CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Description
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9
CVEs mapped to this weakness (10,979)
page 35 of 549| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-7926 | Cri | 0.64 | 9.8 | 0.03 | Jan 28, 2017 | The Ethernet parser in tcpdump before 4.9.0 has a buffer overflow in print-ether.c:ethertype_print(). | ||
| CVE-2016-7925 | Cri | 0.64 | 9.8 | 0.03 | Jan 28, 2017 | The compressed SLIP parser in tcpdump before 4.9.0 has a buffer overflow in print-sl.c:sl_if_print(). | ||
| CVE-2016-7924 | Cri | 0.64 | 9.8 | 0.03 | Jan 28, 2017 | The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:oam_print(). | ||
| CVE-2016-7923 | Cri | 0.64 | 9.8 | 0.03 | Jan 28, 2017 | The ARP parser in tcpdump before 4.9.0 has a buffer overflow in print-arp.c:arp_print(). | ||
| CVE-2016-7922 | Cri | 0.64 | 9.8 | 0.03 | Jan 28, 2017 | The AH parser in tcpdump before 4.9.0 has a buffer overflow in print-ah.c:ah_print(). | ||
| CVE-2016-9636 | Cri | 0.64 | 9.8 | 0.09 | Jan 27, 2017 | Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 'write count' that goes beyond… | ||
| CVE-2016-9635 | Cri | 0.64 | 9.8 | 0.09 | Jan 27, 2017 | Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 'skip count' that goes beyond… | ||
| CVE-2016-9634 | Cri | 0.64 | 9.8 | 0.09 | Jan 27, 2017 | Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via the start_line parameter. | ||
| CVE-2016-8411 | Cri | 0.64 | 9.8 | 0.01 | Jan 27, 2017 | Buffer overflow vulnerability while processing QMI QOS TLVs. Product: Android. Versions: versions that have qmi_qos_srvc.c. Android ID: 31805216. References: QC CR#912775. | ||
| CVE-2016-9307 | Cri | 0.64 | 9.8 | 0.02 | Jan 25, 2017 | Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed 3DS format files. | ||
| CVE-2016-9306 | Cri | 0.64 | 9.8 | 0.02 | Jan 25, 2017 | Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed DAE format files. | ||
| CVE-2016-9303 | Cri | 0.64 | 9.8 | 0.04 | Jan 25, 2017 | Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code or cause an infinite loop condition when reading or converting malformed FBX format files. | ||
| CVE-2016-5873 | Cri | 0.64 | 9.8 | 0.05 | Jan 23, 2017 | Buffer overflow in the HTTP URL parsing functions in pecl_http before 3.0.1 might allow remote attackers to execute arbitrary code via non-printable characters in a URL. | ||
| CVE-2016-3147 | Cri | 0.64 | 9.8 | 0.06 | Jan 23, 2017 | Buffer overflow in the collector.exe listener of the Landesk Management Suite 10.0.0.271 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large packet. | ||
| CVE-2015-8972 | Cri | 0.64 | 9.8 | 0.04 | Jan 23, 2017 | Stack-based buffer overflow in the ValidateMove function in frontend/move.cc in GNU Chess (aka gnuchess) before 6.2.4 might allow context-dependent attackers to execute arbitrary code via a large input, as demonstrated when in UCI mode. | ||
| CVE-2016-9679 | Cri | 0.64 | 9.8 | 0.03 | Jan 18, 2017 | Citrix Provisioning Services before 7.12 allows attackers to execute arbitrary code by overwriting a function pointer. | ||
| CVE-2016-9676 | Cri | 0.64 | 9.8 | 0.04 | Jan 18, 2017 | Buffer overflow in Citrix Provisioning Services before 7.12 allows attackers to execute arbitrary code via unspecified vectors. | ||
| CVE-2016-7996 | Cri | 0.64 | 9.8 | 0.04 | Jan 18, 2017 | Heap-based buffer overflow in the WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to have unspecified impact via a colormap with a large number of entries. | ||
| CVE-2016-2090 | Cri | 0.64 | 9.8 | 0.03 | Jan 13, 2017 | Off-by-one vulnerability in the fgetwln function in libbsd before 0.8.2 allows attackers to have unspecified impact via unknown vectors, which trigger a heap-based buffer overflow. | ||
| CVE-2016-8459 | Cri | 0.64 | 9.8 | 0.02 | Jan 12, 2017 | Possible buffer overflow in storage subsystem. Bad parameters as part of listener responses to RPMB commands could lead to buffer overflow. Product: Android. Versions: Kernel 3.18. Android ID: A-32577972. References: QC-CR#988462. |
- risk 0.64cvss 9.8epss 0.03
The Ethernet parser in tcpdump before 4.9.0 has a buffer overflow in print-ether.c:ethertype_print().
- risk 0.64cvss 9.8epss 0.03
The compressed SLIP parser in tcpdump before 4.9.0 has a buffer overflow in print-sl.c:sl_if_print().
- risk 0.64cvss 9.8epss 0.03
The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:oam_print().
- risk 0.64cvss 9.8epss 0.03
The ARP parser in tcpdump before 4.9.0 has a buffer overflow in print-arp.c:arp_print().
- risk 0.64cvss 9.8epss 0.03
The AH parser in tcpdump before 4.9.0 has a buffer overflow in print-ah.c:ah_print().
- risk 0.64cvss 9.8epss 0.09
Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 'write count' that goes beyond…
- risk 0.64cvss 9.8epss 0.09
Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 'skip count' that goes beyond…
- risk 0.64cvss 9.8epss 0.09
Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via the start_line parameter.
- risk 0.64cvss 9.8epss 0.01
Buffer overflow vulnerability while processing QMI QOS TLVs. Product: Android. Versions: versions that have qmi_qos_srvc.c. Android ID: 31805216. References: QC CR#912775.
- risk 0.64cvss 9.8epss 0.02
Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed 3DS format files.
- risk 0.64cvss 9.8epss 0.02
Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed DAE format files.
- risk 0.64cvss 9.8epss 0.04
Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code or cause an infinite loop condition when reading or converting malformed FBX format files.
- risk 0.64cvss 9.8epss 0.05
Buffer overflow in the HTTP URL parsing functions in pecl_http before 3.0.1 might allow remote attackers to execute arbitrary code via non-printable characters in a URL.
- risk 0.64cvss 9.8epss 0.06
Buffer overflow in the collector.exe listener of the Landesk Management Suite 10.0.0.271 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large packet.
- risk 0.64cvss 9.8epss 0.04
Stack-based buffer overflow in the ValidateMove function in frontend/move.cc in GNU Chess (aka gnuchess) before 6.2.4 might allow context-dependent attackers to execute arbitrary code via a large input, as demonstrated when in UCI mode.
- risk 0.64cvss 9.8epss 0.03
Citrix Provisioning Services before 7.12 allows attackers to execute arbitrary code by overwriting a function pointer.
- risk 0.64cvss 9.8epss 0.04
Buffer overflow in Citrix Provisioning Services before 7.12 allows attackers to execute arbitrary code via unspecified vectors.
- risk 0.64cvss 9.8epss 0.04
Heap-based buffer overflow in the WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to have unspecified impact via a colormap with a large number of entries.
- risk 0.64cvss 9.8epss 0.03
Off-by-one vulnerability in the fgetwln function in libbsd before 0.8.2 allows attackers to have unspecified impact via unknown vectors, which trigger a heap-based buffer overflow.
- risk 0.64cvss 9.8epss 0.02
Possible buffer overflow in storage subsystem. Bad parameters as part of listener responses to RPMB commands could lead to buffer overflow. Product: Android. Versions: Kernel 3.18. Android ID: A-32577972. References: QC-CR#988462.