VYPR

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

ClassStableLikelihood: High

Description

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9

CVEs mapped to this weakness (10,979)

page 192 of 549
  • CVE-2016-3993HigMay 13, 2016
    risk 0.49cvss 7.5epss 0.03

    Off-by-one error in the __imlib_MergeUpdate function in lib/updates.c in imlib2 before 1.4.9 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted coordinates.

  • CVE-2016-2808HigApr 30, 2016
    risk 0.49cvss 7.5epss 0.02

    The watch implementation in the JavaScript engine in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allows remote attackers to execute arbitrary code or cause a denial of service (generation-count overflow, out-of-bounds HashMap write…

  • CVE-2016-3190HigApr 21, 2016
    risk 0.49cvss 7.5epss 0.02

    The fill_xrgb32_lerp_opaque_spans function in cairo-image-compositor.c in cairo before 1.14.2 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a negative span length.

  • CVE-2016-2280HigApr 21, 2016
    risk 0.49cvss 7.5epss 0.02

    Buffer overflow in RDISERVER in Honeywell Uniformance Process History Database (PHD) R310, R320, and R321 allows remote attackers to cause a denial of service (service outage) via unspecified vectors.

  • CVE-2015-6360HigApr 21, 2016
    risk 0.49cvss 7.5epss 0.08

    The encryption-processing feature in Cisco libSRTP before 1.5.3 allows remote attackers to cause a denial of service via crafted fields in SRTP packets, aka Bug ID CSCux00686.

  • CVE-2015-8676HigApr 14, 2016
    risk 0.49cvss 7.5epss 0.01

    Memory leak in Huawei S5300EI, S5300SI, S5310HI, S6300EI/ S2350EI, and S5300LI Campus series switches with software V200R001C00 before V200R001SPH018, V200R002C00 before V200R003SPH011, and V200R003C00 before V200R003SPH011; S9300, S7700, and S9700 Campus series switches with…

  • CVE-2015-8554HigApr 14, 2016
    risk 0.49cvss 7.5epss 0.00

    Buffer overflow in hw/pt-msi.c in Xen 4.6.x and earlier, when using the qemu-xen-traditional (aka qemu-dm) device model, allows local x86 HVM guest administrators to gain privileges by leveraging a system with access to a passed-through MSI-X capable physical PCI device and…

  • CVE-2016-3656HigApr 12, 2016
    risk 0.49cvss 7.5epss 0.02

    The GlobalProtect Portal in Palo Alto Networks PAN-OS before 5.0.18, 6.0.x before 6.0.13, 6.1.x before 6.1.10, and 7.0.x before 7.0.5H2 allows remote attackers to cause a denial of service (service crash) via a crafted request.

  • CVE-2012-6700HigApr 11, 2016
    risk 0.49cvss 7.5epss 0.02

    The decode_search function in dhcp.c in dhcpcd 3.x does not properly free allocated memory, which allows remote DHCP servers to cause a denial of service via a crafted response.

  • CVE-2012-6699HigApr 11, 2016
    risk 0.49cvss 7.5epss 0.02

    The decode_search function in dhcp.c in dhcpcd 3.x allows remote DHCP servers to cause a denial of service (out-of-bounds read) via a crafted response.

  • CVE-2012-6698HigApr 11, 2016
    risk 0.49cvss 7.5epss 0.02

    The decode_search function in dhcp.c in dhcpcd 3.x allows remote DHCP servers to cause a denial of service (out-of-bounds write) via a crafted response.

  • CVE-2015-6312HigApr 6, 2016
    risk 0.49cvss 7.5epss 0.02

    Cisco TelePresence Server 3.1 on 7010, Mobility Services Engine (MSE) 8710, Multiparty Media 310 and 320, and Virtual Machine (VM) devices allows remote attackers to cause a denial of service (device reload) via malformed STUN packets, aka Bug ID CSCuv01348.

  • CVE-2016-2344HigMar 28, 2016
    risk 0.49cvss 7.5epss 0.04

    Stack-based buffer overflow in manager.exe in Backburner Manager in Autodesk Backburner 2016 2016.0.0.2150 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted command. NOTE: this is only a vulnerability in…

  • CVE-2016-1312HigMar 9, 2016
    risk 0.49cvss 7.5epss 0.03

    The HTTPS inspection engine in the Content Security and Control Security Services Module (CSC-SSM) 6.6 before 6.6.1164.0 for Cisco ASA 5500 devices allows remote attackers to cause a denial of service (memory consumption or device reload) via a flood of HTTPS packets, aka Bug ID…

  • CVE-2015-8149HigFeb 18, 2016
    risk 0.49cvss 7.5epss 0.02

    The LDAP service in Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows remote attackers to cause a denial of service (heap memory corruption and service outage) via crafted requests.

  • CVE-2016-0773HigFeb 17, 2016
    risk 0.49cvss 7.5epss 0.07

    PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 allows remote attackers to cause a denial of service (infinite loop or buffer overflow and crash) via a large Unicode character range in a regular expression.

  • CVE-2015-8773HigJan 29, 2016
    risk 0.49cvss 7.5epss 0.01

    Stack-based buffer overflow in McPvDrv.sys 4.6.111.0 in McAfee File Lock 5.x in McAfee Total Protection allows attackers to cause a denial of service (system crash) via a long vault GUID in an ioctl call.

  • CVE-2016-1619HigJan 25, 2016
    risk 0.49cvss 7.6epss 0.01

    Multiple integer overflows in the (1) sycc422_to_rgb and (2) sycc444_to_rgb functions in fxcodec/codec/fx_codec_jpx_opj.cpp in PDFium, as used in Google Chrome before 48.0.2564.82, allow remote attackers to cause a denial of service (out-of-bounds read) or possibly have…

  • CVE-2016-0860HigJan 15, 2016
    risk 0.49cvss 7.5epss 0.05

    Buffer overflow in the BwpAlarm subsystem in Advantech WebAccess before 8.1 allows remote attackers to cause a denial of service via a crafted RPC request.

  • CVE-2016-0851HigJan 15, 2016
    risk 0.49cvss 7.5epss 0.02

    Advantech WebAccess before 8.1 allows remote attackers to cause a denial of service (out-of-bounds memory access) via unspecified vectors.