VYPR

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

ClassStableLikelihood: High

Description

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9

CVEs mapped to this weakness (10,979)

page 28 of 549
  • CVE-2014-9980CriAug 18, 2017
    risk 0.64cvss 9.8epss 0.01

    In all Qualcomm products with Android releases from CAF using the Linux kernel, a Sample App failed to check a length potentially leading to unauthorized access to secure memory.

  • CVE-2014-9979CriAug 18, 2017
    risk 0.64cvss 9.8epss 0.01

    In all Qualcomm products with Android releases from CAF using the Linux kernel, a variable is uninitialized in a TrustZone system call potentially leading to the compromise of secure memory.

  • CVE-2014-9978CriAug 18, 2017
    risk 0.64cvss 9.8epss 0.01

    In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a QTEE service.

  • CVE-2014-9977CriAug 18, 2017
    risk 0.64cvss 9.8epss 0.01

    In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in PlayReady DRM.

  • CVE-2014-9976CriAug 18, 2017
    risk 0.64cvss 9.8epss 0.01

    In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in 1x call processing.

  • CVE-2014-9974CriAug 18, 2017
    risk 0.64cvss 9.8epss 0.01

    In all Qualcomm products with Android releases from CAF using the Linux kernel, validation of buffer lengths was missing in Keymaster.

  • CVE-2014-9973CriAug 18, 2017
    risk 0.64cvss 9.8epss 0.01

    In all Qualcomm products with Android releases from CAF using the Linux kernel, validation of a buffer length was missing in a PlayReady DRM routine.

  • CVE-2014-9968CriAug 18, 2017
    risk 0.64cvss 9.8epss 0.01

    In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in the UIMDIAG interface.

  • CVE-2015-1817CriAug 18, 2017
    risk 0.64cvss 9.8epss 0.02

    Stack-based buffer overflow in the inet_pton function in network/inet_pton.c in musl libc 0.9.15 through 1.0.4, and 1.1.0 through 1.1.7 allows attackers to have unspecified impact via unknown vectors.

  • CVE-2017-12942CriAug 18, 2017
    risk 0.64cvss 9.8epss 0.02

    libunrar.a in UnRAR before 5.5.7 has a buffer overflow in the Unpack::LongLZ function.

  • CVE-2017-7555CriAug 17, 2017
    risk 0.64cvss 9.8epss 0.05

    Augeas versions up to and including 1.8.0 are vulnerable to heap-based buffer overflow due to improper handling of escaped strings. Attacker could send crafted strings that would cause the application using augeas to copy past the end of a buffer, leading to a crash or possible…

  • CVE-2017-8248CriAug 16, 2017
    risk 0.64cvss 9.8epss 0.03

    A buffer overflow may occur in the processing of a downlink NAS message in Qualcomm Telephony as used in Apple iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation.

  • CVE-2017-3124CriAug 11, 2017
    risk 0.64cvss 9.8epss 0.08

    Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the picture exchange (PCX) file format parsing module. Successful exploitation could lead to…

  • CVE-2017-12762CriAug 9, 2017
    risk 0.64cvss 9.8epss 0.05

    In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow. This affects the Linux kernel 4.9-stable tree, 4.12-stable tree, 3.18-stable tree, and 4.4-stable tree.

  • CVE-2017-12562CriAug 5, 2017
    risk 0.64cvss 9.8epss 0.04

    Heap-based Buffer Overflow in the psf_binheader_writef function in common.c in libsndfile through 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.

  • CVE-2017-12424CriAug 4, 2017
    risk 0.64cvss 9.8epss 0.03

    In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Malformed input may lead to crashes (with a buffer overflow or other memory corruption) or other unspecified behaviors. This crosses a privilege…

  • CVE-2017-11721CriAug 3, 2017
    risk 0.64cvss 9.8epss 0.03

    Buffer overflow in ioquake3 before 2017-08-02 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted packet.

  • CVE-2017-11643CriJul 26, 2017
    risk 0.64cvss 9.8epss 0.02

    GraphicsMagick 1.3.26 has a heap overflow in the WriteCMYKImage() function in coders/cmyk.c when processing multiple frames that have non-identical widths.

  • CVE-2017-11636CriJul 26, 2017
    risk 0.64cvss 9.8epss 0.03

    GraphicsMagick 1.3.26 has a heap overflow in the WriteRGBImage() function in coders/rgb.c when processing multiple frames that have non-identical widths.

  • CVE-2017-11543CriJul 23, 2017
    risk 0.64cvss 9.8epss 0.06

    tcpdump 4.9.0 has a buffer overflow in the sliplink_print function in print-sl.c.