CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Description
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9
CVEs mapped to this weakness (10,979)
page 406 of 549| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2015-2788 | 0.00 | — | 0.04 | Apr 14, 2015 | Multiple stack-based buffer overflows in the ib_fill_isqlda function in dbdimp.c in DBD-Firebird before 1.19 allow remote attackers to have unspecified impact via unknown vectors that trigger an error condition, related to binding octets to columns. | |||
| CVE-2014-9488 | 0.00 | — | 0.04 | Apr 14, 2015 | The is_utf8_well_formed function in GNU less before 475 allows remote attackers to have unspecified impact via malformed UTF-8 characters, which triggers an out-of-bounds read. | |||
| CVE-2015-1144 | 0.00 | — | 0.00 | Apr 10, 2015 | Buffer overflow in the UniformTypeIdentifiers component in Apple OS X before 10.10.3 allows local users to gain privileges via a crafted Uniform Type Identifier. | |||
| CVE-2015-1140 | 0.00 | — | 0.01 | Apr 10, 2015 | Buffer overflow in IOHIDFamily in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors. | |||
| CVE-2015-2782 | 0.00 | — | 0.06 | Apr 8, 2015 | Buffer overflow in Open-source ARJ archiver 3.10.22 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ARJ archive. | |||
| CVE-2015-1473 | 0.00 | — | 0.02 | Apr 8, 2015 | The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during a risk-management decision for use of the alloca function, which might allow context-dependent attackers to cause a denial of service… | |||
| CVE-2015-1472 | 0.00 | — | 0.05 | Apr 8, 2015 | The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during memory allocation, which allows context-dependent attackers to cause a denial of service (buffer overflow) or possibly have unspecified… | |||
| CVE-2015-0134 | 0.00 | — | 0.05 | Apr 6, 2015 | Buffer overflow in the SSLv2 implementation in IBM Domino 8.5.x before 8.5.1 FP5 IF3, 8.5.2 before FP4 IF3, 8.5.3 before FP6 IF6, 9.0 before IF7, and 9.0.1 before FP2 IF3 allows remote attackers to execute arbitrary code via unspecified vectors. | |||
| CVE-2015-0903 | 0.00 | — | 0.03 | Apr 3, 2015 | Buffer overflow in Saitoh Kikaku Maruo Editor 8.51 and earlier allows remote attackers to execute arbitrary code via a crafted .hmbook file. | |||
| CVE-2014-8390 | 0.00 | — | 0.01 | Apr 3, 2015 | Multiple buffer overflows in Schneider Electric VAMPSET before 2.2.168 allow local users to gain privileges via malformed disturbance-recording data in a (1) CFG or (2) DAT file. | |||
| CVE-2015-2820 | 0.00 | — | 0.04 | Apr 1, 2015 | Buffer overflow in XcListener in SAP Afaria 7.0.6001.5 allows remote attackers to cause a denial of service (process termination) via a crafted request, aka SAP Security Note 2132584. | |||
| CVE-2015-2815 | 0.00 | — | 0.04 | Apr 1, 2015 | Buffer overflow in the C_SAPGPARAM function in the NetWeaver Dispatcher in SAP KERNEL 7.00 (7000.52.12.34966) and 7.40 (7400.12.21.30308) allows remote authenticated users to cause a denial of service or possibly execute arbitrary code via unspecified vectors, aka SAP Security… | |||
| CVE-2015-0811 | 0.00 | — | 0.03 | Apr 1, 2015 | The QCMS implementation in Mozilla Firefox before 37.0 allows remote attackers to obtain sensitive information from process heap memory or cause a denial of service (out-of-bounds read) via an image that is improperly handled during transformation. | |||
| CVE-2015-0838 | 0.00 | — | 0.03 | Mar 31, 2015 | Buffer overflow in the C implementation of the apply_delta function in _pack.c in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a crafted pack file. | |||
| CVE-2014-2830 | 0.00 | — | 0.05 | Mar 31, 2015 | Stack-based buffer overflow in cifskey.c or cifscreds.c in cifs-utils before 6.4, as used in pam_cifscreds, allows remote attackers to have unspecified impact via unknown vectors. | |||
| CVE-2014-9652 | 0.00 | — | 0.05 | Mar 30, 2015 | The mconvert function in softmagic.c in file before 5.21, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not properly handle a certain string-length field during a copy of a truncated version of a Pascal string, which… | |||
| CVE-2015-2785 | 0.00 | — | 0.03 | Mar 29, 2015 | The GIF encoder in Byzanz allows remote attackers to cause a denial of service (out-of-bounds heap write and crash) or possibly execute arbitrary code via a crafted Byzanz debug data recording (ByzanzRecording file) to the byzanz-playback command. | |||
| CVE-2013-7438 | 0.00 | — | 0.03 | Mar 29, 2015 | Multiple buffer overflows in pbm212030 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted PBM image, related to (1) stream line data, which triggers a heap-based buffer overflow, or (2) vectors related to an "internal… | |||
| CVE-2014-9205 | 0.00 | — | 0.05 | Mar 29, 2015 | Stack-based buffer overflow in the PmBase64Decode function in an unspecified demonstration application in MICROSYS PROMOTIC stable before 8.2.19 and PROMOTIC development before 8.3.2 allows remote attackers to execute arbitrary code by providing a large amount of data. | |||
| CVE-2015-2154 | 0.00 | — | 0.04 | Mar 24, 2015 | The osi_print_cksum function in print-isoclns.c in the ethernet printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted (1) length, (2) offset, or (3) base pointer checksum value. |
- CVE-2015-2788Apr 14, 2015risk 0.00cvss —epss 0.04
Multiple stack-based buffer overflows in the ib_fill_isqlda function in dbdimp.c in DBD-Firebird before 1.19 allow remote attackers to have unspecified impact via unknown vectors that trigger an error condition, related to binding octets to columns.
- CVE-2014-9488Apr 14, 2015risk 0.00cvss —epss 0.04
The is_utf8_well_formed function in GNU less before 475 allows remote attackers to have unspecified impact via malformed UTF-8 characters, which triggers an out-of-bounds read.
- CVE-2015-1144Apr 10, 2015risk 0.00cvss —epss 0.00
Buffer overflow in the UniformTypeIdentifiers component in Apple OS X before 10.10.3 allows local users to gain privileges via a crafted Uniform Type Identifier.
- CVE-2015-1140Apr 10, 2015risk 0.00cvss —epss 0.01
Buffer overflow in IOHIDFamily in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors.
- CVE-2015-2782Apr 8, 2015risk 0.00cvss —epss 0.06
Buffer overflow in Open-source ARJ archiver 3.10.22 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ARJ archive.
- CVE-2015-1473Apr 8, 2015risk 0.00cvss —epss 0.02
The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during a risk-management decision for use of the alloca function, which might allow context-dependent attackers to cause a denial of service…
- CVE-2015-1472Apr 8, 2015risk 0.00cvss —epss 0.05
The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during memory allocation, which allows context-dependent attackers to cause a denial of service (buffer overflow) or possibly have unspecified…
- CVE-2015-0134Apr 6, 2015risk 0.00cvss —epss 0.05
Buffer overflow in the SSLv2 implementation in IBM Domino 8.5.x before 8.5.1 FP5 IF3, 8.5.2 before FP4 IF3, 8.5.3 before FP6 IF6, 9.0 before IF7, and 9.0.1 before FP2 IF3 allows remote attackers to execute arbitrary code via unspecified vectors.
- CVE-2015-0903Apr 3, 2015risk 0.00cvss —epss 0.03
Buffer overflow in Saitoh Kikaku Maruo Editor 8.51 and earlier allows remote attackers to execute arbitrary code via a crafted .hmbook file.
- CVE-2014-8390Apr 3, 2015risk 0.00cvss —epss 0.01
Multiple buffer overflows in Schneider Electric VAMPSET before 2.2.168 allow local users to gain privileges via malformed disturbance-recording data in a (1) CFG or (2) DAT file.
- CVE-2015-2820Apr 1, 2015risk 0.00cvss —epss 0.04
Buffer overflow in XcListener in SAP Afaria 7.0.6001.5 allows remote attackers to cause a denial of service (process termination) via a crafted request, aka SAP Security Note 2132584.
- CVE-2015-2815Apr 1, 2015risk 0.00cvss —epss 0.04
Buffer overflow in the C_SAPGPARAM function in the NetWeaver Dispatcher in SAP KERNEL 7.00 (7000.52.12.34966) and 7.40 (7400.12.21.30308) allows remote authenticated users to cause a denial of service or possibly execute arbitrary code via unspecified vectors, aka SAP Security…
- CVE-2015-0811Apr 1, 2015risk 0.00cvss —epss 0.03
The QCMS implementation in Mozilla Firefox before 37.0 allows remote attackers to obtain sensitive information from process heap memory or cause a denial of service (out-of-bounds read) via an image that is improperly handled during transformation.
- CVE-2015-0838Mar 31, 2015risk 0.00cvss —epss 0.03
Buffer overflow in the C implementation of the apply_delta function in _pack.c in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a crafted pack file.
- CVE-2014-2830Mar 31, 2015risk 0.00cvss —epss 0.05
Stack-based buffer overflow in cifskey.c or cifscreds.c in cifs-utils before 6.4, as used in pam_cifscreds, allows remote attackers to have unspecified impact via unknown vectors.
- CVE-2014-9652Mar 30, 2015risk 0.00cvss —epss 0.05
The mconvert function in softmagic.c in file before 5.21, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not properly handle a certain string-length field during a copy of a truncated version of a Pascal string, which…
- CVE-2015-2785Mar 29, 2015risk 0.00cvss —epss 0.03
The GIF encoder in Byzanz allows remote attackers to cause a denial of service (out-of-bounds heap write and crash) or possibly execute arbitrary code via a crafted Byzanz debug data recording (ByzanzRecording file) to the byzanz-playback command.
- CVE-2013-7438Mar 29, 2015risk 0.00cvss —epss 0.03
Multiple buffer overflows in pbm212030 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted PBM image, related to (1) stream line data, which triggers a heap-based buffer overflow, or (2) vectors related to an "internal…
- CVE-2014-9205Mar 29, 2015risk 0.00cvss —epss 0.05
Stack-based buffer overflow in the PmBase64Decode function in an unspecified demonstration application in MICROSYS PROMOTIC stable before 8.2.19 and PROMOTIC development before 8.3.2 allows remote attackers to execute arbitrary code by providing a large amount of data.
- CVE-2015-2154Mar 24, 2015risk 0.00cvss —epss 0.04
The osi_print_cksum function in print-isoclns.c in the ethernet printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted (1) length, (2) offset, or (3) base pointer checksum value.