VYPR

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

ClassStableLikelihood: High

Description

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9

CVEs mapped to this weakness (10,979)

page 211 of 549
  • CVE-2017-2316MedApr 24, 2017
    risk 0.42cvss 6.5epss 0.00

    A buffer overflow vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an authenticated malicious user to cause a buffer overflow leading to a denial of service.

  • CVE-2015-1522HigApr 24, 2017
    risk 0.42cvss 7.5epss 0.02

    analyzer/protocol/dnp3/DNP3.cc in Bro before 2.3.2 does not reject certain non-zero values of a packet length, which allows remote attackers to cause a denial of service (buffer overflow or buffer over-read) via a crafted DNP3 packet.

  • CVE-2015-1521HigApr 24, 2017
    risk 0.42cvss 7.5epss 0.02

    analyzer/protocol/dnp3/DNP3.cc in Bro before 2.3.2 does not properly handle zero values of a packet length, which allows remote attackers to cause a denial of service (buffer overflow or buffer over-read if NDEBUG; otherwise assertion failure) via a crafted DNP3 packet.

  • CVE-2016-8802MedApr 2, 2017
    risk 0.42cvss 6.5epss 0.01

    The security policy processing module in Huawei Secospace USG6300 with software V500R001C20SPC100, V500R001C20SPC101, V500R001C20SPC200; Secospace USG6500 with software V500R001C20SPC100, V500R001C20SPC101, V500R001C20SPC200; Secospace USG6600 with software V500R001C20SPC100,…

  • CVE-2017-6209MedMar 15, 2017
    risk 0.42cvss 6.5epss 0.00

    Stack-based buffer overflow in the parse_identifier function in tgsi_text.c in the TGSI auxiliary module in the Gallium driver in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (out-of-bounds array access and QEMU process crash) via vectors…

  • CVE-2015-4409MedMar 13, 2017
    risk 0.42cvss 6.5epss 0.01

    Buffer overflow on Hikvision NVR DS-76xxNI-E1/2 and DS-77xxxNI-E4 devices before 3.4.0 allows remote authenticated users to cause a denial of service (service interruption) via a crafted HTTP request, aka the SDK issue.

  • CVE-2015-4408MedMar 13, 2017
    risk 0.42cvss 6.5epss 0.01

    Buffer overflow on Hikvision NVR DS-76xxNI-E1/2 and DS-77xxxNI-E4 devices before 3.4.0 allows remote authenticated users to cause a denial of service (service interruption) via a crafted HTTP request, aka the ISAPI issue.

  • CVE-2015-4407MedMar 13, 2017
    risk 0.42cvss 6.5epss 0.01

    Buffer overflow on Hikvision NVR DS-76xxNI-E1/2 and DS-77xxxNI-E4 devices before 3.4.0 allows remote authenticated users to cause a denial of service (service interruption) via a crafted HTTP request, aka the PSIA issue.

  • CVE-2016-8971MedMar 7, 2017
    risk 0.42cvss 6.5epss 0.01

    IBM WebSphere MQ 8.0 could allow an authenticated user with queue manager permissions to cause a segmentation fault which would result in the box having to be rebooted to resume normal operations. IBM Reference #: 1998663.

  • CVE-2016-10067HigMar 2, 2017
    risk 0.42cvss 7.5epss 0.03

    magick/memory.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via vectors involving "too many exceptions," which trigger a buffer overflow.

  • CVE-2016-10207HigFeb 28, 2017
    risk 0.42cvss 7.5epss 0.03

    The Xvnc server in TigerVNC allows remote attackers to cause a denial of service (invalid memory access and crash) by terminating a TLS handshake early.

  • CVE-2016-5321MedJan 20, 2017
    risk 0.42cvss 6.5epss 0.03

    The DumpModeDecode function in libtiff 4.0.6 and earlier allows attackers to cause a denial of service (invalid read and crash) via a crafted tiff image.

  • CVE-2016-5317MedJan 20, 2017
    risk 0.42cvss 6.5epss 0.02

    Buffer overflow in the PixarLogDecode function in libtiff.so in the PixarLogDecode function in libtiff 4.0.6 and earlier, as used in GNOME nautilus, allows attackers to cause a denial of service attack (crash) via a crafted TIFF file.

  • CVE-2016-9846MedDec 29, 2016
    risk 0.42cvss 6.5epss 0.00

    QEMU (aka Quick Emulator) built with the Virtio GPU Device emulator support is vulnerable to a memory leakage issue. It could occur while updating the cursor data in update_cursor_data_virgl. A guest user/process could use this flaw to leak host memory bytes, resulting in DoS…

  • CVE-2016-9632MedDec 12, 2016
    risk 0.42cvss 6.5epss 0.02

    An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (global buffer overflow and crash) via a crafted HTML page.

  • CVE-2016-9630MedDec 12, 2016
    risk 0.42cvss 6.5epss 0.02

    An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (global buffer overflow and crash) via a crafted HTML page.

  • CVE-2016-9627MedDec 12, 2016
    risk 0.42cvss 6.5epss 0.03

    An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (heap buffer overflow and crash) via a crafted HTML page.

  • CVE-2016-9626MedDec 12, 2016
    risk 0.42cvss 6.5epss 0.02

    An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page.

  • CVE-2016-9625MedDec 12, 2016
    risk 0.42cvss 6.5epss 0.02

    An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page.

  • CVE-2016-9442MedDec 12, 2016
    risk 0.42cvss 6.5epss 0.02

    An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause memory corruption in certain conditions via a crafted HTML page.