CWE-119— Buffer Operations Within Bounds (Buffer Overflow)
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.— MITRE CWE catalog
10,831 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-119page 124 of 217
- CVE-2018-15120MEDIUMCVSS 6.5EG 6.52018-08-24
libpango in Pango 1.40.8 through 1.42.3, as used in hexchat and other products, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted text with invalid Unicode sequen…
- CVE-2018-15128CRITICALCVSS 9.8EG 9.82019-05-13
An issue was discovered in Polycom Group Series 6.1.6.1 and earlier, HDX 3.1.12 and earlier, and Pano 1.1.1 and earlier. A remote code execution vulnerability exists in the content sharing functionality because of a Buffer Overflow via cra…
- CVE-2018-1515HIGHCVSS 7.4EG 7.02018-05-25
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5 and 11.1, under specific or unusual conditions, could allow a local user to overflow a buffer which may result in a privilege escalation to the DB2 instance owner. IBM …
- CVE-2018-15172HIGHCVSS 7.5EG 7.52018-08-15
TP-Link WR840N devices have a buffer overflow via a long Authorization HTTP header.
- CVE-2018-15174HIGHCVSS 7.8EG 7.82018-08-08
XnView 2.45 allows remote attackers to cause a denial of service (Read Access Violation at the Instruction Pointer and application crash) or possibly have unspecified other impact via a crafted ICO file.
- CVE-2018-15175HIGHCVSS 7.8EG 7.82018-08-08
XnView 2.45 allows remote attackers to cause a denial of service (User Mode Write AV starting at Qt5Core!QVariant::~QVariant+0x0000000000000014 and application crash) or possibly have unspecified other impact via a crafted RLE file.
- CVE-2018-15176HIGHCVSS 7.8EG 7.82018-08-08
XnView 2.45 allows remote attackers to cause a denial of service (User Mode Write AV starting at MSVCR120!memcpy+0x0000000000000074 and application crash) or possibly have unspecified other impact via a crafted RLE file.
- CVE-2018-15188MEDIUMCVSS 6.5EG 6.52018-08-10
PHP Scripts Mall advanced-real-estate-script 4.0.9 allows remote attackers to cause a denial of service (page structure loss) via crafted JavaScript code in the Name field of a profile.
- CVE-2018-15191MEDIUMCVSS 6.5EG 6.52018-08-10
PHP Scripts Mall hotel-booking-script 2.0.4 allows remote attackers to cause a denial of service via crafted JavaScript code in the First Name, Last Name, or Address field.
- CVE-2018-15353CRITICALCVSS 9.8EG 9.82018-08-17
A Buffer Overflow exploited through web interface by remote attacker can cause remote code execution in Kraftway 24F2XG Router firmware 3.5.30.1118.
- CVE-2018-15354HIGHCVSS 7.5EG 7.52018-08-17
A Buffer Overflow exploited through web interface by remote attacker can cause denial of service in Kraftway 24F2XG Router firmware 3.5.30.1118.
- CVE-2018-1544HIGHCVSS 8.4EG 7.82018-05-25
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local user to overflow a buffer which may result in a privilege escalation to the DB2 instance owner. IBM X-Force ID: 142648.
- CVE-2018-15497CRITICALCVSS 9.8EG 9.82018-10-23
The Mitel MiVoice 5330e VoIP device is affected by memory corruption flaws in the SIP/SDP packet handling functionality. An attacker can exploit this issue remotely, by sending a particular pattern of SIP/SDP packets, to cause a denial of …
- CVE-2018-15519CRITICALCVSS 9.8EG 9.82019-06-28
Various Lexmark devices have a Buffer Overflow (issue 1 of 2).
- CVE-2018-15520CRITICALCVSS 9.8EG 9.82019-06-28
Various Lexmark devices have a Buffer Overflow (issue 2 of 2).
- CVE-2018-1565HIGHCVSS 8.4EG 7.82018-05-25
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local user to overflow a buffer which may result in a privilege escalation to the DB2 instance owner. IBM X-Force ID: 143022.
