VYPR

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

ClassStableLikelihood: High

Description

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9

CVEs mapped to this weakness (10,979)

page 376 of 549
  • CVE-2003-1337Dec 31, 2003
    risk 0.01cvss epss 0.12

    Heap-based buffer overflow in Aprelium Abyss Web Server 1.1.2 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.

  • CVE-2003-0542Nov 3, 2003
    risk 0.01cvss epss 0.13

    Multiple stack-based buffer overflows in (1) mod_alias and (2) mod_rewrite for Apache before 1.3.29 allow attackers to create configuration files to cause a denial of service (crash) or execute arbitrary code via a regular expression with more than 9 captures.

  • CVE-2003-0222May 12, 2003
    risk 0.01cvss epss 0.11

    Stack-based buffer overflow in Oracle Net Services for Oracle Database Server 9i release 2 and earlier allows attackers to execute arbitrary code via a "CREATE DATABASE LINK" query containing a connect string with a long USING parameter.

  • CVE-2003-0096Mar 3, 2003
    risk 0.01cvss epss 0.16

    Multiple buffer overflows in Oracle 9i Database release 2, Release 1, 8i, 8.1.7, and 8.0.6 allow remote attackers to execute arbitrary code via (1) a long conversion string argument to the TO_TIMESTAMP_TZ function, (2) a long time zone argument to the TZ_OFFSET function, or (3)…

  • CVE-2003-0095Mar 3, 2003
    risk 0.01cvss epss 0.13

    Buffer overflow in ORACLE.EXE for Oracle Database Server 9i, 8i, 8.1.7, and 8.0.6 allows remote attackers to execute arbitrary code via a long username that is provided during login, as exploitable through client applications that perform their own authentication, as…

  • CVE-2002-2250Dec 31, 2002
    risk 0.01cvss epss 0.08

    Multiple buffer overflows in Sybase Adaptive Server 12.0 and 12.5 allow remote attackers to execute arbitrary code via (1) a long parameter to the xp_freedll extended stored procedure or (2) a long database name argument to the DBCC CHECKVERIFY function.

  • CVE-2002-2368Dec 31, 2002
    risk 0.01cvss epss 0.07

    Multiple buffer overflows in NEC SOCKS5 1.0 r11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via a long username to (1) the GetString function in proxy.c for the SOCKS5 module or (2) the HandleS4Connection function in…

  • CVE-2002-2196Dec 31, 2002
    risk 0.01cvss epss 0.07

    Samba before 2.2.5 does not properly terminate the enum_csc_policy data structure, which may allow remote attackers to execute arbitrary code via a buffer overflow attack.

  • CVE-2002-2253Dec 31, 2002
    risk 0.01cvss epss 0.07

    Multiple buffer overflows in Cyrus Sieve / libSieve 2.1.2 and earlier allow remote attackers to execute arbitrary code via (1) a long header name, (2) a long IMAP flag, or (3) a script that generates a large number of errors that overflow the resulting error string.

  • CVE-2002-1357Dec 23, 2002
    risk 0.01cvss epss 0.10

    Multiple SSH2 servers and clients do not properly handle packets or data elements with incorrect length specifiers, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite.

  • CVE-2001-1539Dec 31, 2001
    risk 0.01cvss epss 0.14

    Stack consumption vulnerability in Internet Explorer The JavaScript settimeout function in Internet Explorer allows remote attackers to cause a denial of service (crash) via the JavaScript settimeout function. NOTE: the vendor could not reproduce the problem.

  • CVE-2001-0819Dec 6, 2001
    risk 0.01cvss epss 0.06

    A buffer overflow in Linux fetchmail before 5.8.6 allows remote attackers to execute arbitrary code via a large 'To:' field in an email header.

  • CVE-2001-0153May 3, 2001
    risk 0.01cvss epss 0.12

    Buffer overflow in VB-TSQL debugger object (vbsdicli.exe) in Visual Studio 6.0 Enterprise Edition allows remote attackers to execute arbitrary commands.

  • CVE-1999-0898Nov 4, 1999
    risk 0.01cvss epss 0.07

    Buffer overflows in Windows NT 4.0 print spooler allow remote attackers to gain privileges or cause a denial of service via a malformed spooler request.

  • CVE-1999-0802May 27, 1999
    risk 0.01cvss epss 0.10

    Buffer overflow in Internet Explorer 5 allows remote attackers to execute commands via a malformed Favorites icon.

  • CVE-1999-0349Jan 27, 1999
    risk 0.01cvss epss 0.18

    A buffer overflow in the FTP list (ls) command in IIS allows remote attackers to conduct a denial of service and, in some cases, execute arbitrary commands.

  • CVE-1999-0332Dec 1, 1998
    risk 0.01cvss epss 0.13

    Buffer overflow in NetMeeting allows denial of service and remote command execution.

  • CVE-2026-30883Mar 9, 2026
    risk 0.00cvss epss 0.00

    ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, an extremely large image profile could result in a heap overflow when encoding a PNG image. This vulnerability is fixed in 7.1.2-16 and…

  • CVE-2026-1260Jan 22, 2026
    risk 0.00cvss epss 0.00

    Invalid memory access in Sentencepiece versions less than 0.2.1 when using a vulnerable model file, which is not created in the normal training procedure.

  • CVE-2021-41121HigOct 6, 2021
    risk 0.00cvss 7.5epss 0.01

    Vyper is a Pythonic Smart Contract Language for the EVM. In affected versions when performing a function call inside a literal struct, there is a memory corruption issue that occurs because of an incorrect pointer to the the top of the stack. This issue has been resolved in…