CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Description
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9
CVEs mapped to this weakness (12,280)
page 274 of 614| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-22716 | Med | 0.36 | 5.5 | 0.05 | Feb 9, 2022 | Microsoft Excel Information Disclosure Vulnerability | ||
| CVE-2021-44992 | Med | 0.36 | 5.5 | 0.01 | Jan 25, 2022 | There is an Assertion ''ecma_object_is_typedarray (obj_p)'' failed at /jerry-core/ecma/operations/ecma-typedarray-object.c in Jerryscript 3.0.0. | ||
| CVE-2021-46333 | Med | 0.36 | 5.5 | 0.01 | Jan 20, 2022 | Moddable SDK v11.5.0 was discovered to contain an invalid memory access vulnerability via the component __asan_memmove. | ||
| CVE-2021-45767 | Med | 0.36 | 5.5 | 0.01 | Jan 14, 2022 | GPAC 1.1.0 was discovered to contain an invalid memory address dereference via the function lsr_read_id(). This vulnerability can lead to a Denial of Service (DoS). | ||
| CVE-2021-45764 | Med | 0.36 | 5.5 | 0.01 | Jan 14, 2022 | GPAC v1.1.0 was discovered to contain an invalid memory address dereference via the function shift_chunk_offsets.isra(). | ||
| CVE-2021-45067 | Med | 0.36 | 5.5 | 0.04 | Jan 14, 2022 | Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Access of Memory Location After End of Buffer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this… | ||
| CVE-2021-44712 | Med | 0.36 | 5.5 | 0.02 | Jan 14, 2022 | Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Access of Memory Location After End of Buffer vulnerability that could lead to application denial-of-service. Exploitation of this issue requires… | ||
| CVE-2021-39633 | Med | 0.36 | 5.5 | 0.00 | Jan 14, 2022 | In gre_handle_offloads of ip_gre.c, there is a possible page fault due to an invalid memory access. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android… | ||
| CVE-2021-45762 | Med | 0.36 | 5.5 | 0.01 | Jan 14, 2022 | GPAC v1.1.0 was discovered to contain an invalid memory address dereference via the function gf_sg_vrml_mf_reset(). This vulnerability allows attackers to cause a Denial of Service (DoS). | ||
| CVE-2021-45760 | Med | 0.36 | 5.5 | 0.01 | Jan 14, 2022 | GPAC v1.1.0 was discovered to contain an invalid memory address dereference via the function gf_list_last(). This vulnerability allows attackers to cause a Denial of Service (DoS). | ||
| CVE-2021-46053 | Med | 0.36 | 5.5 | 0.01 | Jan 10, 2022 | A Denial of Service vulnerability exists in Binaryen 103. The program terminates with signal SIGKILL. | ||
| CVE-2021-44920 | Med | 0.36 | 5.5 | 0.01 | Dec 21, 2021 | An invalid memory address dereference vulnerability exists in gpac 1.1.0 in the dump_od_to_saf.isra function, which causes a segmentation fault and application crash. | ||
| CVE-2021-45293 | Med | 0.36 | 5.5 | 0.01 | Dec 21, 2021 | A Denial of Service vulnerability exists in Binaryen 103 due to an Invalid memory address dereference in wasm::WasmBinaryBuilder::visitLet. | ||
| CVE-2021-26336 | Med | 0.36 | 5.5 | 0.00 | Nov 16, 2021 | Insufficient bounds checking in System Management Unit (SMU) may cause invalid memory accesses/updates that could result in SMU hang and subsequent failure to service any further requests from other components. | ||
| CVE-2021-36077 | Med | 0.36 | 5.5 | 0.02 | Sep 1, 2021 | Adobe Bridge version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious SVG file, potentially resulting in local application denial of service in the context of the current user. User interaction is required to exploit… | ||
| CVE-2021-3605 | Med | 0.36 | 5.5 | 0.01 | Aug 25, 2021 | There's a flaw in OpenEXR's rleUncompress functionality in versions prior to 3.0.5. An attacker who is able to submit a crafted file to an application linked with OpenEXR could cause an out-of-bounds read. The greatest risk from this flaw is to application availability. | ||
| CVE-2021-3598 | Med | 0.36 | 5.5 | 0.00 | Jul 6, 2021 | There's a flaw in OpenEXR's ImfDeepScanLineInputFile functionality in versions prior to 3.0.5. An attacker who is able to submit a crafted file to an application linked with OpenEXR could cause an out-of-bounds read. The greatest risk from this flaw is to application… | ||
| CVE-2021-20284 | Med | 0.36 | 5.5 | 0.01 | Mar 26, 2021 | A flaw was found in GNU Binutils 2.35.1, where there is a heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c due to the number of symbols not calculated correctly. The highest threat from this vulnerability is to system availability. | ||
| CVE-2020-35522 | Med | 0.36 | 5.5 | 0.02 | Mar 9, 2021 | In LibTIFF, there is a memory malloc failure in tif_pixarlog.c. A crafted TIFF document can lead to an abort, resulting in a remote denial of service attack. | ||
| CVE-2020-35521 | Med | 0.36 | 5.5 | 0.01 | Mar 9, 2021 | A flaw was found in libtiff. Due to a memory allocation failure in tif_read.c, a crafted TIFF file can lead to an abort, resulting in denial of service. |
- risk 0.36cvss 5.5epss 0.05
Microsoft Excel Information Disclosure Vulnerability
- risk 0.36cvss 5.5epss 0.01
There is an Assertion ''ecma_object_is_typedarray (obj_p)'' failed at /jerry-core/ecma/operations/ecma-typedarray-object.c in Jerryscript 3.0.0.
