CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Description
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9
CVEs mapped to this weakness (10,979)
page 180 of 549| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-14590 | Hig | 0.49 | 7.5 | 0.01 | Jul 24, 2018 | An issue has been discovered in Bento4 1.5.1-624. A SEGV can occur in AP4_Processor::ProcessFragments in Core/Ap4Processor.cpp. | ||
| CVE-2018-0346 | Hig | 0.49 | 7.5 | 0.02 | Jul 18, 2018 | A vulnerability in the Zero Touch Provisioning service of the Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incorrect bounds checks for certain values in… | ||
| CVE-2018-13997 | Hig | 0.49 | 7.5 | 0.01 | Jul 12, 2018 | Genann through 2018-07-08 has a SEGV in genann_run in genann.c. | ||
| CVE-2018-13848 | Hig | 0.49 | 7.5 | 0.01 | Jul 10, 2018 | An issue has been found in Bento4 1.5.1-624. It is a SEGV in AP4_StszAtom::GetSampleSize in Core/Ap4StszAtom.cpp. | ||
| CVE-2018-13847 | Hig | 0.49 | 7.5 | 0.01 | Jul 10, 2018 | An issue has been found in Bento4 1.5.1-624. It is a SEGV in AP4_StcoAtom::AdjustChunkOffsets in Core/Ap4StcoAtom.cpp. | ||
| CVE-2018-10664 | Hig | 0.49 | 7.5 | 0.02 | Jun 26, 2018 | An issue was discovered in the httpd process in multiple models of Axis IP Cameras. There is Memory Corruption. | ||
| CVE-2018-10659 | Hig | 0.49 | 7.5 | 0.02 | Jun 26, 2018 | There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which allows remote attackers to cause a denial of service (crash) by sending a crafted command which will result in a code path that calls the UND undefined ARM instruction. | ||
| CVE-2018-10658 | Hig | 0.49 | 7.5 | 0.02 | Jun 26, 2018 | There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which causes a denial of service (crash). The crash arises from code inside libdbus-send.so shared object or similar. | ||
| CVE-2018-0311 | Hig | 0.49 | 7.5 | 0.03 | Jun 21, 2018 | A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists because the affected software… | ||
| CVE-2018-0298 | Hig | 0.49 | 7.5 | 0.02 | Jun 21, 2018 | A vulnerability in the web UI of Cisco FXOS and Cisco UCS Fabric Interconnect Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected system. The vulnerability is due to incorrect input validation in the web UI. An attacker could… | ||
| CVE-2018-7167 | Hig | 0.49 | 7.5 | 0.07 | Jun 13, 2018 | Calling Buffer.fill() or Buffer.alloc() with some parameters can lead to a hang which could result in a Denial of Service. In order to address this vulnerability, the implementations of Buffer.alloc() and Buffer.fill() were updated so that they zero fill instead of hanging in… | ||
| CVE-2018-5177 | Hig | 0.49 | 7.5 | 0.04 | Jun 11, 2018 | A vulnerability exists in XSLT during number formatting where a negative buffer size may be allocated in some instances, leading to a buffer overflow and crash if it occurs. This vulnerability affects Firefox < 60. | ||
| CVE-2017-5467 | Hig | 0.49 | 7.5 | 0.02 | Jun 11, 2018 | A potential memory corruption and crash when using Skia content when drawing content outside of the bounds of a clipping region. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 52.1, and Firefox < 53. | ||
| CVE-2017-5444 | Hig | 0.49 | 7.5 | 0.07 | Jun 11, 2018 | A buffer overflow vulnerability while parsing "application/http-index-format" format content when the header contains improperly formatted data. This allows for an out-of-bounds read of data from memory. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox… | ||
| CVE-2017-5412 | Hig | 0.49 | 7.5 | 0.05 | Jun 11, 2018 | A buffer overflow read during SVG filter color value operations, resulting in data exposure. This vulnerability affects Firefox < 52 and Thunderbird < 52. | ||
| CVE-2017-5406 | Hig | 0.49 | 7.5 | 0.02 | Jun 11, 2018 | A segmentation fault can occur in the Skia graphics library during some canvas operations due to issues with mask/clip intersection and empty masks. This vulnerability affects Firefox < 52 and Thunderbird < 52. | ||
| CVE-2016-9897 | Hig | 0.49 | 7.5 | 0.03 | Jun 11, 2018 | Memory corruption resulting in a potentially exploitable crash during WebGL functions using a vector constructor with a varying array within libGLES. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6. | ||
| CVE-2016-9894 | Hig | 0.49 | 7.5 | 0.05 | Jun 11, 2018 | A buffer overflow in SkiaGl caused when a GrGLBuffer is truncated during allocation. Later writers will overflow the buffer, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 50.1. | ||
| CVE-2016-5296 | Hig | 0.49 | 7.5 | 0.04 | Jun 11, 2018 | A heap-buffer-overflow in Cairo when processing SVG content caused by compiler optimization, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50. | ||
| CVE-2018-11361 | Hig | 0.49 | 7.5 | 0.03 | May 22, 2018 | In Wireshark 2.6.0, the IEEE 802.11 protocol dissector could crash. This was addressed in epan/crypt/dot11decrypt.c by avoiding a buffer overflow during FTE processing in Dot11DecryptTDLSDeriveKey. |
- risk 0.49cvss 7.5epss 0.01
An issue has been discovered in Bento4 1.5.1-624. A SEGV can occur in AP4_Processor::ProcessFragments in Core/Ap4Processor.cpp.
