CWE-119— Buffer Operations Within Bounds (Buffer Overflow)
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.— MITRE CWE catalog
10,830 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-119page 110 of 217
- CVE-2016-10433HIGHCVSS 8.1EG 8.12018-04-18
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9635M, MDM9640, MDM9645, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, S…
- CVE-2016-10436CRITICALCVSS 9.8EG 9.82018-04-18
In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Mobile, and Snapdragon Wear FSM9055, IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, QCA4531, QCA9980, SD 210/SD …
- CVE-2016-10441CRITICALCVSS 9.8EG 9.82018-04-18
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD…
- CVE-2016-10448CRITICALCVSS 9.8EG 9.82018-04-18
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410…
- CVE-2016-10450CRITICALCVSS 9.8EG 9.82018-04-18
In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Mobile, and Snapdragon Wear FSM9055, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 42…
- CVE-2016-10458CRITICALCVSS 9.8EG 9.82018-04-18
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835…
- CVE-2016-10460CRITICALCVSS 9.8EG 9.82018-04-18
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 835, SD 845, and SD 850, vendor specific opcodes may not have any packet length validation leading to buffer over-reads.
- CVE-2016-10461CRITICALCVSS 9.8EG 9.82018-04-18
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9650, SD 650/52, SD 808, SD 810, SD 820, and SDX20, lack of proper bounds checking may lead to a buffer overread.
- CVE-2016-10473CRITICALCVSS 9.8EG 9.82018-04-18
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, …
- CVE-2016-10474CRITICALCVSS 9.8EG 9.82018-04-18
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, S…
- CVE-2016-10476CRITICALCVSS 9.8EG 9.82018-04-18
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, …
- CVE-2016-10477CRITICALCVSS 9.8EG 9.82018-04-18
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, SD 400, SD 430, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, and SD 820, while processing smart card r…
- CVE-2016-10484CRITICALCVSS 9.8EG 9.82018-04-18
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 21…
- CVE-2016-10485CRITICALCVSS 9.8EG 9.82018-04-18
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410…
- CVE-2016-10486CRITICALCVSS 9.8EG 9.82018-04-18
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9640, MDM9645, SD 210/SD 212/SD 205, SD 450, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, and SD 820A, PD failure…
- CVE-2016-10493CRITICALCVSS 9.8EG 9.82018-04-18
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 425, …
- CVE-2016-10497HIGHCVSS 7.5EG 7.52018-04-18
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410…
- CVE-2016-10518HIGHCVSS 7.5EG 7.52018-05-31
A vulnerability was found in the ping functionality of the ws module before 1.0.0 which allowed clients to allocate memory by sending a ping frame. The ping functionality by default responds with a pong frame and the previously given paylo…
- CVE-2016-10523HIGHCVSS 7.5EG 7.52018-05-31
MQTT before 3.4.6 and 4.0.x before 4.0.5 allows specifically crafted MQTT packets to crash the application, making a DoS attack feasible with very little bandwidth.
- CVE-2016-10713MEDIUMCVSS 5.5EG 5.52018-02-13
An issue was discovered in GNU patch before 2.7.6. Out-of-bounds access within pch_write_line() in pch.c can possibly lead to DoS via a crafted input file.
- CVE-2016-10721CRITICALCVSS 9.8EG 9.82018-05-02
partclone.restore in Partclone 0.2.87 is prone to a heap-based buffer overflow vulnerability due to insufficient validation of the partclone image header. An attacker may be able to execute arbitrary code in the context of the user running…
- CVE-2016-10722CRITICALCVSS 9.8EG 9.82018-05-02
partclone.fat in Partclone before 0.2.88 is prone to a heap-based buffer overflow vulnerability due to insufficient validation of the FAT superblock, related to the mark_reserved_sectors function. An attacker may be able to execute arbitra…
- CVE-2016-10764CRITICALCVSS 9.8EG 9.82019-07-27
In the Linux kernel before 4.9.6, there is an off by one in the drivers/mtd/spi-nor/cadence-quadspi.c cqspi_setup_flash() function. There are CQSPI_MAX_CHIPSELECT elements in the ->f_pdata array so the ">" should be ">=" instead.
- CVE-2016-11035MEDIUMCVSS 5.5EG 5.52020-04-07
An issue was discovered on Samsung mobile devices with software through 2016-05-27 (Exynos AP chipsets). A local graphics user can cause a Kernel Crash via the fb0(DECON) frame buffer interface. The Samsung ID is SVE-2016-7011 (October 201…
- CVE-2016-11038CRITICALCVSS 9.8EG 9.82020-04-07
An issue was discovered on Samsung mobile devices with software through 2016-04-05 (incorporating the Samsung Professional Audio SDK). The Jack audio service doesn't implement access control for shared memory, leading to arbitrary code exe…
- CVE-2016-11045HIGHCVSS 7.8EG 7.82020-04-07
An issue was discovered on Samsung mobile devices with L(5.0/5.1) software. The Gallery library allow memory corruption via a malformed image. The Samsung ID is SVE-2016-5317 (May 2016).
- CVE-2016-1646HIGHCVSS 8.8EG 9.0⚠ KEV2016-03-29
The Array.prototype.concat implementation in builtins.cc in Google V8, as used in Google Chrome before 49.0.2623.108, does not properly consider element data types, which allows remote attackers to cause a denial of service (out-of-bounds …
- CVE-2016-2123HIGHCVSS 8.8EG 8.82018-11-01
A flaw was found in samba versions 4.0.0 to 4.5.2. The Samba routine ndr_pull_dnsp_name contains an integer wrap problem, leading to an attacker-controlled memory overwrite. ndr_pull_dnsp_name parses data from the Samba Active Directory ld…
- CVE-2016-2540MEDIUMCVSS 5.5EG 5.52018-02-07
Audacity before 2.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted FORMATCHUNK structure.