- risk 0.36cvss 5.5epss 0.01
Moddable SDK v11.5.0 was discovered to contain an invalid memory access vulnerability via the component __asan_memmove.
- risk 0.36cvss 5.5epss 0.01
GPAC 1.1.0 was discovered to contain an invalid memory address dereference via the function lsr_read_id(). This vulnerability can lead to a Denial of Service (DoS).
- risk 0.36cvss 5.5epss 0.01
GPAC v1.1.0 was discovered to contain an invalid memory address dereference via the function shift_chunk_offsets.isra().
- risk 0.36cvss 5.5epss 0.04
Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Access of Memory Location After End of Buffer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this…
- risk 0.36cvss 5.5epss 0.02
Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Access of Memory Location After End of Buffer vulnerability that could lead to application denial-of-service. Exploitation of this issue requires…
- risk 0.36cvss 5.5epss 0.00
In gre_handle_offloads of ip_gre.c, there is a possible page fault due to an invalid memory access. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…
- risk 0.36cvss 5.5epss 0.01
GPAC v1.1.0 was discovered to contain an invalid memory address dereference via the function gf_sg_vrml_mf_reset(). This vulnerability allows attackers to cause a Denial of Service (DoS).
- risk 0.36cvss 5.5epss 0.01
GPAC v1.1.0 was discovered to contain an invalid memory address dereference via the function gf_list_last(). This vulnerability allows attackers to cause a Denial of Service (DoS).
- risk 0.36cvss 5.5epss 0.01
A Denial of Service vulnerability exists in Binaryen 103. The program terminates with signal SIGKILL.
- risk 0.36cvss 5.5epss 0.01
An invalid memory address dereference vulnerability exists in gpac 1.1.0 in the dump_od_to_saf.isra function, which causes a segmentation fault and application crash.
- risk 0.36cvss 5.5epss 0.01
A Denial of Service vulnerability exists in Binaryen 103 due to an Invalid memory address dereference in wasm::WasmBinaryBuilder::visitLet.
- risk 0.36cvss 5.5epss 0.00
Insufficient bounds checking in System Management Unit (SMU) may cause invalid memory accesses/updates that could result in SMU hang and subsequent failure to service any further requests from other components.
- risk 0.36cvss 5.5epss 0.02
Adobe Bridge version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious SVG file, potentially resulting in local application denial of service in the context of the current user. User interaction is required to exploit…
- risk 0.36cvss 5.5epss 0.01
There's a flaw in OpenEXR's rleUncompress functionality in versions prior to 3.0.5. An attacker who is able to submit a crafted file to an application linked with OpenEXR could cause an out-of-bounds read. The greatest risk from this flaw is to application availability.
- risk 0.36cvss 5.5epss 0.00
There's a flaw in OpenEXR's ImfDeepScanLineInputFile functionality in versions prior to 3.0.5. An attacker who is able to submit a crafted file to an application linked with OpenEXR could cause an out-of-bounds read. The greatest risk from this flaw is to application…
- risk 0.36cvss 5.5epss 0.01
A flaw was found in GNU Binutils 2.35.1, where there is a heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c due to the number of symbols not calculated correctly. The highest threat from this vulnerability is to system availability.
- risk 0.36cvss 5.5epss 0.02
In LibTIFF, there is a memory malloc failure in tif_pixarlog.c. A crafted TIFF document can lead to an abort, resulting in a remote denial of service attack.
- risk 0.36cvss 5.5epss 0.01
A flaw was found in libtiff. Due to a memory allocation failure in tif_read.c, a crafted TIFF file can lead to an abort, resulting in denial of service.