CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Description
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9
CVEs mapped to this weakness (10,979)
page 98 of 549| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-1970 | Hig | 0.57 | 8.8 | 0.02 | Mar 13, 2016 | Integer underflow in the srtp_unprotect function in the WebRTC implementation in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. | ||
| CVE-2016-1969 | Hig | 0.57 | 8.8 | 0.02 | Mar 13, 2016 | The setAttr function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.6.1, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted Graphite smart font. | ||
| CVE-2016-1959 | Hig | 0.57 | 8.8 | 0.03 | Mar 13, 2016 | The ServiceWorkerManager class in Mozilla Firefox before 45.0 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via unspecified use of the Clients API. | ||
| CVE-2016-1953 | Hig | 0.57 | 8.8 | 0.03 | Mar 13, 2016 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 45.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to js/src/jit/arm/Assembler-arm.cpp, and… | ||
| CVE-2016-1952 | Hig | 0.57 | 8.8 | 0.03 | Mar 13, 2016 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
| CVE-2016-1624 | Hig | 0.57 | 8.8 | 0.01 | Feb 14, 2016 | Integer underflow in the ProcessCommandsInternal function in dec/decode.c in Brotli, as used in Google Chrome before 48.0.2564.109, allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via crafted data with brotli… | ||
| CVE-2016-2330 | Hig | 0.57 | 8.8 | 0.03 | Feb 12, 2016 | libavcodec/gif.c in FFmpeg before 2.8.6 does not properly calculate a buffer size, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted .tga file, related to the gif_image_write_image,… | ||
| CVE-2016-2329 | Hig | 0.57 | 8.8 | 0.03 | Feb 12, 2016 | libavcodec/tiff.c in FFmpeg before 2.8.6 does not properly validate RowsPerStrip values and YCbCr chrominance subsampling factors, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted TIFF… | ||
| CVE-2016-2328 | Hig | 0.57 | 8.8 | 0.03 | Feb 12, 2016 | libswscale/swscale_unscaled.c in FFmpeg before 2.8.6 does not validate certain height values, which allows remote attackers to cause a denial of service (out-of-bounds array read access) or possibly have unspecified other impact via a crafted .cine file, related to the… | ||
| CVE-2016-2327 | Hig | 0.57 | 8.8 | 0.03 | Feb 12, 2016 | libavcodec/pngenc.c in FFmpeg before 2.8.5 uses incorrect line sizes in certain row calculations, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted .avi file, related to the… | ||
| CVE-2016-1724 | Hig | 0.57 | 8.8 | 0.03 | Feb 1, 2016 | WebKit, as used in Apple iOS before 9.2.1, Safari before 9.0.3, and tvOS before 9.1.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1727. | ||
| CVE-2016-1901 | Cri | 0.57 | 9.8 | 0.04 | Jan 20, 2016 | Integer overflow in the authenticate_post function in CGit before 0.12 allows remote attackers to have unspecified impact via a large value in the Content-Length HTTP header, which triggers a buffer overflow. | ||
| CVE-2025-2521 | Hig | 0.56 | 8.6 | 0.00 | Jul 10, 2025 | The Honeywell Experion PKS and OneWireless WDM contains a Memory Buffer vulnerability in the component Control Data Access (CDA). An attacker could potentially exploit this vulnerability, leading to an Overread Buffers, which could result in improper index validation against… | ||
| CVE-2018-0470 | Hig | 0.56 | 8.6 | 0.04 | Oct 5, 2018 | A vulnerability in the web framework of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a buffer overflow condition on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to the affected software… | ||
| CVE-2018-0252 | Hig | 0.56 | 8.6 | 0.03 | May 2, 2018 | A vulnerability in the IP Version 4 (IPv4) fragment reassembly function of Cisco 3500, 5500, and 8500 Series Wireless LAN Controller Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service… | ||
| CVE-2018-7284 | Hig | 0.56 | 7.5 | 0.58 | Feb 22, 2018 | A Buffer Overflow issue was discovered in Asterisk through 13.19.1, 14.x through 14.7.5, and 15.x through 15.2.1, and Certified Asterisk through 13.18-cert2. When processing a SUBSCRIBE request, the res_pjsip_pubsub module stores the accepted formats present in the Accept… | ||
| CVE-2018-0132 | Hig | 0.56 | 8.6 | 0.02 | Feb 8, 2018 | A vulnerability in the forwarding information base (FIB) code of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause inconsistency between the routing information base (RIB) and the FIB, resulting in a denial of service (DoS) condition. The… | ||
| CVE-2018-5359 | Hig | 0.56 | 8.1 | 0.09 | Jan 23, 2018 | The server in Flexense SysGauge 3.6.18 operating on port 9221 can be exploited remotely with the attacker gaining system-level access because of a Buffer Overflow. | ||
| CVE-2017-16995 | Hig | 0.56 | 7.8 | 0.30 | Dec 27, 2017 | The check_alu_op function in kernel/bpf/verifier.c in the Linux kernel through 4.4 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging incorrect sign extension. | ||
| CVE-2017-16717 | Hig | 0.56 | 8.6 | 0.02 | Dec 20, 2017 | A Heap-based Buffer Overflow issue was discovered in WECON LeviStudio HMI. The heap-based buffer overflow vulnerability has been identified, which may allow remote code execution. |
- risk 0.57cvss 8.8epss 0.02
Integer underflow in the srtp_unprotect function in the WebRTC implementation in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
- risk 0.57cvss 8.8epss 0.02
The setAttr function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.6.1, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted Graphite smart font.
