VYPR

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

ClassStableLikelihood: High

Description

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9

CVEs mapped to this weakness (10,979)

page 155 of 549
  • CVE-2017-8364HigApr 30, 2017
    risk 0.51cvss 7.8epss 0.02

    The read_buf function in stream.c in rzip 2.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted archive.

  • CVE-2017-7720HigApr 26, 2017
    risk 0.51cvss 7.8epss 0.00

    Buffer overflow in PrivateTunnel 2.7 and 2.8 allows local attackers to cause a denial of service (SEH overwrite) or possibly have unspecified other impact via a long password.

  • CVE-2016-6915HigApr 24, 2017
    risk 0.51cvss 7.8epss 0.00

    Stack-based buffer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5.

  • CVE-2016-6917HigApr 24, 2017
    risk 0.51cvss 7.8epss 0.00

    Buffer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5.

  • CVE-2017-8070HigApr 23, 2017
    risk 0.51cvss 7.8epss 0.00

    drivers/net/usb/catc.c in the Linux kernel 4.9.x before 4.9.11 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more…

  • CVE-2017-8069HigApr 23, 2017
    risk 0.51cvss 7.8epss 0.00

    drivers/net/usb/rtl8150.c in the Linux kernel 4.9.x before 4.9.11 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of…

  • CVE-2017-8068HigApr 23, 2017
    risk 0.51cvss 7.8epss 0.00

    drivers/net/usb/pegasus.c in the Linux kernel 4.9.x before 4.9.11 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of…

  • CVE-2017-8066HigApr 23, 2017
    risk 0.51cvss 7.8epss 0.00

    drivers/net/can/usb/gs_usb.c in the Linux kernel 4.9.x and 4.10.x before 4.10.2 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by…

  • CVE-2017-8065HigApr 23, 2017
    risk 0.51cvss 7.8epss 0.00

    crypto/ccm.c in the Linux kernel 4.9.x and 4.10.x through 4.10.12 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of…

  • CVE-2017-8064HigApr 23, 2017
    risk 0.51cvss 7.8epss 0.00

    drivers/media/usb/dvb-usb-v2/dvb_usb_core.c in the Linux kernel 4.9.x and 4.10.x before 4.10.12 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other…

  • CVE-2017-8063HigApr 23, 2017
    risk 0.51cvss 7.8epss 0.00

    drivers/media/usb/dvb-usb/cxusb.c in the Linux kernel 4.9.x and 4.10.x before 4.10.12 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash) or possibly have unspecified other impact by leveraging use of more…

  • CVE-2017-8062HigApr 23, 2017
    risk 0.51cvss 7.8epss 0.00

    drivers/media/usb/dvb-usb/dw2102.c in the Linux kernel 4.9.x and 4.10.x before 4.10.4 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by…

  • CVE-2017-8061HigApr 23, 2017
    risk 0.51cvss 7.8epss 0.00

    drivers/media/usb/dvb-usb/dvb-usb-firmware.c in the Linux kernel 4.9.x and 4.10.x before 4.10.7 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other…

  • CVE-2016-4650HigApr 20, 2017
    risk 0.51cvss 7.8epss 0.02

    Heap-based buffer overflow in IOHIDFamily in Apple iOS before 9.3.2, OS X before 10.11.5, and tvOS before 9.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

  • CVE-2016-4293HigApr 20, 2017
    risk 0.51cvss 7.8epss 0.04

    Multiple heap-based buffer overflows in the (1) CBookBase::SetDefTableStyle and (2) CBookBase::SetDefPivotStyle functions in Hancom Office 2014 VP allow remote attackers to execute arbitrary code via a crafted Hangul Hcell Document (.cell) file.

  • CVE-2017-7961HigApr 19, 2017
    risk 0.51cvss 7.8epss 0.02

    The cr_tknzr_parse_rgb function in cr-tknzr.c in libcroco 0.6.11 and 0.6.12 has an "outside the range of representable values of type long" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified…

  • CVE-2010-1816HigApr 13, 2017
    risk 0.51cvss 7.8epss 0.02

    Buffer overflow in ImageIO in Apple Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a crafted image.

  • CVE-2016-9958HigApr 12, 2017
    risk 0.51cvss 7.8epss 0.02

    game-music-emu before 0.6.1 allows remote attackers to write to arbitrary memory locations.

  • CVE-2016-9957HigApr 12, 2017
    risk 0.51cvss 7.8epss 0.02

    Stack-based buffer overflow in game-music-emu before 0.6.1.

  • CVE-2017-3065HigApr 12, 2017
    risk 0.51cvss 7.8epss 0.03

    Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the font manipulation functionality. Successful exploitation could lead to arbitrary code execution.