VYPR

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

ClassStableLikelihood: High

Description

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9

CVEs mapped to this weakness (10,979)

page 98 of 549
  • CVE-2016-1970HigMar 13, 2016
    risk 0.57cvss 8.8epss 0.02

    Integer underflow in the srtp_unprotect function in the WebRTC implementation in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

  • CVE-2016-1969HigMar 13, 2016
    risk 0.57cvss 8.8epss 0.02

    The setAttr function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.6.1, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted Graphite smart font.

  • CVE-2016-1959HigMar 13, 2016
    risk 0.57cvss 8.8epss 0.03

    The ServiceWorkerManager class in Mozilla Firefox before 45.0 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via unspecified use of the Clients API.

  • CVE-2016-1953HigMar 13, 2016
    risk 0.57cvss 8.8epss 0.03

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 45.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to js/src/jit/arm/Assembler-arm.cpp, and…

  • CVE-2016-1952HigMar 13, 2016
    risk 0.57cvss 8.8epss 0.03

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

  • CVE-2016-1624HigFeb 14, 2016
    risk 0.57cvss 8.8epss 0.01

    Integer underflow in the ProcessCommandsInternal function in dec/decode.c in Brotli, as used in Google Chrome before 48.0.2564.109, allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via crafted data with brotli…

  • CVE-2016-2330HigFeb 12, 2016
    risk 0.57cvss 8.8epss 0.03

    libavcodec/gif.c in FFmpeg before 2.8.6 does not properly calculate a buffer size, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted .tga file, related to the gif_image_write_image,…

  • CVE-2016-2329HigFeb 12, 2016
    risk 0.57cvss 8.8epss 0.03

    libavcodec/tiff.c in FFmpeg before 2.8.6 does not properly validate RowsPerStrip values and YCbCr chrominance subsampling factors, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted TIFF…

  • CVE-2016-2328HigFeb 12, 2016
    risk 0.57cvss 8.8epss 0.03

    libswscale/swscale_unscaled.c in FFmpeg before 2.8.6 does not validate certain height values, which allows remote attackers to cause a denial of service (out-of-bounds array read access) or possibly have unspecified other impact via a crafted .cine file, related to the…

  • CVE-2016-2327HigFeb 12, 2016
    risk 0.57cvss 8.8epss 0.03

    libavcodec/pngenc.c in FFmpeg before 2.8.5 uses incorrect line sizes in certain row calculations, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted .avi file, related to the…

  • CVE-2016-1724HigFeb 1, 2016
    risk 0.57cvss 8.8epss 0.03

    WebKit, as used in Apple iOS before 9.2.1, Safari before 9.0.3, and tvOS before 9.1.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1727.

  • CVE-2016-1901CriJan 20, 2016
    risk 0.57cvss 9.8epss 0.04

    Integer overflow in the authenticate_post function in CGit before 0.12 allows remote attackers to have unspecified impact via a large value in the Content-Length HTTP header, which triggers a buffer overflow.

  • CVE-2025-2521HigJul 10, 2025
    risk 0.56cvss 8.6epss 0.00

    The Honeywell Experion PKS and OneWireless WDM contains a Memory Buffer vulnerability in the component Control Data Access (CDA). An attacker could potentially exploit this vulnerability, leading to an Overread Buffers, which could result in improper index validation against…

  • CVE-2018-0470HigOct 5, 2018
    risk 0.56cvss 8.6epss 0.04

    A vulnerability in the web framework of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a buffer overflow condition on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to the affected software…

  • CVE-2018-0252HigMay 2, 2018
    risk 0.56cvss 8.6epss 0.03

    A vulnerability in the IP Version 4 (IPv4) fragment reassembly function of Cisco 3500, 5500, and 8500 Series Wireless LAN Controller Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service…

  • CVE-2018-7284HigFeb 22, 2018
    risk 0.56cvss 7.5epss 0.58

    A Buffer Overflow issue was discovered in Asterisk through 13.19.1, 14.x through 14.7.5, and 15.x through 15.2.1, and Certified Asterisk through 13.18-cert2. When processing a SUBSCRIBE request, the res_pjsip_pubsub module stores the accepted formats present in the Accept…

  • CVE-2018-0132HigFeb 8, 2018
    risk 0.56cvss 8.6epss 0.02

    A vulnerability in the forwarding information base (FIB) code of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause inconsistency between the routing information base (RIB) and the FIB, resulting in a denial of service (DoS) condition. The…

  • CVE-2018-5359HigJan 23, 2018
    risk 0.56cvss 8.1epss 0.09

    The server in Flexense SysGauge 3.6.18 operating on port 9221 can be exploited remotely with the attacker gaining system-level access because of a Buffer Overflow.

  • CVE-2017-16995HigDec 27, 2017
    risk 0.56cvss 7.8epss 0.30

    The check_alu_op function in kernel/bpf/verifier.c in the Linux kernel through 4.4 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging incorrect sign extension.

  • CVE-2017-16717HigDec 20, 2017
    risk 0.56cvss 8.6epss 0.02

    A Heap-based Buffer Overflow issue was discovered in WECON LeviStudio HMI. The heap-based buffer overflow vulnerability has been identified, which may allow remote code execution.