- risk 0.57cvss 8.8epss 0.03
The ServiceWorkerManager class in Mozilla Firefox before 45.0 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via unspecified use of the Clients API.
- risk 0.57cvss 8.8epss 0.03
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 45.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to js/src/jit/arm/Assembler-arm.cpp, and…
- risk 0.57cvss 8.8epss 0.03
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
- risk 0.57cvss 8.8epss 0.01
Integer underflow in the ProcessCommandsInternal function in dec/decode.c in Brotli, as used in Google Chrome before 48.0.2564.109, allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via crafted data with brotli…
- risk 0.57cvss 8.8epss 0.03
libavcodec/gif.c in FFmpeg before 2.8.6 does not properly calculate a buffer size, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted .tga file, related to the gif_image_write_image,…
- risk 0.57cvss 8.8epss 0.03
libavcodec/tiff.c in FFmpeg before 2.8.6 does not properly validate RowsPerStrip values and YCbCr chrominance subsampling factors, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted TIFF…
- risk 0.57cvss 8.8epss 0.03
libswscale/swscale_unscaled.c in FFmpeg before 2.8.6 does not validate certain height values, which allows remote attackers to cause a denial of service (out-of-bounds array read access) or possibly have unspecified other impact via a crafted .cine file, related to the…
- risk 0.57cvss 8.8epss 0.03
libavcodec/pngenc.c in FFmpeg before 2.8.5 uses incorrect line sizes in certain row calculations, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted .avi file, related to the…
- risk 0.57cvss 8.8epss 0.03
WebKit, as used in Apple iOS before 9.2.1, Safari before 9.0.3, and tvOS before 9.1.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1727.
- risk 0.57cvss 9.8epss 0.04
Integer overflow in the authenticate_post function in CGit before 0.12 allows remote attackers to have unspecified impact via a large value in the Content-Length HTTP header, which triggers a buffer overflow.
- risk 0.56cvss 8.6epss 0.00
The Honeywell Experion PKS and OneWireless WDM contains a Memory Buffer vulnerability in the component Control Data Access (CDA). An attacker could potentially exploit this vulnerability, leading to an Overread Buffers, which could result in improper index validation against…
- risk 0.56cvss 8.6epss 0.04
A vulnerability in the web framework of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a buffer overflow condition on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to the affected software…
- risk 0.56cvss 8.6epss 0.03
A vulnerability in the IP Version 4 (IPv4) fragment reassembly function of Cisco 3500, 5500, and 8500 Series Wireless LAN Controller Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service…
- risk 0.56cvss 7.5epss 0.58
A Buffer Overflow issue was discovered in Asterisk through 13.19.1, 14.x through 14.7.5, and 15.x through 15.2.1, and Certified Asterisk through 13.18-cert2. When processing a SUBSCRIBE request, the res_pjsip_pubsub module stores the accepted formats present in the Accept…
- risk 0.56cvss 8.6epss 0.02
A vulnerability in the forwarding information base (FIB) code of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause inconsistency between the routing information base (RIB) and the FIB, resulting in a denial of service (DoS) condition. The…
- risk 0.56cvss 8.1epss 0.09
The server in Flexense SysGauge 3.6.18 operating on port 9221 can be exploited remotely with the attacker gaining system-level access because of a Buffer Overflow.
- risk 0.56cvss 7.8epss 0.30
The check_alu_op function in kernel/bpf/verifier.c in the Linux kernel through 4.4 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging incorrect sign extension.
- risk 0.56cvss 8.6epss 0.02
A Heap-based Buffer Overflow issue was discovered in WECON LeviStudio HMI. The heap-based buffer overflow vulnerability has been identified, which may allow remote code execution.