VYPR

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

ClassStableLikelihood: High

Description

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9

CVEs mapped to this weakness (10,979)

page 2 of 549
  • CVE-2018-9059CriApr 20, 2018
    risk 0.73cvss 9.8epss 0.77

    Stack-based buffer overflow in Easy File Sharing (EFS) Web Server 7.2 allows remote attackers to execute arbitrary code via a malicious login request to forum.ghp. NOTE: this may overlap CVE-2014-3791.

  • CVE-2017-13696CriJan 24, 2018
    risk 0.73cvss 9.8epss 0.80

    A buffer overflow vulnerability lies in the web server component of Dup Scout Enterprise 9.9.14, Disk Savvy Enterprise 9.9.14, Sync Breeze Enterprise 9.9.16, and Disk Pulse Enterprise 9.9.16 where an attacker can craft a malicious GET request and exploit the web server…

  • CVE-2017-1000253HigKEVOct 5, 2017
    risk 0.73cvss 7.8epss 0.11

    Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86…

  • CVE-2017-14493CriOct 3, 2017
    risk 0.73cvss 9.8epss 0.84

    Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request.

  • CVE-2017-6737HigKEVJul 17, 2017
    risk 0.73cvss 8.8epss 0.43

    A vulnerability in the SNMP implementation of could allow an authenticated, remote attacker to cause a reload of the affected system or to remotely execute code. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the affected device. …

  • CVE-2016-1287CriFeb 11, 2016
    risk 0.73cvss 9.8epss 0.77

    Buffer overflow in the IKEv1 and IKEv2 implementations in Cisco ASA Software before 8.4(7.30), 8.7 before 8.7(1.18), 9.0 before 9.0(4.38), 9.1 before 9.1(7), 9.2 before 9.2(4.5), 9.3 before 9.3(3.7), 9.4 before 9.4(2.4), and 9.5 before 9.5(2.2) on ASA 5500 devices, ASA 5500-X…

  • CVE-2018-10594CriJun 26, 2018
    risk 0.72cvss 9.8epss 0.69

    Delta Industrial Automation COMMGR from Delta Electronics versions 1.08 and prior with accompanying PLC Simulators (DVPSimulator EH2, EH3, ES2, SE, SS2 and AHSIM_5x0, AHSIM_5x1) utilize a fixed-length stack buffer where an unverified length value can be read from the network…

  • CVE-2018-7573CriMar 1, 2018
    risk 0.72cvss 9.8epss 0.70

    An issue was discovered in FTPShell Client 6.7. A remote FTP server can send 400 characters of 'F' in conjunction with the FTP 220 response code to crash the application; after this overflow, one can run arbitrary code on the victim machine. This is similar to CVE-2009-3364 and…

  • CVE-2016-7201HigKEVNov 10, 2016
    risk 0.72cvss 8.8epss 0.80

    The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than…

  • CVE-2016-7200HigKEVNov 10, 2016
    risk 0.72cvss 8.8epss 0.82

    The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than…

  • CVE-2015-2546HigKEVSep 9, 2015
    risk 0.72cvss 8.2epss 0.11

    The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted application, aka "Win32k…

  • CVE-2017-17932CriDec 28, 2017
    risk 0.71cvss 9.8epss 0.53

    A buffer overflow vulnerability exists in MediaServer.exe in ALLPlayer ALLMediaServer 0.95 and earlier that could allow remote attackers to execute arbitrary code and/or cause denial of service on the victim machine/computer via a long string to TCP port 888.

  • CVE-2017-6742HigKEVJul 17, 2017
    risk 0.71cvss 8.8epss 0.21

    A vulnerability in the SNMP implementation of could allow an authenticated, remote attacker to cause a reload of the affected system or to remotely execute code. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the affected device. …

  • CVE-2017-6465CriMar 10, 2017
    risk 0.71cvss 9.8epss 0.50

    Remote Code Execution was discovered in FTPShell Client 6.53. By default, the client sends a PWD command to the FTP server it is connecting to; however, it doesn't check the response's length, leading to a buffer overflow situation.

  • CVE-2016-6909CriAug 24, 2016
    risk 0.71cvss 9.8epss 0.50

    Buffer overflow in the Cookie parser in Fortinet FortiOS 4.x before 4.1.11, 4.2.x before 4.2.13, and 4.3.x before 4.3.9 and FortiSwitch before 3.4.3 allows remote attackers to execute arbitrary code via a crafted HTTP request, aka EGREGIOUSBLUNDER.

  • CVE-2016-2345CriMar 17, 2016
    risk 0.71cvss 9.8epss 0.51

    Stack-based buffer overflow in dwrcs.exe in the dwmrcs daemon in SolarWinds DameWare Mini Remote Control 12.0 allows remote attackers to execute arbitrary code via a crafted string.

  • CVE-2014-8439HigKEVNov 25, 2014
    risk 0.71cvss 8.8epss 0.20

    Adobe Flash Player before 13.0.0.258 and 14.x and 15.x before 15.0.0.239 on Windows and OS X and before 11.2.202.424 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allow attackers to execute arbitrary code…

  • CVE-2018-15839CriAug 28, 2018
    risk 0.70cvss 9.8epss 0.45

    D-Link DIR-615 devices have a buffer overflow via a long Authorization HTTP header.

  • CVE-2018-10088CriJun 8, 2018
    risk 0.70cvss 9.8epss 0.40

    Buffer overflow in XiongMai uc-httpd 1.0.0 has unspecified impact and attack vectors, a different vulnerability than CVE-2017-16725.

  • CVE-2017-17968CriDec 29, 2017
    risk 0.70cvss 9.8epss 0.39

    A buffer overflow vulnerability in NetTransport.exe in NetTransport Download Manager 2.96L and earlier could allow remote HTTP servers to execute arbitrary code on NAS devices via a long HTTP response.