- CVE-2018-15813MEDIUMCVSS 5.5EG 5.52019-03-26
FastStone Image Viewer 6.5 has a User Mode Write AV starting at image00400000+0x00000000000e1237 via a crafted image file.
- CVE-2018-15814MEDIUMCVSS 5.5EG 5.52019-03-26
FastStone Image Viewer 6.5 has a User Mode Write AV starting at image00400000+0x00000000001cb509 via a crafted image file.
- CVE-2018-15816MEDIUMCVSS 5.5EG 5.52019-03-26
FastStone Image Viewer 6.5 has a Read Access Violation on Block Data Move starting at image00400000+0x0000000000002d7d via a crafted image file.
- CVE-2018-15817MEDIUMCVSS 5.5EG 5.52019-03-26
FastStone Image Viewer 6.5 has a Read Access Violation on Block Data Move starting at image00400000+0x0000000000002d63 via a crafted image file.
- CVE-2018-15839CRITICALCVSS 9.8EG 9.82018-08-28
D-Link DIR-615 devices have a buffer overflow via a long Authorization HTTP header.
- CVE-2018-15840HIGHCVSS 7.5EG 7.52019-03-29
TP-Link TL-WR840N devices allow remote attackers to cause a denial of service (networking outage) via fragmented packets, as demonstrated by an "nmap -f" command.
- CVE-2018-15870MEDIUMCVSS 6.5EG 6.52018-08-25
An invalid memory address dereference was discovered in decompileGETVARIABLE in libming 0.4.8 before 2018-03-12. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.
- CVE-2018-15871MEDIUMCVSS 6.5EG 6.52018-08-25
An invalid memory address dereference was discovered in decompileSingleArgBuiltInFunctionCall in libming 0.4.8 before 2018-03-12. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.
- CVE-2018-15897MEDIUMCVSS 6.5EG 6.52018-08-28
PHP Scripts Mall Website Seller Script 2.0.5 allows remote attackers to cause a denial of service via crafted JavaScript code in the First Name, Last Name, Company Name, or Fax field, as demonstrated by crossPwn.
- CVE-2018-15951HIGHCVSS 7.8EG 7.82018-10-12
Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have a buffer errors vulnerability. Successful exploitation could lead to arbitrary code execution.
- CVE-2018-15987HIGHCVSS 7.8EG 7.82019-01-18
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 an…
- CVE-2018-15998HIGHCVSS 7.8EG 7.82019-01-18
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 an…
- CVE-2018-16091HIGHCVSS 8.1EG 8.12018-11-27
In System Management Module (SMM) versions prior to 1.06, the SMM certificate creation and parsing logic is vulnerable to several buffer overflows.
- CVE-2018-16094HIGHCVSS 8.1EG 8.12018-11-27
In System Management Module (SMM) versions prior to 1.06, an internal SMM function that retrieves configuration settings is prone to a buffer overflow.
- CVE-2018-16302HIGHCVSS 7.8EG 7.82018-09-01
MediaComm Zip-n-Go before 4.95 has a Buffer Overflow via a crafted file.
