VYPR

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

ClassStableLikelihood: High

Description

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9

CVEs mapped to this weakness (10,979)

page 244 of 549
  • CVE-2025-2924LowMar 28, 2025
    risk 0.21cvss 3.3epss 0.00

    A vulnerability, which was classified as problematic, was found in HDF5 up to 1.14.6. This affects the function H5HL__fl_deserialize of the file src/H5HLcache.c. The manipulation of the argument free_block leads to heap-based buffer overflow. It is possible to launch the attack…

  • CVE-2025-2915LowMar 28, 2025
    risk 0.21cvss 3.3epss 0.00

    A vulnerability classified as problematic was found in HDF5 up to 1.14.6. This vulnerability affects the function H5F__accum_free of the file src/H5Faccum.c. The manipulation of the argument overlap_size leads to heap-based buffer overflow. Attacking locally is a requirement.…

  • CVE-2025-2914LowMar 28, 2025
    risk 0.21cvss 3.3epss 0.00

    A vulnerability classified as problematic has been found in HDF5 up to 1.14.6. This affects the function H5FS__sinfo_Srialize_Sct_cb of the file src/H5FScache.c. The manipulation of the argument sect leads to heap-based buffer overflow. Local access is required to approach this…

  • CVE-2024-23257LowMar 8, 2024
    risk 0.21cvss 3.3epss 0.00

    The issue was addressed with improved memory handling. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5, visionOS 1.1. Processing an image may result in disclosure of process memory.

  • CVE-2017-17321LowMar 9, 2018
    risk 0.21cvss 3.3epss 0.00

    Huawei eNSP software with software of versions earlier than V100R002C00B510 has a buffer overflow vulnerability. Due to the improper validation of specific command line parameter, a local attacker could exploit this vulnerability to cause the software process abnormal.

  • CVE-2017-17293LowFeb 15, 2018
    risk 0.21cvss 3.3epss 0.00

    Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01,…

  • CVE-2026-8556LowMay 14, 2026
    risk 0.20cvss 3.1epss 0.00

    Inappropriate implementation in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-8545LowMay 14, 2026
    risk 0.20cvss 3.1epss 0.00

    Object corruption in Compositing in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)

  • CVE-2025-9019LowAug 15, 2025
    risk 0.20cvss 3.1epss 0.01

    A vulnerability has been found in tcpreplay 4.5.1. This vulnerability affects the function mask_cidr6 of the file cidr.c of the component tcpprep. The manipulation leads to heap-based buffer overflow. The attack can be initiated remotely. The complexity of an attack is rather…

  • CVE-2017-17282LowMar 9, 2018
    risk 0.20cvss 3.1epss 0.00

    SCCP (Signalling Connection Control Part) module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 has a buffer…

  • CVE-2016-0385LowSep 1, 2016
    risk 0.20cvss 3.1epss 0.01

    Buffer overflow in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.43, 8.0 before 8.0.0.13, 8.5 before 8.5.5.10, 9.0 before 9.0.0.1, and Liberty before 16.0.0.3, when HttpSessionIdReuse is enabled, allows remote authenticated users to obtain sensitive information via…

  • CVE-2022-23523MedDec 13, 2022
    risk 0.19cvss 4.0epss 0.00

    In versions prior to 0.8.1, the linux-loader crate uses the offsets and sizes provided in the ELF headers to determine the offsets to read from. If those offsets point beyond the end of the file this could lead to Virtual Machine Monitors using the `linux-loader` crate entering…

  • CVE-2020-15213MedSep 25, 2020
    risk 0.19cvss 4.0epss 0.01

    In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger a denial of service by causing an out of memory allocation in the implementation of segment sum. Since code uses the last element of the tensor holding them to determine the dimensionality…

  • CVE-2016-2870LowJul 2, 2016
    risk 0.18cvss 2.7epss 0.02

    Buffer overflow in the CLI on IBM WebSphere DataPower XC10 appliances 2.1 and 2.5 allows remote authenticated users to cause a denial of service via unspecified vectors.

  • CVE-2024-26149LowFeb 26, 2024
    risk 0.17cvss 3.7epss 0.01

    Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. If an excessively large value is specified as the starting index for an array in `_abi_decode`, it can cause the read position to overflow. This results in the decoding of values outside the intended…

  • CVE-2026-2656LowFeb 18, 2026
    risk 0.16cvss 2.5epss 0.00

    A flaw has been found in ChaiScript up to 6.1.0. This affects the function chaiscript::Type_Info::bare_equal of the file include/chaiscript/dispatchkit/type_info.hpp. This manipulation causes use after free. The attack requires local access. The attack's complexity is rated as…

  • CVE-2026-2655LowFeb 18, 2026
    risk 0.16cvss 2.5epss 0.00

    A vulnerability was detected in ChaiScript up to 6.1.0. The impacted element is the function chaiscript::str_less::operator of the file include/chaiscript/chaiscript_defines.hpp. The manipulation results in use after free. The attack requires a local approach. The attack…

  • CVE-2016-9581LowAug 1, 2018
    risk 0.15cvss 3.3epss 0.02

    An infinite loop vulnerability in tiftoimage that results in heap buffer overflow in convert_32s_C1P1 was found in openjpeg 2.1.2.

  • CVE-2026-10528LowJun 2, 2026
    risk 0.14cvss 3.3epss 0.00

    A security flaw has been discovered in Orthanc DICOM Server up to 1.12.11. This issue affects the function DcmItem::read of the file OrthancFramework/Sources/DicomParsing/FromDcmtkBridge.cpp of the component DCMTK Parser. Performing a manipulation results in stack-based buffer…

  • CVE-2026-10267LowJun 1, 2026
    risk 0.14cvss 3.3epss 0.00

    A security flaw has been discovered in janet-lang janet up to 1.41.0. This affects the function doframe of the file src/core/debug.c. Performing a manipulation results in out-of-bounds read. Attacking locally is a requirement. The exploit has been released to the public and may…