- risk 0.49cvss 7.5epss 0.02
A vulnerability in the Zero Touch Provisioning service of the Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incorrect bounds checks for certain values in…
- risk 0.49cvss 7.5epss 0.01
Genann through 2018-07-08 has a SEGV in genann_run in genann.c.
- risk 0.49cvss 7.5epss 0.01
An issue has been found in Bento4 1.5.1-624. It is a SEGV in AP4_StszAtom::GetSampleSize in Core/Ap4StszAtom.cpp.
- risk 0.49cvss 7.5epss 0.01
An issue has been found in Bento4 1.5.1-624. It is a SEGV in AP4_StcoAtom::AdjustChunkOffsets in Core/Ap4StcoAtom.cpp.
- risk 0.49cvss 7.5epss 0.02
An issue was discovered in the httpd process in multiple models of Axis IP Cameras. There is Memory Corruption.
- risk 0.49cvss 7.5epss 0.02
There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which allows remote attackers to cause a denial of service (crash) by sending a crafted command which will result in a code path that calls the UND undefined ARM instruction.
- risk 0.49cvss 7.5epss 0.02
There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which causes a denial of service (crash). The crash arises from code inside libdbus-send.so shared object or similar.
- risk 0.49cvss 7.5epss 0.03
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists because the affected software…
- risk 0.49cvss 7.5epss 0.02
A vulnerability in the web UI of Cisco FXOS and Cisco UCS Fabric Interconnect Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected system. The vulnerability is due to incorrect input validation in the web UI. An attacker could…
- risk 0.49cvss 7.5epss 0.07
Calling Buffer.fill() or Buffer.alloc() with some parameters can lead to a hang which could result in a Denial of Service. In order to address this vulnerability, the implementations of Buffer.alloc() and Buffer.fill() were updated so that they zero fill instead of hanging in…
- risk 0.49cvss 7.5epss 0.04
A vulnerability exists in XSLT during number formatting where a negative buffer size may be allocated in some instances, leading to a buffer overflow and crash if it occurs. This vulnerability affects Firefox < 60.
- risk 0.49cvss 7.5epss 0.02
A potential memory corruption and crash when using Skia content when drawing content outside of the bounds of a clipping region. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 52.1, and Firefox < 53.
- risk 0.49cvss 7.5epss 0.07
A buffer overflow vulnerability while parsing "application/http-index-format" format content when the header contains improperly formatted data. This allows for an out-of-bounds read of data from memory. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox…
- risk 0.49cvss 7.5epss 0.05
A buffer overflow read during SVG filter color value operations, resulting in data exposure. This vulnerability affects Firefox < 52 and Thunderbird < 52.
- risk 0.49cvss 7.5epss 0.02
A segmentation fault can occur in the Skia graphics library during some canvas operations due to issues with mask/clip intersection and empty masks. This vulnerability affects Firefox < 52 and Thunderbird < 52.
- risk 0.49cvss 7.5epss 0.03
Memory corruption resulting in a potentially exploitable crash during WebGL functions using a vector constructor with a varying array within libGLES. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.
- risk 0.49cvss 7.5epss 0.05
A buffer overflow in SkiaGl caused when a GrGLBuffer is truncated during allocation. Later writers will overflow the buffer, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 50.1.
- risk 0.49cvss 7.5epss 0.04
A heap-buffer-overflow in Cairo when processing SVG content caused by compiler optimization, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.
- risk 0.49cvss 7.5epss 0.03
In Wireshark 2.6.0, the IEEE 802.11 protocol dissector could crash. This was addressed in epan/crypt/dot11decrypt.c by avoiding a buffer overflow during FTE processing in Dot11DecryptTDLSDeriveKey.