CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Description
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9
CVEs mapped to this weakness (10,979)
page 33 of 549| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-2973 | Cri | 0.64 | 9.8 | 0.09 | Feb 15, 2017 | Adobe Digital Editions versions 4.5.3 and earlier have an exploitable heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution. | ||
| CVE-2016-8364 | Cri | 0.64 | 9.8 | 0.02 | Feb 13, 2017 | An issue was discovered in IBHsoftec S7-SoftPLC prior to 4.12b. Object memory can read a network packet that is larger than the space that is available, a Heap-based Buffer Overflow. | ||
| CVE-2016-7447 | Cri | 0.64 | 9.8 | 0.04 | Feb 6, 2017 | Heap-based buffer overflow in the EscapeParenthesis function in GraphicsMagick before 1.3.25 allows remote attackers to have unspecified impact via unknown vectors. | ||
| CVE-2016-7446 | Cri | 0.64 | 9.8 | 0.04 | Feb 6, 2017 | Buffer overflow in the MVG and SVG rendering code in GraphicsMagick 1.3.24 allows remote attackers to have unspecified impact via unknown vectors. Note: This vulnerability exists due to an incomplete patch for CVE-2016-2317. | ||
| CVE-2016-10164 | Cri | 0.64 | 9.8 | 0.08 | Feb 1, 2017 | Multiple integer overflows in libXpm before 3.5.12, when a program requests parsing XPM extensions on a 64-bit platform, allow remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via (1) the number of extensions or (2) their concatenated… | ||
| CVE-2017-5486 | Cri | 0.64 | 9.8 | 0.03 | Jan 28, 2017 | The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print(). | ||
| CVE-2017-5485 | Cri | 0.64 | 9.8 | 0.03 | Jan 28, 2017 | The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in addrtoname.c:lookup_nsap(). | ||
| CVE-2017-5484 | Cri | 0.64 | 9.8 | 0.06 | Jan 28, 2017 | The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:sig_print(). | ||
| CVE-2017-5483 | Cri | 0.64 | 9.8 | 0.03 | Jan 28, 2017 | The SNMP parser in tcpdump before 4.9.0 has a buffer overflow in print-snmp.c:asn1_parse(). | ||
| CVE-2017-5482 | Cri | 0.64 | 9.8 | 0.06 | Jan 28, 2017 | The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(), a different vulnerability than CVE-2016-8575. | ||
| CVE-2017-5342 | Cri | 0.64 | 9.8 | 0.06 | Jan 28, 2017 | In tcpdump before 4.9.0, a bug in multiple protocol parsers (Geneve, GRE, NSH, OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in print-ether.c:ether_print(). | ||
| CVE-2017-5341 | Cri | 0.64 | 9.8 | 0.05 | Jan 28, 2017 | The OTV parser in tcpdump before 4.9.0 has a buffer overflow in print-otv.c:otv_print(). | ||
| CVE-2017-5205 | Cri | 0.64 | 9.8 | 0.04 | Jan 28, 2017 | The ISAKMP parser in tcpdump before 4.9.0 has a buffer overflow in print-isakmp.c:ikev2_e_print(). | ||
| CVE-2017-5204 | Cri | 0.64 | 9.8 | 0.06 | Jan 28, 2017 | The IPv6 parser in tcpdump before 4.9.0 has a buffer overflow in print-ip6.c:ip6_print(). | ||
| CVE-2017-5203 | Cri | 0.64 | 9.8 | 0.04 | Jan 28, 2017 | The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print(). | ||
| CVE-2017-5202 | Cri | 0.64 | 9.8 | 0.04 | Jan 28, 2017 | The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print(). | ||
| CVE-2016-8575 | Cri | 0.64 | 9.8 | 0.06 | Jan 28, 2017 | The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(), a different vulnerability than CVE-2017-5482. | ||
| CVE-2016-8574 | Cri | 0.64 | 9.8 | 0.03 | Jan 28, 2017 | The FRF.15 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:frf15_print(). | ||
| CVE-2016-7993 | Cri | 0.64 | 9.8 | 0.03 | Jan 28, 2017 | A bug in util-print.c:relts_print() in tcpdump before 4.9.0 could cause a buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP, lightweight resolver protocol, PIM). | ||
| CVE-2016-7992 | Cri | 0.64 | 9.8 | 0.03 | Jan 28, 2017 | The Classical IP over ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-cip.c:cip_if_print(). |
- risk 0.64cvss 9.8epss 0.09
Adobe Digital Editions versions 4.5.3 and earlier have an exploitable heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in IBHsoftec S7-SoftPLC prior to 4.12b. Object memory can read a network packet that is larger than the space that is available, a Heap-based Buffer Overflow.
- risk 0.64cvss 9.8epss 0.04
Heap-based buffer overflow in the EscapeParenthesis function in GraphicsMagick before 1.3.25 allows remote attackers to have unspecified impact via unknown vectors.
- risk 0.64cvss 9.8epss 0.04
Buffer overflow in the MVG and SVG rendering code in GraphicsMagick 1.3.24 allows remote attackers to have unspecified impact via unknown vectors. Note: This vulnerability exists due to an incomplete patch for CVE-2016-2317.
- risk 0.64cvss 9.8epss 0.08
Multiple integer overflows in libXpm before 3.5.12, when a program requests parsing XPM extensions on a 64-bit platform, allow remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via (1) the number of extensions or (2) their concatenated…
- risk 0.64cvss 9.8epss 0.03
The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print().
- risk 0.64cvss 9.8epss 0.03
The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in addrtoname.c:lookup_nsap().
- risk 0.64cvss 9.8epss 0.06
The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:sig_print().
- risk 0.64cvss 9.8epss 0.03
The SNMP parser in tcpdump before 4.9.0 has a buffer overflow in print-snmp.c:asn1_parse().
- risk 0.64cvss 9.8epss 0.06
The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(), a different vulnerability than CVE-2016-8575.
- risk 0.64cvss 9.8epss 0.06
In tcpdump before 4.9.0, a bug in multiple protocol parsers (Geneve, GRE, NSH, OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in print-ether.c:ether_print().
- risk 0.64cvss 9.8epss 0.05
The OTV parser in tcpdump before 4.9.0 has a buffer overflow in print-otv.c:otv_print().
- risk 0.64cvss 9.8epss 0.04
The ISAKMP parser in tcpdump before 4.9.0 has a buffer overflow in print-isakmp.c:ikev2_e_print().
- risk 0.64cvss 9.8epss 0.06
The IPv6 parser in tcpdump before 4.9.0 has a buffer overflow in print-ip6.c:ip6_print().
- risk 0.64cvss 9.8epss 0.04
The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print().
- risk 0.64cvss 9.8epss 0.04
The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print().
- risk 0.64cvss 9.8epss 0.06
The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(), a different vulnerability than CVE-2017-5482.
- risk 0.64cvss 9.8epss 0.03
The FRF.15 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:frf15_print().
- risk 0.64cvss 9.8epss 0.03
A bug in util-print.c:relts_print() in tcpdump before 4.9.0 could cause a buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP, lightweight resolver protocol, PIM).
- risk 0.64cvss 9.8epss 0.03
The Classical IP over ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-cip.c:cip_if_print().