VYPR

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

ClassStableLikelihood: High

Description

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9

CVEs mapped to this weakness (10,979)

page 241 of 549
  • CVE-2016-1758LowMar 24, 2016
    risk 0.22cvss 3.3epss 0.01

    The kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to obtain sensitive memory-layout information or cause a denial of service (out-of-bounds read) via a crafted app.

  • CVE-2026-8780MedMay 18, 2026
    risk 0.21cvss 4.3epss 0.00

    A vulnerability was identified in omec-project amf up to 2.1.3-dev. The affected element is an unknown function of the file ngap/dispatcher.go of the component NGAP Message Handler. The manipulation leads to memory corruption. The attack may be initiated remotely. The exploit is…

  • CVE-2026-8779MedMay 18, 2026
    risk 0.21cvss 4.3epss 0.00

    A vulnerability was determined in omec-project amf up to 2.1.3-dev. Impacted is the function NGSetupRequest of the file ngap/handler.go. Executing a manipulation of the argument InformationElement can lead to memory corruption. The attack can be launched remotely. The exploit…

  • CVE-2026-8349MedMay 12, 2026
    risk 0.21cvss 4.3epss 0.00

    A flaw has been found in omec-project amf up to 2.1.1. This vulnerability affects unknown code of the component NGAP Message Handler. Executing a manipulation can lead to memory corruption. The attack can be launched remotely. The exploit has been published and may be used. This…

  • CVE-2026-7233LowApr 28, 2026
    risk 0.21cvss 3.3epss 0.00

    A vulnerability was determined in Artifex MuPDF up to 1.28.0. The impacted element is the function fz_subset_cff_for_gids of the file subset-cff.c of the component CFF Index Handler. This manipulation causes out-of-bounds read. The attack can only be executed locally. The…

  • CVE-2026-5318MedApr 2, 2026
    risk 0.21cvss 4.3epss 0.01

    A weakness has been identified in LibRaw up to 0.22.0. This impacts the function HuffTable::initval of the file src/decompressors/losslessjpeg.cpp of the component JPEG DHT Parser. This manipulation of the argument bits[] causes out-of-bounds write. It is possible to initiate…

  • CVE-2026-4012LowMar 12, 2026
    risk 0.21cvss 3.3epss 0.00

    A vulnerability was determined in rxi fe up to ed4cda96bd582cbb08520964ba627efb40f3dd91. The impacted element is the function read_ of the file src/fe.c. This manipulation with the input 1 causes out-of-bounds read. The attack requires local access. The exploit has been publicly…

  • CVE-2026-4010LowMar 12, 2026
    risk 0.21cvss 3.3epss 0.00

    A vulnerability was found in ThakeeNathees pocketlang up to cc73ca61b113d48ee130d837a7a8b145e41de5ce. The affected element is the function pkByteBufferAddString. The manipulation of the argument length with the input 4294967290 results in memory corruption. The attack requires a…

  • CVE-2026-4009LowMar 12, 2026
    risk 0.21cvss 3.3epss 0.00

    A vulnerability has been found in jarikomppa soloud up to 20200207. Impacted is the function drwav_read_pcm_frames_s16__msadpcm in the library src/audiosource/wav/dr_wav.h of the component WAV File Parser. The manipulation leads to out-of-bounds read. The attack needs to be…

  • CVE-2026-3950LowMar 11, 2026
    risk 0.21cvss 3.3epss 0.00

    A vulnerability was identified in strukturag libheif up to 1.21.2. This impacts the function Track::load of the file libheif/sequences/track.cc of the component stsz/stts. The manipulation leads to out-of-bounds read. The attack needs to be performed locally. The exploit is…

  • CVE-2026-3949LowMar 11, 2026
    risk 0.21cvss 3.3epss 0.00

    A vulnerability was determined in strukturag libheif up to 1.21.2. This affects the function vvdec_push_data2 of the file libheif/plugins/decoder_vvdec.cc of the component HEIF File Parser. Executing a manipulation of the argument size can lead to out-of-bounds read. The attack…

  • CVE-2026-3664LowMar 7, 2026
    risk 0.21cvss 3.3epss 0.00

    A vulnerability was determined in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::compound_document::read_directory of the file source/detail/cryptography/compound_document.cpp of the component Encrypted XLSX File Parser. Executing a manipulation can lead…

  • CVE-2026-3663LowMar 7, 2026
    risk 0.21cvss 3.3epss 0.00

    A vulnerability was found in xlnt-community xlnt up to 1.6.1. This issue affects the function xlnt::detail::compound_document_istreambuf::xsgetn of the file source/detail/cryptography/compound_document.cpp of the component XLSX File Parser. Performing a manipulation results in…

  • CVE-2026-3606LowMar 5, 2026
    risk 0.21cvss 3.3epss 0.00

    A vulnerability has been found in Ettercap 0.8.4-Garofalo. Affected by this vulnerability is the function add_data_segment of the file src/ettercap/utils/etterfilter/ef_output.c of the component etterfilter. The manipulation leads to out-of-bounds read. Local access is required…

  • CVE-2026-3463LowMar 3, 2026
    risk 0.21cvss 3.3epss 0.00

    A weakness has been identified in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::binary_writer::append of the file source/detail/binary.hpp of the component Compound Document Parser. This manipulation causes heap-based buffer overflow. The attack can…

  • CVE-2026-3407LowMar 2, 2026
    risk 0.21cvss 3.3epss 0.00

    A vulnerability was determined in YosysHQ yosys up to 0.62. This affects the function Yosys::RTLIL::Const::set of the file kernel/rtlil.h of the component BLIF File Parser. This manipulation causes heap-based buffer overflow. It is possible to launch the attack on the local…

  • CVE-2026-3394LowMar 1, 2026
    risk 0.21cvss 3.3epss 0.00

    A vulnerability was detected in jarikomppa soloud up to 20200207. This affects the function SoLoud::Wav::loadwav of the file src/audiosource/wav/soloud_wav.cpp of the component WAV File Parser. Performing a manipulation results in memory corruption. The attack must be initiated…

  • CVE-2026-3393LowMar 1, 2026
    risk 0.21cvss 3.3epss 0.00

    A security vulnerability has been detected in jarikomppa soloud up to 20200207. The impacted element is the function SoLoud::Wav::loadflac of the file src/audiosource/wav/soloud_wav.cpp of the component Audio File Handler. Such manipulation leads to heap-based buffer overflow.…

  • CVE-2026-3391LowMar 1, 2026
    risk 0.21cvss 3.3epss 0.00

    A security flaw has been discovered in FascinatedBox lily up to 2.3. Impacted is the function clear_storages of the file src/lily_emitter.c. The manipulation results in out-of-bounds read. The attack is only possible with local access. The exploit has been released to the public…

  • CVE-2026-3390LowMar 1, 2026
    risk 0.21cvss 3.3epss 0.00

    A vulnerability was identified in FascinatedBox lily up to 2.3. This issue affects the function patch_line_end of the file src/lily_build_error.c of the component Error Reporting. The manipulation leads to out-of-bounds read. The attack can only be performed from a local…