CWE-119— Buffer Operations Within Bounds (Buffer Overflow)
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.— MITRE CWE catalog
10,831 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-119page 123 of 217
- CVE-2018-13907MEDIUMCVSS 5.3EG 5.32019-06-14
While deserializing any key blob during key operations, buffer overflow could occur, exposing partial key information if any key operations are invoked in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer El…
- CVE-2018-13912MEDIUMCVSS 5.5EG 5.52019-02-25
Arbitrary write issue can occur when user provides kernel address in compat mode in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Weara…
- CVE-2018-13914HIGHCVSS 7.8EG 7.82019-02-25
Lack of input validation for data received from user space can lead to an out of bound array issue in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in version MDM9150, MDM9206,…
- CVE-2018-13918HIGHCVSS 7.8EG 7.82019-04-04
kernel could return a received message length higher than expected, which leads to buffer overflow in a subsequent operation and stops normal operation in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobi…
- CVE-2018-13997HIGHCVSS 7.5EG 7.52018-07-12
Genann through 2018-07-08 has a SEGV in genann_run in genann.c.
- CVE-2018-14015MEDIUMCVSS 5.5EG 5.52018-07-12
The sdb_set_internal function in sdb.c in radare2 2.7.0 allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted ELF file because of missing input validation in r_bin_dwarf_parse_comp_unit in …
- CVE-2018-14047MEDIUMCVSS 5.5EG 5.52018-07-13
An issue has been found in PNGwriter 0.7.0. It is a SEGV in pngwriter::readfromfile in pngwriter.cc. NOTE: there is a "Warning: PNGwriter was never designed for reading untrusted files with it. Do NOT use this in sensitive environments, es…
- CVE-2018-1427MEDIUMCVSS 6.2EG 5.52018-03-22
IBM GSKit (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1) contains several environment variables that a local attacker could overflow and cause a denial of service. IBM X-Force ID: 139072.
- CVE-2018-14290HIGHCVSS 8.8EG 8.82018-07-31
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open …
- CVE-2018-14320MEDIUMCVSS 6.5EG 6.52018-09-17
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of PoDoFo. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicio…
- CVE-2018-14338HIGHCVSS 8.1EG 8.12018-07-17
samples/geotag.cpp in the example code of Exiv2 0.26 misuses the realpath function on POSIX platforms (other than Apple platforms) where glibc is not used, possibly leading to a buffer overflow.
- CVE-2018-14362CRITICALCVSS 9.8EG 9.82018-07-17
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. pop.c does not forbid characters that may have unsafe interaction with message-cache pathnames, as demonstrated by a '/' character.
- CVE-2018-14443MEDIUMCVSS 6.5EG 6.52018-07-20
get_first_owned_object in dwg.c in GNU LibreDWG 0.5.1036 allows remote attackers to cause a denial of service (SEGV).
- CVE-2018-14521HIGHCVSS 8.8EG 8.82018-07-23
An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aubio_source_avcodec_readframe in io/source_avcodec.c, as demonstrated by aubiomfcc.
- CVE-2018-14522HIGHCVSS 8.8EG 8.82018-07-23
An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aubio_pitch_set_unit in pitch/pitch.c, as demonstrated by aubionotes.
- CVE-2018-14531CRITICALCVSS 9.8EG 9.82018-07-23
An issue was discovered in Bento4 1.5.1-624. There is an unspecified "heap-buffer-overflow" crash in the AP4_HvccAtom class in Core/Ap4HvccAtom.cpp.
- CVE-2018-14557HIGHCVSS 7.5EG 7.52019-04-25
An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through V15.03.05.19(6318)_CN(AC9), and AC10 devices with firmware through V15.03.06.23_CN(AC10). A buffer overflow vulnerab…
- CVE-2018-14559HIGHCVSS 7.5EG 7.52019-04-25
An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through V15.03.05.19(6318)_CN(AC9), and AC10 devices with firmware through V15.03.06.23_CN(AC10). A buffer overflow vulnerab…
- CVE-2018-14563CRITICALCVSS 9.8EG 9.82018-07-23
An issue was discovered in libthulac.so in THULAC through 2018-02-25. "operator delete" is used with "operator new[]" in the TaggingLearner class in include/cb_tagging_learner.h, possibly leading to memory corruption.
- CVE-2018-14564CRITICALCVSS 9.8EG 9.82018-07-23
An issue was discovered in libthulac.so in THULAC through 2018-02-25. A SEGV can occur in NGramFeature::find_bases in include/cb_ngram_feature.h.
- CVE-2018-14586HIGHCVSS 8.8EG 8.82018-07-24
An issue has been discovered in Bento4 1.5.1-624. A SEGV can occur in AP4_Mpeg2TsAudioSampleStream::WriteSample in Core/Ap4Mpeg2Ts.cpp, a different vulnerability than CVE-2018-14532.
- CVE-2018-14590HIGHCVSS 7.5EG 7.52018-07-24
An issue has been discovered in Bento4 1.5.1-624. A SEGV can occur in AP4_Processor::ProcessFragments in Core/Ap4Processor.cpp.
- CVE-2018-14615MEDIUMCVSS 5.5EG 5.52018-07-27
An issue was discovered in the Linux kernel through 4.17.10. There is a buffer overflow in truncate_inline_inode() in fs/f2fs/inline.c when umounting an f2fs image, because a length value may be negative.
- CVE-2018-14652MEDIUMCVSS 6.5EG 6.52018-10-31
The Gluster file system through versions 3.12 and 4.1.4 is vulnerable to a buffer overflow in the 'features/index' translator via the code handling the 'GF_XATTR_CLRLK_CMD' xattr in the 'pl_getxattr' function. A remote authenticated attack…
- CVE-2018-14712MEDIUMCVSS 6.5EG 6.52019-05-13
Buffer overflow in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to inject system commands via the "hook" URL parameter.
- CVE-2018-14738HIGHCVSS 7.5EG 7.52018-07-30
An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. A SEGV can occur in pbc_rmessage_message in rmessage.c.
- CVE-2018-14739HIGHCVSS 7.5EG 7.52018-07-30
An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. A SEGV can occur in pbc_pattern_set_default in pattern.c.
- CVE-2018-14740HIGHCVSS 7.5EG 7.52018-07-30
An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. A SEGV can occur in set_field_one in bootstrap.c while making a query.
- CVE-2018-14741HIGHCVSS 7.5EG 7.52018-07-30
An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. A SEGV can occur in pbc_pattern_pack in pattern.c.
- CVE-2018-14742HIGHCVSS 7.5EG 7.52018-07-30
An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. A SEGV can occur in set_field_one in bootstrap.c during a memcpy.
- CVE-2018-14743HIGHCVSS 7.5EG 7.52018-07-30
An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. A SEGV can occur in wiretype_decode in context.c.
- CVE-2018-14745HIGHCVSS 8.8EG 8.82019-03-21
Buffer overflow in prot_get_ring_space in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attacker (who has obtained code execution on the Wi-Fi chip) to overwrite kernel memory due to improper validat…
- CVE-2018-14749CRITICALCVSS 9.8EG 9.82018-11-28
Buffer Overflow vulnerability in QTS 4.3.5 build 20181013, QTS 4.3.4 build 20181008, QTS 4.3.3 build 20180829, QTS 4.2.6 build 20180829 and earlier versions could have unspecified impact on the NAS.
- CVE-2018-14779MEDIUMCVSS 6.8EG 6.82018-08-15
A buffer overflow issue was discovered in the Yubico-Piv 1.5.0 smartcard driver. The file lib/ykpiv.c contains the following code in the function `ykpiv_transfer_data()`: {% highlight c %} if(*out_len + recv_len - 2 > max_out) { fprintf(st…
- CVE-2018-14792MEDIUMCVSS 6.3EG 6.32018-09-19
WECON PLC Editor version 1.3.3U may allow an attacker to execute code under the current process when processing project files.
- CVE-2018-14793HIGHCVSS 8.8EG 8.82018-08-21
DeltaV Versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, and R5 is vulnerable to a buffer overflow exploit through an open communication port to allow arbitrary code execution.
- CVE-2018-14794CRITICALCVSS 9.8EG 9.82018-10-01
Fuji Electric Alpha5 Smart Loader Versions 3.7 and prior. The device does not perform a check on the length/size of a project file before copying the entire contents of the file to a heap-based buffer.
- CVE-2018-14799LOWCVSS 3.7EG 3.72018-08-22
In Philips PageWriter TC10, TC20, TC30, TC50, TC70 Cardiographs, all versions prior to May 2018, the PageWriter device does not sanitize data entered by user. This can lead to buffer overflow or format string vulnerabilities.
- CVE-2018-14802CRITICALCVSS 9.8EG 9.82018-10-01
Fuji Electric FRENIC LOADER v3.3 v7.3.4.1a of FRENIC-Mini (C1), FRENIC-Mini (C2), FRENIC-Eco, FRENIC-Multi, FRENIC-MEGA, FRENIC-Ace. The program does not properly check user-supplied comments which may allow for arbitrary remote code execu…
- CVE-2018-14821HIGHCVSS 7.5EG 7.52018-09-20
Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. This vulnerability may allow a remote, unauthenticated threat actor to intentionally send a malformed CIP packet to Port 44818, causing the RSLinx Classic application to termin…
- CVE-2018-14829CRITICALCVSS 9.8EG 9.82018-09-20
Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. This vulnerability may allow a remote threat actor to intentionally send a malformed CIP packet to Port 44818, causing the software application to stop responding and crash. Th…
- CVE-2018-14852MEDIUMCVSS 6.3EG 6.32018-12-17
Out-of-bounds array access in dhd_rx_frame in drivers/net/wireless/bcmdhd4358/dhd_linux.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attacker (who has obtained code execution on the Wi-Fi chip)…
- CVE-2018-14854MEDIUMCVSS 6.3EG 6.32018-12-17
Buffer overflow in dhd_bus_flow_ring_delete_response in drivers/net/wireless/bcmdhd4358/dhd_pcie.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allow an attacker (who has obtained code execution on the Wi-…
- CVE-2018-14855MEDIUMCVSS 6.3EG 6.32018-12-17
Buffer overflow in dhd_bus_flow_ring_flush_response in drivers/net/wireless/bcmdhd4358/dhd_pcie.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 allow an attacker (who has obtained code execution on the Wi-Fi chip) to cause the de…
- CVE-2018-14856MEDIUMCVSS 6.3EG 6.32018-12-17
Buffer overflow in dhd_bus_flow_ring_create_response in drivers/net/wireless/bcmdhd4358/dhd_pcie.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allow an attacker (who has obtained code execution on the Wi-…
- CVE-2018-1488HIGHCVSS 8.4EG 7.82018-05-25
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5 and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-Force ID: 140973.
- CVE-2018-14939CRITICALCVSS 9.8EG 9.82018-08-05
The get_app_path function in desktop/unx/source/start.c in LibreOffice through 6.0.5 mishandles the realpath function in certain environments such as FreeBSD libc, which might allow attackers to cause a denial of service (buffer overflow a…
- CVE-2018-14946HIGHCVSS 8.8EG 8.82018-08-05
An issue has been found in PDF2JSON 0.69. The HtmlString class in ImgOutputDev.cc has Mismatched Memory Management Routines (malloc versus operator delete).
- CVE-2018-14947HIGHCVSS 8.8EG 8.82018-08-05
An issue has been found in PDF2JSON 0.69. XmlFontAccu::CSStyle in XmlFonts.cc has Mismatched Memory Management Routines (operator new [] versus operator delete).
- CVE-2018-14948HIGHCVSS 7.8EG 7.82018-08-05
An issue has been found in dilawar sound through 2017-11-27. The end of openWavFile in wav-file.cc has Mismatched Memory Management Routines (operator new [] versus operator delete).
Map vulnerabilities like CWE-119 to your infrastructure
EchelonGraph correlates every CVE — across CWE-119 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →