VYPR

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

ClassStableLikelihood: High

Description

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9

CVEs mapped to this weakness (10,979)

page 22 of 549
  • CVE-2018-6948CriFeb 13, 2018
    risk 0.64cvss 9.8epss 0.02

    In CCN-lite 2, the function ccnl_prefix_to_str_detailed can cause a buffer overflow, when writing a prefix to the buffer buf. The maximal size of the prefix is CCNL_MAX_PREFIX_SIZE; the buffer has the size CCNL_MAX_PREFIX_SIZE. However, when NFN is enabled, additional characters…

  • CVE-2018-0487CriFeb 13, 2018
    risk 0.64cvss 9.8epss 0.03

    ARM mbed TLS before 1.3.22, before 2.1.10, and before 2.7.0 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via a crafted certificate chain that is mishandled during RSASSA-PSS signature verification within a TLS or DTLS session.

  • CVE-2017-12471CriFeb 7, 2018
    risk 0.64cvss 9.8epss 0.02

    The cnb_parse_lev function in CCN-lite before 2.00 allows context-dependent attackers to have unspecified impact by leveraging failure to check for out-of-bounds conditions, which triggers an invalid read in the hexdump function.

  • CVE-2017-12469CriFeb 7, 2018
    risk 0.64cvss 9.8epss 0.02

    Buffer overflow in util/ccnl-common.c in CCN-lite before 2.00 allows context-dependent attackers to have unspecified impact by leveraging incorrect memory allocation.

  • CVE-2017-12468CriFeb 7, 2018
    risk 0.64cvss 9.8epss 0.02

    Buffer overflow in ccn-lite-ccnb2xml.c in CCN-lite before 2.00 allows context-dependent attackers to have unspecified impact via vectors involving the vallen and len variables.

  • CVE-2017-12466CriFeb 7, 2018
    risk 0.64cvss 9.8epss 0.02

    CCN-lite before 2.00 allows context-dependent attackers to have unspecified impact via vectors related to ssl_halen when running ccn-lite-sim, which trigger an out-of-bounds access.

  • CVE-2017-17663CriFeb 6, 2018
    risk 0.64cvss 9.8epss 0.02

    The htpasswd implementation of mini_httpd before v1.28 and of thttpd before v2.28 is affected by a buffer overflow that can be exploited remotely to perform code execution.

  • CVE-2018-6537CriFeb 2, 2018
    risk 0.64cvss 9.8epss 0.04

    A buffer overflow vulnerability in the control protocol of Flexense SyncBreeze Enterprise v10.4.18 allows remote attackers to execute arbitrary code by sending a crafted packet to TCP port 9121.

  • CVE-2018-0510CriFeb 1, 2018
    risk 0.64cvss 9.8epss 0.02

    Buffer overflow in epg search result viewer (kkcald) 0.7.19 and earlier allows remote attackers to perform unintended operations or execute DoS (denial of service) attacks via unspecified vectors.

  • CVE-2017-18046CriJan 21, 2018
    risk 0.64cvss 9.8epss 0.05

    Buffer overflow on Dasan GPON ONT WiFi Router H640X 12.02-01121 2.77p1-1124 and 3.03p2-1146 devices allows remote attackers to execute arbitrary code via a long POST request to the login_action function in /cgi-bin/login_action.cgi (aka cgipage.cgi).

  • CVE-2018-5195CriJan 17, 2018
    risk 0.64cvss 9.8epss 0.03

    Hancom NEO versions 9.6.1.5183 and earlier have a buffer Overflow vulnerability that leads remote attackers to execute arbitrary commands when performing the hyperlink Attributes in document.

  • CVE-2017-13208CriJan 12, 2018
    risk 0.64cvss 9.8epss 0.09

    In receive_packet of libnetutils/packet.c, there is a possible out-of-bounds write due to a missing bounds check on the DHCP response. This could lead to remote code execution as a privileged process with no additional execution privileges needed. User interaction is not needed…

  • CVE-2017-13177CriJan 12, 2018
    risk 0.64cvss 9.8epss 0.02

    In several functions of libhevc, NEON registers are not preserved. This could lead to remote code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1,…

  • CVE-2018-0007CriJan 10, 2018
    risk 0.64cvss 9.8epss 0.02

    An unauthenticated network-based attacker able to send a maliciously crafted LLDP packet to the local segment, through a local segment broadcast, may be able to cause a Junos device to enter an improper boundary check condition allowing a memory corruption to occur, leading to a…

  • CVE-2017-17946CriJan 10, 2018
    risk 0.64cvss 9.8epss 0.03

    A buffer overflow in Handy Password 4.9.3 allows remote attackers to execute arbitrary code via a long "Title name" field in "mail box" data that is mishandled in an "Open from mail box" action.

  • CVE-2018-5208CriJan 6, 2018
    risk 0.64cvss 9.8epss 0.02

    In Irssi before 1.0.6, a calculation error in the completion code could cause a heap buffer overflow when completing certain strings.

  • CVE-2017-16724CriJan 5, 2018
    risk 0.64cvss 9.8epss 0.03

    A Stack-based Buffer Overflow issue was discovered in Advantech WebAccess versions prior to 8.3. There are multiple instances of a vulnerability that allows too much data to be written to a location on the stack.

  • CVE-2017-1000437CriJan 2, 2018
    risk 0.64cvss 9.8epss 0.04

    Creolabs Gravity 1.0 contains a stack based buffer overflow in the operator_string_add function, resulting in remote code execution.

  • CVE-2017-17033CriDec 21, 2017
    risk 0.64cvss 9.8epss 0.04

    A buffer overflow vulnerability in password function in QNAP QTS version 4.2.6 build 20171026, 4.3.3.0378 build 20171117, 4.3.4.0387 (Beta 2) build 20171116 and earlier could allow remote attackers to execute arbitrary code on NAS devices.

  • CVE-2017-17032CriDec 21, 2017
    risk 0.64cvss 9.8epss 0.03

    A buffer overflow vulnerability in password function in QNAP QTS version 4.2.6 build 20171026, 4.3.3.0378 build 20171117, 4.3.4.0387 (Beta 2) build 20171116 and earlier could allow remote attackers to execute arbitrary code on NAS devices.