CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Description
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9
CVEs mapped to this weakness (12,280)
page 276 of 614| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-10618 | Med | 0.36 | 5.5 | 0.00 | Dec 12, 2019 | Driver may access an invalid address while processing IO control due to lack of check of address validation in Snapdragon Connectivity in QCA6390 | ||
| CVE-2019-2295 | Med | 0.36 | 5.5 | 0.00 | Nov 21, 2019 | Information disclosure due to lack of address range check done on the SysDBG buffers in SDI code. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired… | ||
| CVE-2019-10535 | Med | 0.36 | 5.5 | 0.00 | Nov 21, 2019 | Improper validation for loop variable received from firmware can lead to out of bound access in WLAN function while iterating through loop in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,… | ||
| CVE-2019-2275 | Med | 0.36 | 5.5 | 0.00 | Nov 6, 2019 | While deserializing any key blob during key operations, buffer overflow could occur exposing partial key information if any key operations are invoked(Depends on CVE-2018-13907) in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics… | ||
| CVE-2019-3634 | Med | 0.36 | 5.5 | 0.00 | Aug 21, 2019 | Buffer overflow in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.2.8 allows local user to cause the Windows operating system to "blue screen" via an encrypted message sent to DLPe which when decrypted results in DLPe reading unallocated memory. | ||
| CVE-2019-3633 | Med | 0.36 | 5.5 | 0.00 | Aug 21, 2019 | Buffer overflow in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.2.8 allows local user to cause the Windows operating system to "blue screen" via a carefully constructed message sent to DLPe which bypasses DLPe internal checks and results in DLPe reading… | ||
| CVE-2019-2243 | Med | 0.36 | 5.5 | 0.00 | Jul 22, 2019 | Possible buffer overflow at the end of iterating loop while getting the version info and lead to information disclosure. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music,… | ||
| CVE-2019-1010069 | Med | 0.36 | 5.5 | 0.01 | Jul 18, 2019 | moinejf abcm2ps 8.13.20 is affected by: Incorrect Access Control. The impact is: Allows attackers to cause a denial of service attack via a crafted file. The component is: front.c, function txt_add. The fixed version is: after commit commit 08aef597656d065e86075f3d53fda89765845ea… | ||
| CVE-2019-1010302 | Med | 0.36 | 5.5 | 0.01 | Jul 15, 2019 | jhead 3.03 is affected by: Incorrect Access Control. The impact is: Denial of service. The component is: iptc.c Line 122 show_IPTC(). The attack vector is: the victim must open a specially crafted JPEG file. | ||
| CVE-2019-1630 | Med | 0.36 | 5.5 | 0.00 | Jun 20, 2019 | A vulnerability in the firmware signature checking program of Cisco Integrated Management Controller (IMC) could allow an authenticated, local attacker to cause a buffer overflow, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient checking… | ||
| CVE-2019-0113 | Med | 0.36 | 5.5 | 0.00 | May 17, 2019 | Insufficient bounds checking in Intel(R) Graphics Drivers before version 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069) may allow an authenticated user to potentially enable a denial of service via local access. | ||
| CVE-2018-4413 | Med | 0.36 | 5.5 | 0.01 | Apr 3, 2019 | A memory initialization issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1. | ||
| CVE-2018-15817 | Med | 0.36 | 5.5 | 0.01 | Mar 26, 2019 | FastStone Image Viewer 6.5 has a Read Access Violation on Block Data Move starting at image00400000+0x0000000000002d63 via a crafted image file. | ||
| CVE-2018-15816 | Med | 0.36 | 5.5 | 0.01 | Mar 26, 2019 | FastStone Image Viewer 6.5 has a Read Access Violation on Block Data Move starting at image00400000+0x0000000000002d7d via a crafted image file. | ||
| CVE-2018-15814 | Med | 0.36 | 5.5 | 0.01 | Mar 26, 2019 | FastStone Image Viewer 6.5 has a User Mode Write AV starting at image00400000+0x00000000001cb509 via a crafted image file. | ||
| CVE-2018-15813 | Med | 0.36 | 5.5 | 0.01 | Mar 26, 2019 | FastStone Image Viewer 6.5 has a User Mode Write AV starting at image00400000+0x00000000000e1237 via a crafted image file. | ||
| CVE-2017-16231 | Med | 0.36 | 5.5 | 0.01 | Mar 21, 2019 | In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match() in pcre_exec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount… | ||
| CVE-2018-13912 | Med | 0.36 | 5.5 | 0.00 | Feb 25, 2019 | Arbitrary write issue can occur when user provides kernel address in compat mode in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607,… | ||
