CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Description
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9
CVEs mapped to this weakness (12,280)
page 289 of 614| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-0775 | Med | 0.35 | 6.5 | 0.03 | Apr 13, 2016 | Buffer overflow in the ImagingFliDecode function in libImaging/FliDecode.c in Pillow before 3.1.1 allows remote attackers to cause a denial of service (crash) via a crafted FLI file. | ||
| CVE-2016-0740 | Med | 0.35 | 6.5 | 0.02 | Apr 13, 2016 | Buffer overflow in the ImagingLibTiffDecode function in libImaging/TiffDecode.c in Pillow before 3.1.1 allows remote attackers to overwrite memory via a crafted TIFF file. | ||
| CVE-2015-5295 | Med | 0.35 | 5.4 | 0.03 | Jan 20, 2016 | The template-validate command in OpenStack Orchestration API (Heat) before 2015.1.3 (kilo) and 5.0.x before 5.0.1 (liberty) allows remote authenticated users to cause a denial of service (memory consumption) or determine the existence of local files via the resource type in a… | ||
| CVE-2013-0270 | Med | 0.35 | 6.5 | 0.03 | Apr 12, 2013 | A flaw was found in OpenStack Keystone. A remote attacker could exploit this vulnerability by sending a large HTTP request, specifically by providing a long tenant name when requesting a token. This could lead to a denial of service, consuming excessive CPU and memory resources… | ||
| CVE-2009-1605 | Med | 0.35 | 5.4 | 0.03 | May 11, 2009 | Heap-based buffer overflow in the loadexponentialfunc function in mupdf/pdf_function.c in MuPDF in the mupdf-20090223-win32 package, as used in SumatraPDF 0.9.3 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF file. NOTE: some of these details… | ||
| CVE-2026-12329 | Med | 0.34 | 5.3 | 0.00 | Jun 16, 2026 | Memory safety bug fixed in Thunderbird ESR 140.12. This vulnerability was fixed in Firefox ESR 140.12 and Thunderbird 140.12. | ||
| CVE-2026-12308 | Med | 0.34 | 5.3 | 0.00 | Jun 16, 2026 | Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. | ||
| CVE-2026-12307 | Med | 0.34 | 5.3 | 0.00 | Jun 16, 2026 | Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. | ||
| CVE-2026-12306 | Med | 0.34 | 5.3 | 0.00 | Jun 16, 2026 | Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. | ||
| CVE-2026-12301 | Med | 0.34 | 5.3 | 0.00 | Jun 16, 2026 | Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firefox 152 and Thunderbird 152. | ||
| CVE-2026-12300 | Med | 0.34 | 5.3 | 0.00 | Jun 16, 2026 | Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firefox 152 and Thunderbird 152. | ||
| CVE-2026-12216 | Med | 0.34 | 5.3 | 0.00 | Jun 15, 2026 | A weakness has been identified in svaarala duktape up to 2.99.99. This issue affects some unknown processing of the file duk_api_bytecode.c. Executing a manipulation of the argument count_instr can lead to memory corruption. The attack requires local access. The exploit has been… | ||
| CVE-2026-4391 | Med | 0.34 | 5.3 | 0.00 | May 27, 2026 | A security vulnerability has been detected in TeamSpeak 3 Server up to 3.13.7. This vulnerability affects unknown code of the component ECC Key Parser. Such manipulation leads to heap-based buffer overflow. The attack may be launched remotely. Upgrading to version 3.13.8 is able… | ||
| CVE-2026-9541 | Med | 0.34 | 5.3 | 0.00 | May 26, 2026 | A security flaw has been discovered in Squirrel up to 3.2. Impacted is the function ReadObject of the file squirrel/sqobject.cpp of the component Cnut File Handler. Performing a manipulation results in heap-based buffer overflow. The attack is only possible with local access.… | ||
| CVE-2026-9500 | Med | 0.34 | 5.3 | 0.00 | May 25, 2026 | A vulnerability was found in GNU LibreDWG up to 0.14. The affected element is the function read_2004_compressed_section of the file src/decode.c of the component Dwgread Utility. Performing a manipulation results in heap-based buffer overflow. The attack is only possible with… | ||
| CVE-2026-9301 | Med | 0.34 | 6.3 | 0.00 | May 23, 2026 | A vulnerability was found in omec-project amf up to 2.1.1. This vulnerability affects unknown code of the component NGReset Message Handler. Performing a manipulation results in memory corruption. The attack is possible to be carried out remotely. The exploit has been made… | ||
| CVE-2026-9300 | Med | 0.34 | 6.3 | 0.00 | May 23, 2026 | A vulnerability has been found in omec-project amf up to 2.1.1. This affects an unknown part of the component NGSetupRequest Handler. Such manipulation leads to memory corruption. The attack can be executed remotely. The exploit has been disclosed to the public and may be used.… | ||
| CVE-2026-9299 | Med | 0.34 | 6.3 | 0.00 | May 23, 2026 | A flaw has been found in omec-project amf up to 2.1.1. Affected by this issue is the function PDUSessionResourceModifyIndication of the file /go/src/amf/ngap/handler.go. This manipulation causes memory corruption. Remote exploitation of the attack is possible. The exploit has… | ||
| CVE-2026-9298 | Med | 0.34 | 6.3 | 0.00 | May 23, 2026 | A vulnerability was detected in omec-project amf up to 2.1.1. Affected by this vulnerability is an unknown functionality of the component PathSwitchRequest Handler. The manipulation results in memory corruption. The attack may be launched remotely. The exploit is now public and… | ||
| CVE-2026-8391 | Med | 0.34 | 5.3 | 0.00 | May 12, 2026 | Other issue in the JavaScript Engine component. This vulnerability was fixed in Firefox 150.0.3, Firefox ESR 115.36, Firefox ESR 140.11, and Thunderbird 140.11. |
- risk 0.35cvss 6.5epss 0.03
Buffer overflow in the ImagingFliDecode function in libImaging/FliDecode.c in Pillow before 3.1.1 allows remote attackers to cause a denial of service (crash) via a crafted FLI file.
- risk 0.35cvss 6.5epss 0.02
Buffer overflow in the ImagingLibTiffDecode function in libImaging/TiffDecode.c in Pillow before 3.1.1 allows remote attackers to overwrite memory via a crafted TIFF file.
- risk 0.35cvss 5.4epss 0.03
The template-validate command in OpenStack Orchestration API (Heat) before 2015.1.3 (kilo) and 5.0.x before 5.0.1 (liberty) allows remote authenticated users to cause a denial of service (memory consumption) or determine the existence of local files via the resource type in a…
- risk 0.35cvss 6.5epss 0.03
A flaw was found in OpenStack Keystone. A remote attacker could exploit this vulnerability by sending a large HTTP request, specifically by providing a long tenant name when requesting a token. This could lead to a denial of service, consuming excessive CPU and memory resources…
- risk 0.35cvss 5.4epss 0.03
Heap-based buffer overflow in the loadexponentialfunc function in mupdf/pdf_function.c in MuPDF in the mupdf-20090223-win32 package, as used in SumatraPDF 0.9.3 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF file. NOTE: some of these details…
- risk 0.34cvss 5.3epss 0.00
Memory safety bug fixed in Thunderbird ESR 140.12. This vulnerability was fixed in Firefox ESR 140.12 and Thunderbird 140.12.
- risk 0.34cvss 5.3epss 0.00
Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12.
- risk 0.34cvss 5.3epss 0.00
Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12.
- risk 0.34cvss 5.3epss 0.00
Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12.
- risk 0.34cvss 5.3epss 0.00
Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firefox 152 and Thunderbird 152.
- risk 0.34cvss 5.3epss 0.00
Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firefox 152 and Thunderbird 152.
- risk 0.34cvss 5.3epss 0.00
A weakness has been identified in svaarala duktape up to 2.99.99. This issue affects some unknown processing of the file duk_api_bytecode.c. Executing a manipulation of the argument count_instr can lead to memory corruption. The attack requires local access. The exploit has been…
- risk 0.34cvss 5.3epss 0.00
A security vulnerability has been detected in TeamSpeak 3 Server up to 3.13.7. This vulnerability affects unknown code of the component ECC Key Parser. Such manipulation leads to heap-based buffer overflow. The attack may be launched remotely. Upgrading to version 3.13.8 is able…
- risk 0.34cvss 5.3epss 0.00
A security flaw has been discovered in Squirrel up to 3.2. Impacted is the function ReadObject of the file squirrel/sqobject.cpp of the component Cnut File Handler. Performing a manipulation results in heap-based buffer overflow. The attack is only possible with local access.…
- risk 0.34cvss 5.3epss 0.00
A vulnerability was found in GNU LibreDWG up to 0.14. The affected element is the function read_2004_compressed_section of the file src/decode.c of the component Dwgread Utility. Performing a manipulation results in heap-based buffer overflow. The attack is only possible with…
- risk 0.34cvss 6.3epss 0.00
A vulnerability was found in omec-project amf up to 2.1.1. This vulnerability affects unknown code of the component NGReset Message Handler. Performing a manipulation results in memory corruption. The attack is possible to be carried out remotely. The exploit has been made…
- risk 0.34cvss 6.3epss 0.00
A vulnerability has been found in omec-project amf up to 2.1.1. This affects an unknown part of the component NGSetupRequest Handler. Such manipulation leads to memory corruption. The attack can be executed remotely. The exploit has been disclosed to the public and may be used.…
- risk 0.34cvss 6.3epss 0.00
A flaw has been found in omec-project amf up to 2.1.1. Affected by this issue is the function PDUSessionResourceModifyIndication of the file /go/src/amf/ngap/handler.go. This manipulation causes memory corruption. Remote exploitation of the attack is possible. The exploit has…
- risk 0.34cvss 6.3epss 0.00
A vulnerability was detected in omec-project amf up to 2.1.1. Affected by this vulnerability is an unknown functionality of the component PathSwitchRequest Handler. The manipulation results in memory corruption. The attack may be launched remotely. The exploit is now public and…
- risk 0.34cvss 5.3epss 0.00
Other issue in the JavaScript Engine component. This vulnerability was fixed in Firefox 150.0.3, Firefox ESR 115.36, Firefox ESR 140.11, and Thunderbird 140.11.