CWE-119— Buffer Operations Within Bounds (Buffer Overflow)
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.— MITRE CWE catalog
10,830 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-119page 107 of 217
- CVE-2014-9993CRITICALCVSS 9.8EG 9.82018-04-18
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 615/16/…
- CVE-2014-9994CRITICALCVSS 9.8EG 9.82018-04-18
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400 and SD 800, lack of validation of input could cause a integer overflow that could subsequently lead to a buffer overflow.
- CVE-2014-9995CRITICALCVSS 9.8EG 9.82018-04-18
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400 and SD 800, in drmprov_cmd_verify_key(), the variable feature_name_length is not validated. There is a check for feature_name_len + filePathL…
- CVE-2014-9996CRITICALCVSS 9.8EG 9.82018-04-18
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400 and SD 800, while verifying provisioning, a buffer overflow can occur.
- CVE-2014-9997CRITICALCVSS 9.8EG 9.82018-04-18
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9625, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 450, SD 625,…
- CVE-2014-9998CRITICALCVSS 9.8EG 9.82018-04-18
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, QCA4531, QCA6174A, QCA6574AU, QCA6584, Q…
- CVE-2015-0014NONECVSS 0.0EG 0.02015-01-13
Buffer overflow in the Telnet service in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execut…
- CVE-2015-0074NONECVSS 0.0EG 0.02015-03-11
Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly allocate m…
- CVE-2015-0100NONECVSS 0.0EG 0.02015-03-11
Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
- CVE-2015-0206NONECVSS 0.0EG 0.02015-01-09
Memory leak in the dtls1_buffer_record function in d1_pkt.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate records for the next epo…
- CVE-2015-0247NONECVSS 0.0EG 0.02015-02-17
Heap-based buffer overflow in openfs.c in the libext2fs library in e2fsprogs before 1.42.12 allows local users to execute arbitrary code via crafted block group descriptor data in a filesystem image.
- CVE-2015-0292NONECVSS 0.0EG 0.02015-03-19
Integer underflow in the EVP_DecodeUpdate function in crypto/evp/encode.c in the base64-decoding implementation in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service (m…
- CVE-2015-0304NONECVSS 0.0EG 0.02015-01-13
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Andro…
- CVE-2015-0307NONECVSS 0.0EG 0.02015-01-13
Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.…
- CVE-2015-0309NONECVSS 0.0EG 0.02015-01-13
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Andro…
- CVE-2015-0323NONECVSS 0.0EG 0.02015-02-06
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different…
- CVE-2015-0324NONECVSS 0.0EG 0.02015-02-06
Buffer overflow in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via unspecified vectors.
- CVE-2015-0327NONECVSS 0.0EG 0.02015-02-06
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different…
- CVE-2015-0555NONECVSS 0.0EG 0.02015-02-24
Buffer overflow in the XnsSdkDeviceIpInstaller.ocx ActiveX control in Samsung iPOLiS Device Manager 1.12.2 allows remote attackers to execute arbitrary code via a long string in the first argument to the (1) ReadConfigValue or (2) WriteCon…
- CVE-2015-0564NONECVSS 0.0EG 0.02015-01-10
Buffer underflow in the ssl_decrypt_record function in epan/dissectors/packet-ssl-utils.c in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allows remote attackers to cause a denial of service (application crash) via a crafted pa…
- CVE-2015-0565CRITICALCVSS 10.0EG 10.02020-02-25
NaCl in 2015 allowed the CLFLUSH instruction, making rowhammer attacks possible.
- CVE-2015-0811NONECVSS 0.0EG 0.02015-04-01
The QCMS implementation in Mozilla Firefox before 37.0 allows remote attackers to obtain sensitive information from process heap memory or cause a denial of service (out-of-bounds read) via an image that is improperly handled during transf…
- CVE-2015-0824NONECVSS 0.0EG 0.02015-02-25
The mozilla::layers::BufferTextureClient::AllocateForSurface function in Mozilla Firefox before 36.0 allows remote attackers to cause a denial of service (out-of-bounds write of zero values, and application crash) via vectors that trigger …
- CVE-2015-0825NONECVSS 0.0EG 0.02015-02-25
Stack-based buffer underflow in the mozilla::MP3FrameParser::ParseBuffer function in Mozilla Firefox before 36.0 allows remote attackers to obtain sensitive information from process memory via a malformed MP3 file that improperly interacts…
- CVE-2015-0826NONECVSS 0.0EG 0.02015-02-25
The nsTransformedTextRun::SetCapitalization function in Mozilla Firefox before 36.0 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read of heap memory) via a crafted Cascading Style Sheets (CS…
- CVE-2015-0827NONECVSS 0.0EG 0.02015-02-25
Heap-based buffer overflow in the mozilla::gfx::CopyRect function in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to obtain sensitive information from uninitialized process …
- CVE-2015-0829NONECVSS 0.0EG 0.02015-02-25
Buffer overflow in libstagefright in Mozilla Firefox before 36.0 allows remote attackers to execute arbitrary code via a crafted MP4 video that is improperly handled during playback.
- CVE-2015-0880NONECVSS 0.0EG 0.02015-02-20
Buffer overflow in CREAR AL-Mail32 before 1.13d allows remote attackers to execute arbitrary code via a long filename of an attachment.
- CVE-2015-0903NONECVSS 0.0EG 0.02015-04-03
Buffer overflow in Saitoh Kikaku Maruo Editor 8.51 and earlier allows remote attackers to execute arbitrary code via a crafted .hmbook file.
