CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Description
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9
CVEs mapped to this weakness (10,979)
page 154 of 549| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-2503 | Hig | 0.51 | 7.8 | 0.01 | May 22, 2017 | An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | ||
| CVE-2017-2499 | Hig | 0.51 | 7.8 | 0.01 | May 22, 2017 | An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. tvOS before 10.2.1 is affected. The issue involves the "WebKit Web Inspector" component. It allows attackers to execute arbitrary unsigned code or cause a denial… | ||
| CVE-2017-2494 | Hig | 0.51 | 7.8 | 0.01 | May 22, 2017 | An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | ||
| CVE-2017-6887 | Hig | 0.51 | 7.8 | 0.02 | May 16, 2017 | A boundary error within the "parse_tiff_ifd()" function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be exploited to cause a memory corruption via e.g. a specially crafted KDC file with model set to "DSLR-A100" and containing multiple sequences of 0x100 and… | ||
| CVE-2016-10239 | Hig | 0.51 | 7.8 | 0.01 | May 16, 2017 | In TrustZone access control policy may potentially be bypassed in all Android releases from CAF using the Linux kernel due to improper input validation an integer overflow vulnerability leading to a buffer overflow could potentially occur and a buffer over-read vulnerability… | ||
| CVE-2015-8999 | Hig | 0.51 | 7.8 | 0.01 | May 16, 2017 | In TrustZone a buffer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel while loading an ELF file. | ||
| CVE-2014-9937 | Hig | 0.51 | 7.8 | 0.01 | May 16, 2017 | In TrustZone a buffer overflow vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel. | ||
| CVE-2014-9931 | Hig | 0.51 | 7.8 | 0.01 | May 16, 2017 | A buffer overflow vulnerability in all Android releases from CAF using the Linux kernel can potentially occur if an OEM performs an app region size customization due to a hard-coded value. | ||
| CVE-2017-8245 | Hig | 0.51 | 7.8 | 0.00 | May 12, 2017 | In all Android releases from CAF using the Linux kernel, while processing a voice SVC request which is nonstandard by specifying a payload size that will overflow its own declared size, an out of bounds memory copy occurs. | ||
| CVE-2017-0592 | Hig | 0.51 | 7.8 | 0.01 | May 12, 2017 | A remote code execution vulnerability in FLACExtractor.cpp in libstagefright in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote… | ||
| CVE-2017-0591 | Hig | 0.51 | 7.8 | 0.01 | May 12, 2017 | A remote code execution vulnerability in libavc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the… | ||
| CVE-2017-0590 | Hig | 0.51 | 7.8 | 0.01 | May 12, 2017 | A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the… | ||
| CVE-2017-0589 | Hig | 0.51 | 7.8 | 0.01 | May 12, 2017 | A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the… | ||
| CVE-2017-0588 | Hig | 0.51 | 7.8 | 0.01 | May 12, 2017 | A remote code execution vulnerability in id3/ID3.cpp in libstagefright in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code… | ||
| CVE-2017-0587 | Hig | 0.51 | 7.8 | 0.01 | May 12, 2017 | A remote code execution vulnerability in libmpeg2 in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the… | ||
| CVE-2017-8854 | Hig | 0.51 | 7.8 | 0.02 | May 9, 2017 | wolfSSL before 3.10.2 has an out-of-bounds memory access with loading crafted DH parameters, aka a buffer overflow triggered by a malformed temporary DH file. | ||
| CVE-2017-8844 | Hig | 0.51 | 7.8 | 0.02 | May 8, 2017 | The read_1g function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted archive. | ||
| CVE-2017-8419 | Hig | 0.51 | 7.8 | 0.02 | May 2, 2017 | LAME through 3.99.5 relies on the signed integer data type for values in a WAV or AIFF header, which allows remote attackers to cause a denial of service (stack-based buffer overflow or heap-based buffer overflow) or possibly have unspecified other impact via a crafted file, as… | ||
| CVE-2017-8373 | Hig | 0.51 | 7.8 | 0.03 | May 1, 2017 | The mad_layer_III function in layer3.c in Underbit MAD libmad 0.15.1b allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted audio file. | ||
| CVE-2017-8367 | Hig | 0.51 | 7.8 | 0.01 | Apr 30, 2017 | Buffer overflow in Ether Software Easy MOV Converter 1.4.24, Easy DVD Creator, Easy MPEG/AVI/DIVX/WMV/RM to DVD, Easy Avi/Divx/Xvid to DVD Burner, Easy MPEG to DVD Burner, Easy WMV/ASF/ASX to DVD Burner, Easy RM RMVB to DVD Burner, Easy CD DVD Copy, MP3/AVI/MPEG/WMV/RM to Audio… |
- risk 0.51cvss 7.8epss 0.01
An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
- risk 0.51cvss 7.8epss 0.01
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. tvOS before 10.2.1 is affected. The issue involves the "WebKit Web Inspector" component. It allows attackers to execute arbitrary unsigned code or cause a denial…
- risk 0.51cvss 7.8epss 0.01
An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
- risk 0.51cvss 7.8epss 0.02
A boundary error within the "parse_tiff_ifd()" function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be exploited to cause a memory corruption via e.g. a specially crafted KDC file with model set to "DSLR-A100" and containing multiple sequences of 0x100 and…
- risk 0.51cvss 7.8epss 0.01
In TrustZone access control policy may potentially be bypassed in all Android releases from CAF using the Linux kernel due to improper input validation an integer overflow vulnerability leading to a buffer overflow could potentially occur and a buffer over-read vulnerability…
- risk 0.51cvss 7.8epss 0.01
In TrustZone a buffer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel while loading an ELF file.
- risk 0.51cvss 7.8epss 0.01
In TrustZone a buffer overflow vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel.
- risk 0.51cvss 7.8epss 0.01
A buffer overflow vulnerability in all Android releases from CAF using the Linux kernel can potentially occur if an OEM performs an app region size customization due to a hard-coded value.
- risk 0.51cvss 7.8epss 0.00
In all Android releases from CAF using the Linux kernel, while processing a voice SVC request which is nonstandard by specifying a payload size that will overflow its own declared size, an out of bounds memory copy occurs.
- risk 0.51cvss 7.8epss 0.01
A remote code execution vulnerability in FLACExtractor.cpp in libstagefright in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote…
- risk 0.51cvss 7.8epss 0.01
A remote code execution vulnerability in libavc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the…
- risk 0.51cvss 7.8epss 0.01
A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the…
- risk 0.51cvss 7.8epss 0.01
A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the…
- risk 0.51cvss 7.8epss 0.01
A remote code execution vulnerability in id3/ID3.cpp in libstagefright in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code…
- risk 0.51cvss 7.8epss 0.01
A remote code execution vulnerability in libmpeg2 in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the…
- risk 0.51cvss 7.8epss 0.02
wolfSSL before 3.10.2 has an out-of-bounds memory access with loading crafted DH parameters, aka a buffer overflow triggered by a malformed temporary DH file.
- risk 0.51cvss 7.8epss 0.02
The read_1g function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted archive.
- risk 0.51cvss 7.8epss 0.02
LAME through 3.99.5 relies on the signed integer data type for values in a WAV or AIFF header, which allows remote attackers to cause a denial of service (stack-based buffer overflow or heap-based buffer overflow) or possibly have unspecified other impact via a crafted file, as…
- risk 0.51cvss 7.8epss 0.03
The mad_layer_III function in layer3.c in Underbit MAD libmad 0.15.1b allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted audio file.
- risk 0.51cvss 7.8epss 0.01
Buffer overflow in Ether Software Easy MOV Converter 1.4.24, Easy DVD Creator, Easy MPEG/AVI/DIVX/WMV/RM to DVD, Easy Avi/Divx/Xvid to DVD Burner, Easy MPEG to DVD Burner, Easy WMV/ASF/ASX to DVD Burner, Easy RM RMVB to DVD Burner, Easy CD DVD Copy, MP3/AVI/MPEG/WMV/RM to Audio…