| CVE-2018-12159 | Med | 0.36 | 5.5 | 0.00 | Feb 18, 2019 | Buffer overflow in the command-line interface for Intel(R) PROSet Wireless v20.50 and before may allow an authenticated user to potentially enable denial of service via local access. | ||
| CVE-2018-19523 | Med | 0.36 | 5.5 | 0.00 | Jan 3, 2019 | DriverAgent 2.2015.7.14, which includes DrvAgent64.sys 1.0.0.1, allows a user to send an IOCTL (0x80002068) with a user defined buffer size. If the size of the buffer is less than 512 bytes, then the driver will overwrite the next pool header if there is one next to the user… |
- risk 0.36cvss 5.5epss 0.00
Driver may access an invalid address while processing IO control due to lack of check of address validation in Snapdragon Connectivity in QCA6390
- risk 0.36cvss 5.5epss 0.00
Information disclosure due to lack of address range check done on the SysDBG buffers in SDI code. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired…
- risk 0.36cvss 5.5epss 0.00
Improper validation for loop variable received from firmware can lead to out of bound access in WLAN function while iterating through loop in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,…
- risk 0.36cvss 5.5epss 0.00
While deserializing any key blob during key operations, buffer overflow could occur exposing partial key information if any key operations are invoked(Depends on CVE-2018-13907) in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics…
- risk 0.36cvss 5.5epss 0.00
Buffer overflow in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.2.8 allows local user to cause the Windows operating system to "blue screen" via an encrypted message sent to DLPe which when decrypted results in DLPe reading unallocated memory.
- risk 0.36cvss 5.5epss 0.00
Buffer overflow in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.2.8 allows local user to cause the Windows operating system to "blue screen" via a carefully constructed message sent to DLPe which bypasses DLPe internal checks and results in DLPe reading…
- risk 0.36cvss 5.5epss 0.00
Possible buffer overflow at the end of iterating loop while getting the version info and lead to information disclosure. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music,…
- risk 0.36cvss 5.5epss 0.01
moinejf abcm2ps 8.13.20 is affected by: Incorrect Access Control. The impact is: Allows attackers to cause a denial of service attack via a crafted file. The component is: front.c, function txt_add. The fixed version is: after commit commit 08aef597656d065e86075f3d53fda89765845ea…
- risk 0.36cvss 5.5epss 0.01
jhead 3.03 is affected by: Incorrect Access Control. The impact is: Denial of service. The component is: iptc.c Line 122 show_IPTC(). The attack vector is: the victim must open a specially crafted JPEG file.
- risk 0.36cvss 5.5epss 0.00
A vulnerability in the firmware signature checking program of Cisco Integrated Management Controller (IMC) could allow an authenticated, local attacker to cause a buffer overflow, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient checking…
- risk 0.36cvss 5.5epss 0.00
Insufficient bounds checking in Intel(R) Graphics Drivers before version 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069) may allow an authenticated user to potentially enable a denial of service via local access.
- risk 0.36cvss 5.5epss 0.01
A memory initialization issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1.
- risk 0.36cvss 5.5epss 0.01
FastStone Image Viewer 6.5 has a Read Access Violation on Block Data Move starting at image00400000+0x0000000000002d63 via a crafted image file.
- risk 0.36cvss 5.5epss 0.01
FastStone Image Viewer 6.5 has a Read Access Violation on Block Data Move starting at image00400000+0x0000000000002d7d via a crafted image file.
- risk 0.36cvss 5.5epss 0.01
FastStone Image Viewer 6.5 has a User Mode Write AV starting at image00400000+0x00000000001cb509 via a crafted image file.
- risk 0.36cvss 5.5epss 0.01
FastStone Image Viewer 6.5 has a User Mode Write AV starting at image00400000+0x00000000000e1237 via a crafted image file.
- risk 0.36cvss 5.5epss 0.01
In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match() in pcre_exec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount…
- risk 0.36cvss 5.5epss 0.00
Arbitrary write issue can occur when user provides kernel address in compat mode in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607,…
- risk 0.36cvss 5.5epss 0.00
Buffer overflow in the command-line interface for Intel(R) PROSet Wireless v20.50 and before may allow an authenticated user to potentially enable denial of service via local access.
- risk 0.36cvss 5.5epss 0.00
DriverAgent 2.2015.7.14, which includes DrvAgent64.sys 1.0.0.1, allows a user to send an IOCTL (0x80002068) with a user defined buffer size. If the size of the buffer is less than 512 bytes, then the driver will overwrite the next pool header if there is one next to the user…