- CVE-2018-16333HIGHCVSS 7.5EG 7.52018-09-02
An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router's web server. While…
- CVE-2018-16391MEDIUMCVSS 6.8EG 6.82018-09-03
Several buffer overflows when handling responses from a Muscle Card in muscle_list_files in libopensc/card-muscle.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (appl…
- CVE-2018-16392MEDIUMCVSS 6.8EG 6.82018-09-03
Several buffer overflows when handling responses from a TCOS Card in tcos_select_file in libopensc/card-tcos.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (applicati…
- CVE-2018-16393MEDIUMCVSS 6.8EG 6.82018-09-03
Several buffer overflows when handling responses from a Gemsafe V1 Smartcard in gemsafe_get_cert_len in libopensc/pkcs15-gemsafeV1.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial…
- CVE-2018-16418MEDIUMCVSS 6.6EG 6.62018-09-04
A buffer overflow when handling string concatenation in util_acl_to_str in tools/util.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly h…
- CVE-2018-16419MEDIUMCVSS 6.6EG 6.62018-09-04
Several buffer overflows when handling responses from a Cryptoflex card in read_public_key in tools/cryptoflex-tool.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (ap…
- CVE-2018-16420MEDIUMCVSS 6.6EG 6.62018-09-04
Several buffer overflows when handling responses from an ePass 2003 Card in decrypt_response in libopensc/card-epass2003.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of servic…
- CVE-2018-16421MEDIUMCVSS 6.6EG 6.62018-09-04
Several buffer overflows when handling responses from a CAC Card in cac_get_serial_nr_from_CUID in libopensc/card-cac.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (…
- CVE-2018-16422MEDIUMCVSS 6.6EG 6.62018-09-04
A single byte buffer overflow when handling responses from an esteid Card in sc_pkcs15emu_esteid_init in libopensc/pkcs15-esteid.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial o…
- CVE-2018-16510HIGHCVSS 7.8EG 7.82018-09-05
An issue was discovered in Artifex Ghostscript before 9.24. Incorrect exec stack handling in the "CS" and "SC" PDF primitives could be used by remote attackers able to supply crafted PDFs to crash the interpreter or possibly have unspecifi…
- CVE-2018-16585HIGHCVSS 7.8EG 7.82018-09-06
An issue was discovered in Artifex Ghostscript before 9.24. The .setdistillerkeys PostScript command is accepted even though it is not intended for use during document processing (e.g., after the startup phase). This leads to memory corrup…
- CVE-2018-16595MEDIUMCVSS 6.5EG 6.52019-06-19
The Photo Sharing Plus component on Sony Bravia TV through 8.587 devices has a Buffer Overflow.
- CVE-2018-16644MEDIUMCVSS 6.5EG 6.52018-09-06
There is a missing check for length in the functions ReadDCMImage of coders/dcm.c and ReadPICTImage of coders/pict.c in ImageMagick 7.0.8-11, which allows remote attackers to cause a denial of service via a crafted image.
- CVE-2018-16647MEDIUMCVSS 5.5EG 5.52018-09-06
In Artifex MuPDF 1.13.0, the pdf_get_xref_entry function in pdf/pdf-xref.c allows remote attackers to cause a denial of service (segmentation fault in fz_write_data in fitz/output.c) via a crafted pdf file.
- CVE-2018-16664HIGHCVSS 7.0EG 7.02018-09-07
An issue was discovered in Contiki-NG through 4.1. There is a buffer overflow in lvm_set_type in os/storage/antelope/lvm.c while parsing AQL (lvm_set_op, lvm_set_relation, lvm_set_operand).
- CVE-2018-16665MEDIUMCVSS 6.1EG 6.12018-09-07
An issue was discovered in Contiki-NG through 4.1. There is a buffer overflow while parsing AQL in lvm_shift_for_operator in os/storage/antelope/lvm.c.
- CVE-2018-16711HIGHCVSS 8.8EG 8.82018-09-26
IObit Advanced SystemCare, which includes Monitor_win10_x64.sys or Monitor_win7_x64.sys, 1.2.0.5 (and possibly earlier versions) allows a user to send an IOCTL (0x9C402088) with a buffer containing user defined content. The driver's subrou…
- CVE-2018-16713MEDIUMCVSS 6.5EG 6.52018-09-26
IObit Advanced SystemCare, which includes Monitor_win10_x64.sys or Monitor_win7_x64.sys, 1.2.0.5 (and possibly earlier versions) allows a user to send an IOCTL (0x9C402084) with a buffer containing user defined content. The driver's subrou…
- CVE-2018-16745HIGHCVSS 7.8EG 7.82018-09-13
An issue was discovered in mgetty before 1.2.1. In fax_notify_mail() in faxrec.c, the mail_to parameter is not sanitized. It could allow a buffer overflow if long untrusted input can reach it.
Map vulnerabilities like CWE-119 to your infrastructure
EchelonGraph correlates every CVE — across CWE-119 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →