VYPR

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

ClassStableLikelihood: High

Description

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9

CVEs mapped to this weakness (10,979)

page 197 of 549
  • CVE-2025-31219HigMay 12, 2025
    risk 0.46cvss 7.1epss 0.01

    The issue was addressed with improved memory handling. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7, macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6, tvOS 18.5, visionOS 2.5, watchOS 11.5. An attacker may be able to cause unexpected system…

  • CVE-2024-36129HigJun 5, 2024
    risk 0.46cvss 8.2epss 0.01

    The OpenTelemetry Collector offers a vendor-agnostic implementation on how to receive, process and export telemetry data. An unsafe decompression vulnerability allows unauthenticated attackers to crash the collector via excessive memory consumption. OTel Collector version…

  • CVE-2024-27791HigApr 24, 2024
    risk 0.46cvss 7.1epss 0.00

    The issue was addressed with improved checks. This issue is fixed in iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3, macOS Monterey 12.7.3, macOS Sonoma 14.3, macOS Ventura 13.6.4, tvOS 17.3. An app may be able to corrupt coprocessor memory.

  • CVE-2020-36441HigAug 8, 2021
    risk 0.46cvss 8.1epss 0.01

    An issue was discovered in the abox crate before 0.4.1 for Rust. It implements Send and Sync for AtomicBox with no requirement for T: Send and T: Sync.

  • CVE-2020-36440HigAug 8, 2021
    risk 0.46cvss 8.1epss 0.01

    An issue was discovered in the libsbc crate before 0.1.5 for Rust. For Decoder, it implements Send for any R: Read.

  • CVE-2020-36439HigAug 8, 2021
    risk 0.46cvss 8.1epss 0.01

    An issue was discovered in the ticketed_lock crate before 0.3.0 for Rust. There are unconditional implementations of Send for ReadTicket and WriteTicket.

  • CVE-2020-36438HigAug 8, 2021
    risk 0.46cvss 8.1epss 0.01

    An issue was discovered in the tiny_future crate before 0.4.0 for Rust. Future does not have bounds on its Send and Sync traits.

  • CVE-2020-36437HigAug 8, 2021
    risk 0.46cvss 8.1epss 0.01

    An issue was discovered in the conqueue crate before 0.4.0 for Rust. There are unconditional implementations of Send and Sync for QueueSender.

  • CVE-2020-36436HigAug 8, 2021
    risk 0.46cvss 8.1epss 0.01

    An issue was discovered in the unicycle crate before 0.7.1 for Rust. PinSlab and Unordered<T, S> do not have bounds on their Send and Sync traits.

  • CVE-2020-36435HigAug 8, 2021
    risk 0.46cvss 8.1epss 0.01

    An issue was discovered in the ruspiro-singleton crate before 0.4.1 for Rust. In Singleton, Send and Sync do not have bounds checks.

  • CVE-2020-1073HigJun 9, 2020
    risk 0.46cvss 8.1epss 0.09

    A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'.

  • CVE-2018-10055HigApr 24, 2019
    risk 0.46cvss 8.1epss 0.00

    Invalid memory access and/or a heap buffer overflow in the TensorFlow XLA compiler in Google TensorFlow before 1.7.1 could cause a crash or read from other parts of process memory via a crafted configuration file.

  • CVE-2018-5905HigSep 19, 2018
    risk 0.46cvss 7.0epss 0.00

    In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, a race condition while accessing num of clients in DIAG services can lead to out of boundary access.

  • CVE-2018-16664HigSep 7, 2018
    risk 0.46cvss 7.0epss 0.00

    An issue was discovered in Contiki-NG through 4.1. There is a buffer overflow in lvm_set_type in os/storage/antelope/lvm.c while parsing AQL (lvm_set_op, lvm_set_relation, lvm_set_operand).

  • CVE-2017-7467HigJul 11, 2018
    risk 0.46cvss 7.0epss 0.03

    A buffer overflow flaw was found in the way minicom before version 2.7.1 handled VT100 escape sequences. A malicious terminal device could potentially use this flaw to crash minicom, or execute arbitrary code in the context of the minicom process.

  • CVE-2018-5718HigJun 12, 2018
    risk 0.46cvss 7.1epss 0.00

    Improper restriction of write operations within the bounds of a memory buffer in snscore.sys in SoftControl/SafenSoft SysWatch, SoftControl/SafenSoft TPSecure, SoftControl/SafenSoft Enterprise Suite before version 4.4.1 allows local users to cause a denial of service (BSOD) or…

  • CVE-2018-8061HigMay 10, 2018
    risk 0.46cvss 7.1epss 0.00

    HWiNFO AMD64 Kernel driver version 8.98 and lower allows an unprivileged user to send IOCTL 0x85FE2608 to the device driver with the HWiNFO32 symbolic device name, resulting in direct physical memory read or write.

  • CVE-2017-14450HigApr 24, 2018
    risk 0.46cvss 7.1epss 0.02

    A buffer overflow vulnerability exists in the GIF image parsing functionality of SDL2_image-2.0.2. A specially crafted GIF image can lead to a buffer overflow on a global section. An attacker can display an image to trigger this vulnerability.

  • CVE-2017-13850HigApr 3, 2018
    risk 0.46cvss 7.1epss 0.01

    An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Font Importer" component. It allows remote attackers to cause a denial of service (memory corruption) or obtain sensitive information from process memory via a crafted…

  • CVE-2017-15834HigMar 16, 2018
    risk 0.46cvss 7.0epss 0.00

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, race condition in diag_dbgfs_read_dcistats(), while accessing diag_dbgfs_dci_data_index, causes potential heap overflow.