CWE-119— Buffer Operations Within Bounds (Buffer Overflow)
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.— MITRE CWE catalog
10,831 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-119page 125 of 217
- CVE-2018-16765HIGHCVSS 8.8EG 8.82018-09-10
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because of an unspecified "heap-buffer-overflow" condition in Fu…
- CVE-2018-16767HIGHCVSS 8.8EG 8.82018-09-10
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because of an unspecified "heap-buffer-overflow" condition in Fu…
- CVE-2018-16768HIGHCVSS 8.8EG 8.82018-09-10
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because of an unspecified "heap-buffer-overflow" condition in IR…
- CVE-2018-16782HIGHCVSS 8.8EG 8.82018-09-10
libimageworsener.a in ImageWorsener 1.3.2 has a buffer overflow in the bmpr_read_rle_internal function in imagew-bmp.c.
- CVE-2018-16839MEDIUMCVSS 4.3EG 9.82018-10-31
Curl versions 7.33.0 through 7.61.1 are vulnerable to a buffer overrun in the SASL authentication code that may lead to denial of service.
- CVE-2018-17076HIGHCVSS 8.8EG 8.82018-09-16
GPP through 2.25 will try to use more memory space than is available on the stack, leading to a segmentation fault or possibly unspecified other impact via a crafted file.
- CVE-2018-1710HIGHCVSS 8.4EG 7.82018-09-21
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.1, 10.5, and 11.1 tool db2licm is affected by buffer overflow vulnerability that can potentially result in arbitrary code execution. IBM X-Force ID: 146364.
- CVE-2018-17106HIGHCVSS 7.5EG 7.52018-09-16
In Tinyftp Tinyftpd 1.1, a buffer overflow exists in the text variable of the do_mkd function in the ftpproto.c file. An attacker can overwrite ebp via a long pathname.
- CVE-2018-17143HIGHCVSS 7.5EG 7.52018-09-17
The html package (aka x/net/html) through 2018-09-17 in Go mishandles <template><tBody><isindex/action=0>, leading to a "panic: runtime error" in inBodyIM in parse.go during an html.Parse call.
- CVE-2018-17161CRITICALCVSS 9.8EG 9.82019-01-03
In FreeBSD before 11.2-STABLE(r348229), 11.2-RELEASE-p7, 12.0-STABLE(r342228), and 12.0-RELEASE-p1, insufficient validation of network-provided data in bootpd may make it possible for a malicious attacker to craft a bootp packet which coul…
- CVE-2018-17358MEDIUMCVSS 5.5EG 5.52018-09-23
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in _bfd_stab_section_find_nearest_line in syms.c. Attackers could leverage this vulnerab…
- CVE-2018-17359MEDIUMCVSS 5.5EG 5.52018-09-23
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in bfd_zalloc in opncls.c. Attackers could leverage this vulnerability to cause a denial…
- CVE-2018-17407HIGHCVSS 7.8EG 7.82018-09-23
An issue was discovered in t1_check_unusual_charstring functions in writet1.c files in TeX Live before 2018-09-21. A buffer overflow in the handling of Type 1 fonts allows arbitrary code execution when a malicious font is loaded by one of …
- CVE-2018-17470HIGHCVSS 7.4EG 7.42019-01-09
A heap buffer overflow in GPU in Google Chrome prior to 70.0.3538.67 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
- CVE-2018-17540HIGHCVSS 7.5EG 7.52018-10-03
The gmp plugin in strongSwan before 5.7.1 has a Buffer Overflow via a crafted certificate.
- CVE-2018-17614HIGHCVSS 8.8EG 8.82018-11-13
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Losant Arduino MQTT Client prior to V2.7. User interaction is not required to exploit this vulnerability. The specific flaw exists within t…
- CVE-2018-17706HIGHCVSS 8.8EG 8.82018-10-29
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF Phantom PDF 9.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious…
- CVE-2018-1771HIGHCVSS 8.4EG 7.82018-12-20
IBM Domino 9.0 and 9.0.1 could allow an attacker to execute commands on the system by triggering a buffer overflow in the parsing of command line arguments passed to nsd.exe. IBM X-force ID: 148687.
- CVE-2018-17847HIGHCVSS 7.5EG 7.52018-10-01
The html package (aka x/net/html) through 2018-09-25 in Go mishandles <svg><template><desc><t><svg></template>, leading to a "panic: runtime error" (index out of range) in (*nodeStack).pop in node.go, called from (*parser).clearActiveForma…
- CVE-2018-17905HIGHCVSS 7.8EG 7.82018-11-05
When processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior and tampering with a specific byte, memory corruption may occur within a specific object.
- CVE-2018-17907LOWCVSS 3.3EG 3.32018-11-05
When processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior and tampering with the value of an offset, an attacker can force the application to read a value outside of an array.
- CVE-2018-17910HIGHCVSS 7.8EG 7.82018-10-29
WebAccess Versions 8.3.2 and prior. The application fails to properly validate the length of user-supplied data, causing a buffer overflow condition that allows for arbitrary remote code execution.
- CVE-2018-17962HIGHCVSS 7.5EG 7.52018-10-09
Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used.
