. |
- risk 0.51cvss 7.8epss 0.03
The process_otr function in bfd/versados.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, does not validate a certain offset, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or…
- risk 0.51cvss 7.8epss 0.03
The versados_mkobject function in bfd/versados.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, does not initialize a certain data structure, which allows remote attackers to cause a denial of service (buffer overflow and…
- risk 0.51cvss 7.8epss 0.03
bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as…
- risk 0.51cvss 7.8epss 0.03
opcodes/rl78-decode.opc in GNU Binutils 2.28 has an unbounded GETBYTE macro, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of…
- risk 0.51cvss 7.8epss 0.03
The _bfd_vms_slurp_etir function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other…
- risk 0.51cvss 7.8epss 0.03
The sh_elf_set_mach_from_flags function in bfd/elf32-sh.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified…
- risk 0.51cvss 7.8epss 0.03
The print_insn_score32 function in opcodes/score7-dis.c:552 in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of…
- risk 0.51cvss 7.8epss 0.00
In FlexNet Publisher versions before Luton SP1 (11.14.1.1) running FlexNet Publisher Licensing Service on Windows platform, a boundary error related to a named pipe within the FlexNet Publisher Licensing Service can be exploited to cause an out-of-bounds memory read access and…
- risk 0.51cvss 7.8epss 0.01
A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the…
- risk 0.51cvss 7.8epss 0.00
In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a WLAN function due to an incorrect message length.
- risk 0.51cvss 7.8epss 0.00
In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a camera function.
- risk 0.51cvss 7.8epss 0.00
In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists while loading a firmware image.
- risk 0.51cvss 7.8epss 0.00
In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in an IPA driver.
- risk 0.51cvss 7.8epss 0.01
In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a syscall handler.
- risk 0.51cvss 7.8epss 0.01
In all Android releases from CAF using the Linux kernel, an integer underflow leading to buffer overflow vulnerability exists in a syscall handler.
- risk 0.51cvss 7.8epss 0.01
In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a cryptographic routine.
- risk 0.51cvss 7.8epss 0.01
In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a QTEE application.
- risk 0.51cvss 7.8epss 0.01
In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in the PlayReady API.
- risk 0.51cvss 7.8epss 0.01
In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in WideVine DRM.
- risk 0.51cvss 7.8epss 0.01
In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in the PlayReady API.