- CVE-2015-0973HIGHCVSS 8.8EG 8.82015-01-18
Buffer overflow in the png_read_IDAT_data function in pngrutil.c in libpng before 1.5.21 and 1.6.x before 1.6.16 allows context-dependent attackers to execute arbitrary code via IDAT data with a large width, a different vulnerability than …
- CVE-2015-0979NONECVSS 0.0EG 0.02015-03-14
Heap-based buffer overflow in the SOAP web interface in SCADA Engine BACnet OPC Server before 2.1.371.24 allows remote attackers to execute arbitrary code via a crafted packet.
- CVE-2015-1006CRITICALCVSS 9.8EG 9.82019-05-10
A vulnerable file in Opto 22 PAC Project Professional versions prior to R9.4006, PAC Project Basic versions prior to R9.4006, PAC Display Basic versions prior to R9.4f, PAC Display Professional versions prior to R9.4f, OptoOPCServer versio…
- CVE-2015-1007HIGHCVSS 7.8EG 7.82019-03-25
A specially crafted configuration file could be used to cause a stack-based buffer overflow condition in the OPCTest.exe, which may allow remote code execution on Opto 22 PAC Project Professional versions prior to R9.4008, PAC Project Basi…
- CVE-2015-1065NONECVSS 0.0EG 0.02015-03-12
Multiple buffer overflows in iCloud Keychain in Apple iOS before 8.2 and Apple OS X through 10.10.2 allow man-in-the-middle attackers to execute arbitrary code by modifying the client-server data stream during keychain recovery.
- CVE-2015-1213NONECVSS 0.0EG 0.02015-03-09
The SkBitmap::ReadRawPixels function in core/SkBitmap.cpp in the filters implementation in Skia, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact v…
- CVE-2015-1215NONECVSS 0.0EG 0.02015-03-09
The filters implementation in Skia, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation.
- CVE-2015-1225NONECVSS 0.0EG 0.02015-03-09
PDFium, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
- CVE-2015-1232NONECVSS 0.0EG 0.02015-03-09
Array index error in the MidiManagerUsb::DispatchSendMidiData function in media/midi/midi_manager_usb.cc in Google Chrome before 41.0.2272.76 allows remote attackers to cause a denial of service or possibly have unspecified other impact by…
- CVE-2015-1290HIGHCVSS 8.8EG 8.82018-01-09
The Google V8 engine, as used in Google Chrome before 44.0.2403.89 and QtWebEngineCore in Qt before 5.5.1, allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a crafted web site.
- CVE-2015-1315NONECVSS 0.0EG 0.02015-02-23
Buffer overflow in the charset_to_intern function in unix/unix.c in Info-Zip UnZip 6.10b allows remote attackers to execute arbitrary code via a crafted string, as demonstrated by converting a string from CP866 to UTF-8.
- CVE-2015-1345NONECVSS 0.0EG 0.02015-02-12
The bmexec_trans function in kwset.c in grep 2.19 through 2.21 allows local users to cause a denial of service (out-of-bounds heap read and crash) via crafted input when using the -F option.
- CVE-2015-1348NONECVSS 0.0EG 0.02015-02-03
Heap-based buffer overflow in Aruba Instant (IAP) with firmware before 4.0.0.7 and 4.1.x before 4.1.1.2 allows remote attackers to cause a denial of service (crash or reset to factory default) via a malformed frame to the wireless interfac…
- CVE-2015-1360NONECVSS 0.0EG 0.02015-01-27
Skia, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via crafted data that is improperly handled during text drawing, related …
- CVE-2015-1362NONECVSS 0.0EG 0.02015-01-27
Buffer overflow in the Customize 35mm tab in Two Pilots Exif Pilot 4.7.2 allows remote attackers to execute arbitrary code via a long string in the maker element in an XML file.
- CVE-2015-1449NONECVSS 0.0EG 0.02015-02-02
Buffer overflow in the integrated web server on Siemens Ruggedcom WIN51xx devices with firmware before SS4.4.4624.35, WIN52xx devices with firmware before SS4.4.4624.35, WIN70xx devices with firmware before BS4.4.4621.32, and WIN72xx devic…
- CVE-2015-1461NONECVSS 0.0EG 0.02015-02-03
ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted (1) Yoda's crypter or (2) mew packer file, related to a "heap out of bounds condition."
- CVE-2015-1462NONECVSS 0.0EG 0.02015-02-03
ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upx packer file, related to a "heap out of bounds condition."
- CVE-2015-1495NONECVSS 0.0EG 0.02015-02-16
Multiple stack-based buffer overflows in Motorola Scanner SDK allow remote attackers to execute arbitrary code via a crafted string to the Open method in (1) IOPOSScanner.ocx or (2) IOPOSScale.ocx.
- CVE-2015-1500NONECVSS 0.0EG 0.02015-02-16
Multiple stack-based buffer overflows in the TSUnicodeGraphEditorControl in SolarWinds Server and Application Monitor (SAM) allow remote attackers to execute arbitrary code via unspecified vectors to (1) graphManager.load or (2) factory.lo…
- CVE-2015-1548NONECVSS 0.0EG 0.02015-02-10
mini_httpd 1.21 and earlier allows remote attackers to obtain sensitive information from process memory via an HTTP request with a long protocol string, which triggers an incorrect response size calculation and an out-of-bounds read.
Map vulnerabilities like CWE-119 to your infrastructure
EchelonGraph correlates every CVE — across CWE-119 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →