CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Description
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9
CVEs mapped to this weakness (10,979)
page 34 of 549| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-7986 | Cri | 0.64 | 9.8 | 0.03 | Jan 28, 2017 | The GeoNetworking parser in tcpdump before 4.9.0 has a buffer overflow in print-geonet.c, multiple functions. | ||
| CVE-2016-7985 | Cri | 0.64 | 9.8 | 0.03 | Jan 28, 2017 | The CALM FAST parser in tcpdump before 4.9.0 has a buffer overflow in print-calm-fast.c:calm_fast_print(). | ||
| CVE-2016-7984 | Cri | 0.64 | 9.8 | 0.03 | Jan 28, 2017 | The TFTP parser in tcpdump before 4.9.0 has a buffer overflow in print-tftp.c:tftp_print(). | ||
| CVE-2016-7983 | Cri | 0.64 | 9.8 | 0.04 | Jan 28, 2017 | The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print(). | ||
| CVE-2016-7975 | Cri | 0.64 | 9.8 | 0.03 | Jan 28, 2017 | The TCP parser in tcpdump before 4.9.0 has a buffer overflow in print-tcp.c:tcp_print(). | ||
| CVE-2016-7974 | Cri | 0.64 | 9.8 | 0.03 | Jan 28, 2017 | The IP parser in tcpdump before 4.9.0 has a buffer overflow in print-ip.c, multiple functions. | ||
| CVE-2016-7973 | Cri | 0.64 | 9.8 | 0.03 | Jan 28, 2017 | The AppleTalk parser in tcpdump before 4.9.0 has a buffer overflow in print-atalk.c, multiple functions. | ||
| CVE-2016-7940 | Cri | 0.64 | 9.8 | 0.03 | Jan 28, 2017 | The STP parser in tcpdump before 4.9.0 has a buffer overflow in print-stp.c, multiple functions. | ||
| CVE-2016-7939 | Cri | 0.64 | 9.8 | 0.03 | Jan 28, 2017 | The GRE parser in tcpdump before 4.9.0 has a buffer overflow in print-gre.c, multiple functions. | ||
| CVE-2016-7937 | Cri | 0.64 | 9.8 | 0.03 | Jan 28, 2017 | The VAT parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:vat_print(). | ||
| CVE-2016-7936 | Cri | 0.64 | 9.8 | 0.03 | Jan 28, 2017 | The UDP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:udp_print(). | ||
| CVE-2016-7935 | Cri | 0.64 | 9.8 | 0.03 | Jan 28, 2017 | The RTP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtp_print(). | ||
| CVE-2016-7934 | Cri | 0.64 | 9.8 | 0.03 | Jan 28, 2017 | The RTCP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtcp_print(). | ||
| CVE-2016-7933 | Cri | 0.64 | 9.8 | 0.03 | Jan 28, 2017 | The PPP parser in tcpdump before 4.9.0 has a buffer overflow in print-ppp.c:ppp_hdlc_if_print(). | ||
| CVE-2016-7932 | Cri | 0.64 | 9.8 | 0.03 | Jan 28, 2017 | The PIM parser in tcpdump before 4.9.0 has a buffer overflow in print-pim.c:pimv2_check_checksum(). | ||
| CVE-2016-7931 | Cri | 0.64 | 9.8 | 0.03 | Jan 28, 2017 | The MPLS parser in tcpdump before 4.9.0 has a buffer overflow in print-mpls.c:mpls_print(). | ||
| CVE-2016-7930 | Cri | 0.64 | 9.8 | 0.03 | Jan 28, 2017 | The LLC/SNAP parser in tcpdump before 4.9.0 has a buffer overflow in print-llc.c:llc_print(). | ||
| CVE-2016-7929 | Cri | 0.64 | 9.8 | 0.03 | Jan 28, 2017 | The Juniper PPPoE ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-juniper.c:juniper_parse_header(). | ||
| CVE-2016-7928 | Cri | 0.64 | 9.8 | 0.03 | Jan 28, 2017 | The IPComp parser in tcpdump before 4.9.0 has a buffer overflow in print-ipcomp.c:ipcomp_print(). | ||
| CVE-2016-7927 | Cri | 0.64 | 9.8 | 0.03 | Jan 28, 2017 | The IEEE 802.11 parser in tcpdump before 4.9.0 has a buffer overflow in print-802_11.c:ieee802_11_radio_print(). |
- risk 0.64cvss 9.8epss 0.03
The GeoNetworking parser in tcpdump before 4.9.0 has a buffer overflow in print-geonet.c, multiple functions.
- risk 0.64cvss 9.8epss 0.03
The CALM FAST parser in tcpdump before 4.9.0 has a buffer overflow in print-calm-fast.c:calm_fast_print().
- risk 0.64cvss 9.8epss 0.03
The TFTP parser in tcpdump before 4.9.0 has a buffer overflow in print-tftp.c:tftp_print().
- risk 0.64cvss 9.8epss 0.04
The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print().
- risk 0.64cvss 9.8epss 0.03
The TCP parser in tcpdump before 4.9.0 has a buffer overflow in print-tcp.c:tcp_print().
- risk 0.64cvss 9.8epss 0.03
The IP parser in tcpdump before 4.9.0 has a buffer overflow in print-ip.c, multiple functions.
- risk 0.64cvss 9.8epss 0.03
The AppleTalk parser in tcpdump before 4.9.0 has a buffer overflow in print-atalk.c, multiple functions.
- risk 0.64cvss 9.8epss 0.03
The STP parser in tcpdump before 4.9.0 has a buffer overflow in print-stp.c, multiple functions.
- risk 0.64cvss 9.8epss 0.03
The GRE parser in tcpdump before 4.9.0 has a buffer overflow in print-gre.c, multiple functions.
- risk 0.64cvss 9.8epss 0.03
The VAT parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:vat_print().
- risk 0.64cvss 9.8epss 0.03
The UDP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:udp_print().
- risk 0.64cvss 9.8epss 0.03
The RTP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtp_print().
- risk 0.64cvss 9.8epss 0.03
The RTCP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtcp_print().
- risk 0.64cvss 9.8epss 0.03
The PPP parser in tcpdump before 4.9.0 has a buffer overflow in print-ppp.c:ppp_hdlc_if_print().
- risk 0.64cvss 9.8epss 0.03
The PIM parser in tcpdump before 4.9.0 has a buffer overflow in print-pim.c:pimv2_check_checksum().
- risk 0.64cvss 9.8epss 0.03
The MPLS parser in tcpdump before 4.9.0 has a buffer overflow in print-mpls.c:mpls_print().
- risk 0.64cvss 9.8epss 0.03
The LLC/SNAP parser in tcpdump before 4.9.0 has a buffer overflow in print-llc.c:llc_print().
- risk 0.64cvss 9.8epss 0.03
The Juniper PPPoE ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-juniper.c:juniper_parse_header().
- risk 0.64cvss 9.8epss 0.03
The IPComp parser in tcpdump before 4.9.0 has a buffer overflow in print-ipcomp.c:ipcomp_print().
- risk 0.64cvss 9.8epss 0.03
The IEEE 802.11 parser in tcpdump before 4.9.0 has a buffer overflow in print-802_11.c:ieee802_11_radio_print().