VYPR

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

ClassStableLikelihood: High

Description

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9

CVEs mapped to this weakness (10,979)

page 198 of 549
  • CVE-2017-11082HigMar 16, 2018
    risk 0.46cvss 7.0epss 0.00

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, due to a race condition in a firmware loading routine, a buffer overflow could potentially occur if multiple user space threads try to update the WLAN firmware file…

  • CVE-2016-5345HigJan 23, 2018
    risk 0.46cvss 7.0epss 0.00

    Buffer overflow in the Qualcomm radio driver in Android before 2017-01-05 on Android One devices allows local users to gain privileges via a crafted application, aka Android internal bug 32639452 and Qualcomm internal bug CR1079713.

  • CVE-2014-7221MedJan 8, 2018
    risk 0.46cvss 6.5epss 0.11

    TeamSpeak Client 3.0.14 and earlier allows remote authenticated users to cause a denial of service (buffer overflow and application crash) by connecting to a channel with a different client instance, and placing crafted data in the Chat/Server tab containing [img]//http://…

  • CVE-2017-9718HigDec 5, 2017
    risk 0.46cvss 7.0epss 0.00

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a race condition in a multimedia driver can potentially lead to a buffer overwrite.

  • CVE-2017-11049HigDec 5, 2017
    risk 0.46cvss 7.0epss 0.00

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a video driver, a race condition exists which can potentially lead to a buffer overflow.

  • CVE-2017-13820HigNov 13, 2017
    risk 0.46cvss 7.1epss 0.01

    An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "ATS" component. It allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a crafted font.

  • CVE-2015-4422HigOct 19, 2017
    risk 0.46cvss 7.0epss 0.01

    The TEEOS module in Huawei Mate 7 (Mate7-TL10) smartphones before V100R001CHNC00B126SP03 allows local users with root permissions to gain privileges or cause a denial of service (memory corruption) via a crafted application.

  • CVE-2017-14088HigOct 6, 2017
    risk 0.46cvss 7.0epss 0.01

    Memory Corruption Privilege Escalation vulnerabilities in Trend Micro OfficeScan 11.0 and XG allows local attackers to execute arbitrary code and escalate privileges to resources normally reserved for the kernel on vulnerable installations by exploiting tmwfp.sys. An attacker…

  • CVE-2017-8280HigSep 21, 2017
    risk 0.46cvss 7.0epss 0.00

    In all Qualcomm products with Android releases from CAF using the Linux kernel, during the wlan calibration data store and retrieve operation, there are some potential race conditions which lead to a memory leak and a buffer overflow during the context switch.

  • CVE-2017-8675HigSep 13, 2017
    risk 0.46cvss 7.0epss 0.02

    The Windows Kernel-Mode Drivers component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability…

  • CVE-2015-7896MedAug 24, 2017
    risk 0.46cvss 6.5epss 0.07

    LibQJpeg in the Samsung Galaxy S6 before the October 2015 MR allows remote attackers to cause a denial of service (memory corruption and SIGSEGV) via a crafted image file.

  • CVE-2015-0576HigAug 18, 2017
    risk 0.46cvss 7.0epss 0.01

    In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in HSDPA.

  • CVE-2017-11552MedAug 1, 2017
    risk 0.46cvss 6.5epss 0.07

    mpg321.c in mpg321 0.3.2-1 does not properly manage memory for use with libmad 0.15.1b, which allows remote attackers to cause a denial of service (memory corruption seen in a crash in the mad_decoder_run function in decoder.c in libmad) via a crafted MP3 file.

  • CVE-2017-10602HigJul 17, 2017
    risk 0.46cvss 7.0epss 0.00

    A buffer overflow vulnerability in Junos OS CLI may allow a local authenticated user with read only privileges and access to Junos CLI, to execute code with root privileges. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D46 on EX2200/VC,…

  • CVE-2017-1105HigJun 27, 2017
    risk 0.46cvss 7.1epss 0.00

    IBM DB2 for Linux, UNIX and Windows 9.2, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) is vulnerable to a buffer overflow that could allow a local user to overwrite DB2 files or cause a denial of service. IBM X-Force ID: 120668.

  • CVE-2017-1000376HigJun 19, 2017
    risk 0.46cvss 7.0epss 0.01

    libffi requests an executable stack allowing attackers to more easily trigger arbitrary code execution by overwriting the stack. Please note that libffi is used by a number of other libraries. It was previously stated that this affects libffi version 3.2.1 but this appears to be…

  • CVE-2017-7372HigJun 13, 2017
    risk 0.46cvss 7.0epss 0.00

    In all Android releases from CAF using the Linux kernel, a race condition exists in a video driver potentially leading to buffer overflow or write to arbitrary pointer location.

  • CVE-2017-9127MedJun 12, 2017
    risk 0.46cvss 6.5epss 0.05

    The quicktime_user_atoms_read_atom function in useratoms.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) via a crafted mp4 file.

  • CVE-2017-9126MedJun 12, 2017
    risk 0.46cvss 6.5epss 0.04

    The quicktime_read_dref_table function in dref.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) via a crafted mp4 file.

  • CVE-2017-7477HigApr 25, 2017
    risk 0.46cvss 7.0epss 0.00

    Heap-based buffer overflow in drivers/net/macsec.c in the MACsec module in the Linux kernel through 4.10.12 allows attackers to cause a denial of service or possibly have unspecified other impact by leveraging the use of a MAX_SKB_FRAGS+1 size in conjunction with the…