- CVE-2016-2541MEDIUMCVSS 5.5EG 5.52018-02-07
Audacity before 2.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted MP2 file.
- CVE-2016-3182MEDIUMCVSS 5.5EG 5.52020-02-20
The color_esycc_to_rgb function in bin/common/color.c in OpenJPEG before 2.1.1 allows attackers to cause a denial of service (memory corruption) via a crafted jpeg 2000 file.
- CVE-2016-4402CRITICALCVSS 9.8EG 9.82018-08-06
A security vulnerability was identified in the Filter SDK component of HP KeyView earlier than v11.2. The vulnerability could be exploited remotely to allow code execution via buffer overflow.
- CVE-2016-4403CRITICALCVSS 9.8EG 9.82018-08-06
A security vulnerability was identified in the Filter SDK component of HP KeyView earlier than v11.2. The vulnerability could be exploited remotely to allow code execution via memory corruption.
- CVE-2016-4404CRITICALCVSS 9.8EG 9.82018-08-06
A security vulnerability was identified in the Filter SDK component of HP KeyView earlier than v11.2. The vulnerability could be exploited remotely to allow code execution via a memory allocation issue.
- CVE-2016-4523HIGHCVSS 7.5EG 9.0⚠ KEV2016-06-09
The WAP interface in Trihedral VTScada (formerly VTS) 8.x through 11.x before 11.2.02 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via unspecified vectors.
- CVE-2016-4657HIGHCVSS 8.8EG 9.0⚠ KEV2016-08-25
WebKit in Apple iOS before 9.3.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
- CVE-2016-5179CRITICALCVSS 9.8EG 9.82018-03-07
Chrome OS before 53.0.2785.144 allows remote attackers to execute arbitrary commands at boot.
- CVE-2016-5289CRITICALCVSS 9.8EG 9.82018-06-11
Memory safety bugs were reported in Firefox 49. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox …
- CVE-2016-5290CRITICALCVSS 9.8EG 9.82018-06-11
Memory safety bugs were reported in Firefox 49 and Firefox ESR 45.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerabi…
- CVE-2016-5296HIGHCVSS 7.5EG 7.52018-06-11
A heap-buffer-overflow in Cairo when processing SVG content caused by compiler optimization, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.
- CVE-2016-5345HIGHCVSS 7.0EG 7.02018-01-23
Buffer overflow in the Qualcomm radio driver in Android before 2017-01-05 on Android One devices allows local users to gain privileges via a crafted application, aka Android internal bug 32639452 and Qualcomm internal bug CR1079713.
- CVE-2016-5800HIGHCVSS 7.5EG 7.52019-03-21
A malicious attacker can trigger a remote buffer overflow in the Communication Server in Fatek Automation PM Designer V3 Version 2.1.2.2, and Automation FV Designer Version 1.2.8.0.
- CVE-2016-6169HIGHCVSS 7.8EG 7.82018-02-07
Heap-based buffer overflow in Foxit Reader and PhantomPDF 7.3.4.311 and earlier on Windows allows remote attackers to cause a denial of service (memory corruption and application crash) or potentially execute arbitrary code via the Bezier …
- CVE-2016-6366HIGHCVSS 8.8EG 9.0⚠ KEV2016-08-18
Buffer overflow in Cisco Adaptive Security Appliance (ASA) Software through 9.4.2.3 on ASA 5500, ASA 5500-X, ASA Services Module, ASA 1000V, ASAv, Firepower 9300 ASA Security Module, PIX, and FWSM devices allows remote authenticated users …
- CVE-2016-6559CRITICALCVSS 9.8EG 9.82018-07-13
Improper bounds checking of the obuf variable in the link_ntoa() function in linkaddr.c of the BSD libc library may allow an attacker to read or write from memory. The full impact and severity depends on the method of exploit and how the l…
- CVE-2016-6563CRITICALCVSS 9.8EG 9.82018-07-13
Processing malformed SOAP messages when performing the HNAP Login action causes a buffer overflow in the stack in some D-Link DIR routers. The vulnerable XML fields within the SOAP body are: Action, Username, LoginPassword, and Captcha. Th…
- CVE-2016-7193HIGHCVSS 7.8EG 9.0⚠ KEV2016-10-14
Microsoft Word 2007 SP2, Office 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automation…
- CVE-2016-7576HIGHCVSS 7.8EG 7.82019-01-11
In iOS before 9.3.3, a memory corruption issue existed in the kernel. This issue was addressed through improved memory handling.
- CVE-2016-8382HIGHCVSS 8.3EG 8.82018-04-24
An exploitable heap corruption vulnerability exists in the Doc_SetSummary functionality of AntennaHouse DMC HTMLFilter. A specially crafted doc file can cause a heap corruption resulting in arbitrary code execution. An attacker can send a …
- CVE-2016-8383HIGHCVSS 8.8EG 8.82018-04-24
An exploitable heap corruption vulnerability exists in the Doc_GetFontTable functionality of AntennaHouse DMC HTMLFilter. A specially crafted doc file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/…
Map vulnerabilities like CWE-119 to your infrastructure
EchelonGraph correlates every CVE — across CWE-119 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →