VYPR

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

ClassStableLikelihood: High

Description

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9

CVEs mapped to this weakness (10,979)

page 196 of 549
  • CVE-2025-46333HigApr 25, 2025
    risk 0.47cvss epss 0.00

    z2d is a pure Zig 2D graphics library. Versions of z2d after `0.5.1` and up to and including `0.6.0`, when writing from one surface to another using `z2d.compositor.StrideCompositor.run`, and higher-level operations when the anti-aliasing mode is set to `.default` (such as…

  • CVE-2023-6362HigOct 7, 2024
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been discovered in Winhex affecting version 16.1 SR-1 and 20.4. This vulnerability consists of a buffer overflow controlling the Structured Exception Handler (SEH) registers. This could allow attackers to execute arbitrary code via a long filename argument.

  • CVE-2023-6361HigOct 7, 2024
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been discovered in Winhex affecting version 16.1 SR-1 and 20.4. This vulnerability consists of a buffer overflow controlling the Structured Exception Handler (SEH) registers. This could allow attackers to execute arbitrary code via a long filename argument.

  • CVE-2018-5822HigApr 3, 2018
    risk 0.47cvss 7.3epss 0.00

    In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, compromised WLAN FW can potentially cause a buffer overwrite.

  • CVE-2017-14894HigApr 3, 2018
    risk 0.47cvss 7.3epss 0.00

    In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in wma_vdev_start_resp_handler(), vdev id is received from firmware as part of WMI_VDEV_START_RESP_EVENTID. This…

  • CVE-2017-14890HigApr 3, 2018
    risk 0.47cvss 7.3epss 0.00

    In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in the processing of an SWBA event, the vdev_map value is not properly validated leading to a potential buffer…

  • CVE-2018-5796HigFeb 5, 2018
    risk 0.47cvss 7.2epss 0.01

    An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is a Hidden Root Shell by entering the administrator password in conjunction with the 'service start-shell' CLI command.

  • CVE-2017-5712HigNov 21, 2017
    risk 0.47cvss 7.2epss 0.04

    Buffer overflow in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allows attacker with remote Admin access to the system to execute arbitrary code with AMT execution privilege.

  • CVE-2017-2276HigJul 22, 2017
    risk 0.47cvss 7.2epss 0.02

    Buffer overflow in WG-C10 v3.0.79 and earlier allows an attacker to execute arbitrary commands via unspecified vectors.

  • CVE-2017-10725HigJul 5, 2017
    risk 0.47cvss 7.3epss 0.00

    Winamp 5.666 Build 3516(x86) allows attackers to execute arbitrary code or cause a denial of service via a crafted .flv file, related to "Data from Faulting Address controls Code Flow starting at in_flv!winampGetInModule2+0x00000000000009a8."

  • CVE-2016-7820HigJun 9, 2017
    risk 0.47cvss 7.2epss 0.03

    Buffer overflow in I-O DATA DEVICE TS-WRLP firmware version 1.01.02 and earlier and TS-WRLA firmware version 1.01.02 and earlier allows an attacker with administrator rights to cause a denial-of-service (DoS) or execute arbitrary code via unspecified vectors.

  • CVE-2017-7965HigJun 7, 2017
    risk 0.47cvss 7.3epss 0.00

    A buffer overflow vulnerability exists in Programming Software executable AlTracePrint.exe, in Schneider Electric's SoMachine HVAC v2.1.0 for Modicon M171/M172 Controller.

  • CVE-2016-8998HigFeb 24, 2017
    risk 0.47cvss 7.2epss 0.02

    IBM Tivoli Storage Manager Server 7.1 could allow an authenticated user with TSM administrator privileges to cause a buffer overflow using a specially crafted SQL query and execute arbitrary code on the server. IBM Reference #: 1998747.

  • CVE-2016-6115HigFeb 1, 2017
    risk 0.47cvss 7.2epss 0.04

    IBM General Parallel File System is vulnerable to a buffer overflow. A remote authenticated attacker could overflow a buffer and execute arbitrary code on the system with root privileges or cause the server to crash.

  • CVE-2016-2497HigAug 5, 2016
    risk 0.47cvss 7.3epss 0.01

    services/core/java/com/android/server/pm/PackageManagerService.java in the framework APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows attackers to increase intent-filter priority via a crafted application, aka internal…

  • CVE-2016-1583HigJun 27, 2016
    risk 0.47cvss 7.8epss 0.01

    The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive…

  • CVE-2016-2342HigMar 17, 2016
    risk 0.47cvss 8.1epss 0.12

    The bgp_nlri_parse_vpnv4 function in bgp_mplsvpn.c in the VPNv4 NLRI parser in bgpd in Quagga before 1.0.20160309, when a certain VPNv4 configuration is used, relies on a Labeled-VPN SAFI routes-data length field during a data copy, which allows remote attackers to execute…

  • CVE-2016-1718HigFeb 1, 2016
    risk 0.47cvss 7.3epss 0.00

    The IOAcceleratorFamily2 interface in IOAcceleratorFamily in Apple OS X before 10.11.3 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.

  • CVE-2026-28941HigMay 11, 2026
    risk 0.46cvss 7.1epss 0.00

    The issue was addressed with improved checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, macOS Sequoia 15.7.7, macOS Tahoe 26.5. Processing a maliciously crafted file may lead to a denial-of-service or potentially disclose memory contents.

  • CVE-2026-27890HigApr 17, 2026
    risk 0.46cvss 8.2epss 0.00

    Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, when processing CNCT_specific_data segments during authentication, the server assumes segments arrive in strictly ascending order. If segments arrive out of order, the…