- CVE-2018-18096MEDIUMCVSS 5.5EG 5.52018-12-14
Improper memory handling in Intel QuickAssist Technology for Linux (all versions) may allow an authenticated user to potentially enable a denial of service via local access.
- CVE-2018-18193HIGHCVSS 8.8EG 8.82018-10-09
An issue was discovered in libgig 4.1.0. There is operator new[] failure (due to a big pWavePoolTable heap request) in DLS::File::File in DLS.cpp.
- CVE-2018-18197CRITICALCVSS 9.8EG 9.82018-10-09
An issue was discovered in libgig 4.1.0. There is an operator new[] failure (due to a big pSampleLoops heap request) in DLS::Sampler::Sampler in DLS.cpp.
- CVE-2018-18309MEDIUMCVSS 5.5EG 5.52018-10-15
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory address dereference was discovered in read_reloc in reloc.c. The vulnerability causes a segmentation f…
- CVE-2018-18310MEDIUMCVSS 5.5EG 5.52018-10-15
An invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl in elfutils through v0.174. The vulnerability allows attackers to cause a denial of service (application crash) with a crafted ELF file, as dem…
- CVE-2018-18312CRITICALCVSS 9.8EG 9.82018-12-05
Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
- CVE-2018-18314CRITICALCVSS 9.8EG 9.82018-12-07
Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
- CVE-2018-18384MEDIUMCVSS 5.5EG 5.52018-10-16
Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive has a crafted relationship between the compressed-size value and the uncompressed-size value, because a buffer size is 10 and is supposed to be 12.
- CVE-2018-18439CRITICALCVSS 9.8EG 9.82018-11-20
DENX U-Boot through 2018.09-rc1 has a remotely exploitable buffer overflow via a malicious TFTP server because TFTP traffic is mishandled. Also, local exploitation can occur via a crafted kernel image.
- CVE-2018-18440HIGHCVSS 7.8EG 7.82018-11-20
DENX U-Boot through 2018.09-rc1 has a locally exploitable buffer overflow via a crafted kernel image because filesystem loading is mishandled.
- CVE-2018-18493CRITICALCVSS 9.8EG 9.82019-02-28
A buffer overflow can occur in the Skia library during buffer offset calculations with hardware accelerated canvas 2D actions due to the use of 32-bit calculations instead of 64-bit. This results in a potentially exploitable crash. This vu…
- CVE-2018-18501CRITICALCVSS 9.8EG 9.82019-02-05
Mozilla developers and community members reported memory safety bugs present in Firefox 64 and Firefox ESR 60.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exp…
- CVE-2018-18502CRITICALCVSS 9.8EG 9.82019-02-05
Mozilla developers and community members reported memory safety bugs present in Firefox 64. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitra…
- CVE-2018-18503HIGHCVSS 8.8EG 8.82019-02-05
When JavaScript is used to create and manipulate an audio buffer, a potentially exploitable crash may occur because of a compartment mismatch in some situations. This vulnerability affects Firefox < 65.
- CVE-2018-18520MEDIUMCVSS 6.5EG 6.52018-10-19
An Invalid Memory Address Dereference exists in the function elf_end in libelf in elfutils through v0.174. Although eu-size is intended to support ar files inside ar files, handle_ar in size.c closes the outer ar file before handling all i…
- CVE-2018-18601HIGHCVSS 8.1EG 8.12018-12-31
The TK_set_deviceModel_req_handle function in the cloud communication component in Guardzilla GZ621W devices with firmware 0.5.1.4 has a Buffer Overflow.
- CVE-2018-18695HIGHCVSS 7.8EG 7.82018-11-01
M2SOFT Report Designer Viewer 5.0 allows a Buffer Overflow with Extended Instruction Pointer (EIP) control via a crafted MRD file.
- CVE-2018-18706HIGHCVSS 7.5EG 7.52018-10-29
An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. It is a buffer overflow vulnerability in the router's web server -- httpd.…
- CVE-2018-18707HIGHCVSS 7.5EG 7.52018-10-29
An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. It is a buffer overflow vulnerability in the router's web server -- httpd.…
- CVE-2018-18708HIGHCVSS 7.5EG 7.52018-10-29
An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. It is a buffer overflow vulnerability in the router's web server -- httpd.…
- CVE-2018-18709HIGHCVSS 7.5EG 7.52018-10-29
An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. It is a buffer overflow vulnerability in the router's web server -- httpd.…
- CVE-2018-18727HIGHCVSS 7.5EG 7.52018-10-29
An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router's web server -- htt…
- CVE-2018-18730HIGHCVSS 7.5EG 7.52018-10-29
An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router's web server -- htt…
- CVE-2018-18731HIGHCVSS 7.5EG 7.52018-10-29
An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router's web server -- htt…
- CVE-2018-18732HIGHCVSS 7.5EG 7.52018-10-29
An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router's web server -- htt…
- CVE-2018-18756HIGHCVSS 7.5EG 7.52018-11-16
Local Server 1.0.9 has a Buffer Overflow via crafted data on Port 4008.
- CVE-2018-18759HIGHCVSS 7.5EG 7.52018-11-16
Modbus Slave 7.0.0 in modbus tools has a Buffer Overflow.
Map vulnerabilities like CWE-119 to your infrastructure
EchelonGraph correlates every CVE — across CWE-119 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →