VYPR

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

ClassStableLikelihood: High

Description

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9

CVEs mapped to this weakness (10,979)

page 8 of 549
  • CVE-2016-4402CriAug 6, 2018
    risk 0.65cvss 9.8epss 0.16

    A security vulnerability was identified in the Filter SDK component of HP KeyView earlier than v11.2. The vulnerability could be exploited remotely to allow code execution via buffer overflow.

  • CVE-2018-0301CriJun 20, 2018
    risk 0.65cvss 9.8epss 0.18

    A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to craft a packet to the management interface on an affected system, causing a buffer overflow. The vulnerability is due to incorrect input validation in the…

  • CVE-2018-4233HigJun 8, 2018
    risk 0.65cvss 8.8epss 0.54

    An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue…

  • CVE-2017-12087CriApr 24, 2018
    risk 0.65cvss 10.0epss 0.02

    An exploitable heap overflow vulnerability exists in the tinysvcmdns library version 2016-07-18. A specially crafted packet can make the library overwrite an arbitrary amount of data on the heap with attacker controlled values. An attacker needs send a dns packet to trigger this…

  • CVE-2017-5807CriFeb 15, 2018
    risk 0.65cvss 9.8epss 0.22

    A Remote Arbitrary Code Execution vulnerability in HPE Data Protector version prior to 8.17 and 9.09 was found.

  • CVE-2017-12379CriJan 26, 2018
    risk 0.65cvss 9.8epss 0.13

    ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is due to improper input…

  • CVE-2017-16844CriNov 16, 2017
    risk 0.65cvss 9.8epss 0.13

    Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted e-mail message because of a hardcoded realloc size, a different…

  • CVE-2017-5789CriOct 11, 2017
    risk 0.65cvss 9.8epss 0.18

    HPE LoadRunner before 12.53 Patch 4 and HPE Performance Center before 12.53 Patch 4 allow remote attackers to execute arbitrary code via unspecified vectors. At least in LoadRunner, this is a libxdrutil.dll mxdr_string heap-based buffer overflow.

  • CVE-2014-7859CriAug 25, 2017
    risk 0.65cvss 9.8epss 0.21

    Stack-based buffer overflow in login_mgr.cgi in D-Link firmware DNR-320L and DNS-320LW before 1.04b08, DNR-322L before 2.10 build 03, DNR-326 before 2.10 build 03, and DNS-327L before 1.04b01 allows remote attackers to execute arbitrary code by crafting malformed "Host" and…

  • CVE-2017-0028CriJul 17, 2017
    risk 0.65cvss 9.8epss 0.19

    A remote code execution vulnerability exists when Microsoft scripting engine improperly accesses objects in memory. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully…

  • CVE-2017-10921CriJul 5, 2017
    risk 0.65cvss 10.0epss 0.03

    The grant-table feature in Xen through 4.8.x does not ensure sufficient type counts for a GNTMAP_device_map and GNTMAP_host_map mapping, which allows guest OS users to cause a denial of service (count mismanagement and memory corruption) or obtain privileged host OS access, aka…

  • CVE-2017-10920CriJul 5, 2017
    risk 0.65cvss 10.0epss 0.03

    The grant-table feature in Xen through 4.8.x mishandles a GNTMAP_device_map and GNTMAP_host_map mapping, when followed by only a GNTMAP_host_map unmapping, which allows guest OS users to cause a denial of service (count mismanagement and memory corruption) or obtain privileged…

  • CVE-2017-3088CriJun 20, 2017
    risk 0.65cvss 10.0epss 0.06

    Adobe Digital Editions versions 4.5.4 and earlier have an exploitable memory corruption vulnerability in the PDF runtime engine. Successful exploitation could lead to arbitrary code execution.

  • CVE-2017-3082CriJun 20, 2017
    risk 0.65cvss 9.8epss 0.12

    Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the LocaleID class. Successful exploitation could lead to arbitrary code execution.

  • CVE-2017-7895CriApr 28, 2017
    risk 0.65cvss 9.8epss 0.11

    The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certain checks for the end of a buffer, which allows remote attackers to trigger pointer-arithmetic errors or possibly have unspecified other impact via crafted requests, related to…

  • CVE-2016-6808CriApr 12, 2017
    risk 0.65cvss 9.8epss 0.19

    Buffer overflow in Apache Tomcat Connectors (mod_jk) before 1.2.42.

  • CVE-2017-0089HigMar 17, 2017
    risk 0.65cvss 8.8epss 0.57

    Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code Execution Vulnerability." This vulnerability is different from those described in…

  • CVE-2017-2785CriMar 10, 2017
    risk 0.65cvss 10.0epss 0.05

    An exploitable buffer overflow exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. A specially crafted packet can be sent to the victim's computer and can lead to a heap based buffer overflow resulting in remote code execution. This client is…

  • CVE-2016-8352CriFeb 13, 2017
    risk 0.65cvss 10.0epss 0.04

    An issue was discovered in Schneider Electric ConneXium firewalls TCSEFEC23F3F20 all versions, TCSEFEC23F3F21 all versions, TCSEFEC23FCF20 all versions, TCSEFEC23FCF21 all versions, and TCSEFEC2CF3F20 all versions. A stack-based buffer overflow can be triggered during the SNMP…

  • CVE-2016-5681CriAug 25, 2016
    risk 0.65cvss 9.8epss 0.12

    Stack-based buffer overflow in dws/api/Login on D-Link DIR-850L B1 2.07 before 2.07WWB05, DIR-817 Ax, DIR-818LW Bx before 2.05b03beta03, DIR-822 C1 3.01 before 3.01WWb02, DIR-823 A1 1.00 before 1.00WWb05, DIR-895L A1 1.11 before 1.11WWb04, DIR-890L A1 1.09 before 1.09b14,…