CWE-119— Buffer Operations Within Bounds (Buffer Overflow)
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.— MITRE CWE catalog
10,831 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-119page 131 of 217
- CVE-2018-4401HIGHCVSS 7.8EG 7.82019-04-03
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
- CVE-2018-4402HIGHCVSS 7.8EG 7.82019-04-03
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.1.
- CVE-2018-4404HIGHCVSS 8.8EG 7.82019-01-11
In iOS before 11.4 and macOS High Sierra before 10.13.5, a memory corruption issue exists and was addressed with improved memory handling.
- CVE-2018-4407HIGHCVSS 8.8EG 9.02019-04-03
A memory corruption issue was addressed with improved validation. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
- CVE-2018-4408HIGHCVSS 7.8EG 7.82019-04-03
A memory corruption issue was addressed with improved input validation This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
- CVE-2018-4410HIGHCVSS 7.8EG 7.82019-04-03
A memory corruption issue was addressed with improved input validation. This issue affected versions prior to macOS Mojave 10.14.1.
- CVE-2018-4411HIGHCVSS 7.8EG 7.82019-04-03
A memory corruption issue was addressed with improved input validation. This issue affected versions prior to macOS Mojave 10.14.
- CVE-2018-4412HIGHCVSS 7.8EG 7.82019-04-03
A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5, iTunes 12.9 for Windows, iCloud for Windows 7.7.
- CVE-2018-4413MEDIUMCVSS 5.5EG 5.52019-04-03
A memory initialization issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1.
- CVE-2018-4414HIGHCVSS 7.8EG 7.82019-04-03
A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5, iTunes 12.9 for Windows, iCloud for Windows 7.7.
- CVE-2018-4415HIGHCVSS 7.8EG 7.82019-04-03
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.1.
- CVE-2018-4416HIGHCVSS 8.8EG 8.82019-04-03
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.
- CVE-2018-4419HIGHCVSS 7.8EG 7.82019-04-03
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1.
- CVE-2018-4420HIGHCVSS 7.8EG 7.82019-04-03
A memory corruption issue was addressed by removing the vulnerable code. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1.
- CVE-2018-4421HIGHCVSS 7.8EG 7.82019-04-03
A memory initialization issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.1.
- CVE-2018-4422HIGHCVSS 8.8EG 8.82019-04-03
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.1.
- CVE-2018-4424HIGHCVSS 7.8EG 7.82019-04-03
A buffer overflow was addressed with improved size validation. This issue affected versions prior to macOS Mojave 10.14.1.
- CVE-2018-4425HIGHCVSS 7.8EG 7.82019-04-03
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
- CVE-2018-4426HIGHCVSS 7.8EG 7.82019-04-03
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
- CVE-2018-4427HIGHCVSS 7.8EG 7.82019-04-03
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to: iOS 12.1, watchOS 5.1.2, tvOS 12.1.1, macOS High Sierra 10.13.6 Security Update 2018-003 High Sierra, macOS Sierra 10.12.6 Securi…
- CVE-2018-4437HIGHCVSS 8.8EG 8.82019-04-03
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.
- CVE-2018-4438HIGHCVSS 8.8EG 8.82019-04-03
A logic issue existed resulting in memory corruption. This was addressed with improved state management. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Win…
- CVE-2018-4441HIGHCVSS 8.8EG 8.82019-04-03
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.
- CVE-2018-4442HIGHCVSS 8.8EG 8.82019-04-03
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.
- CVE-2018-4443HIGHCVSS 8.8EG 8.82019-04-03
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.
- CVE-2018-4447HIGHCVSS 7.8EG 7.82019-04-03
A memory corruption issue was addressed with improved state management. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2.
- CVE-2018-4449HIGHCVSS 7.8EG 7.82019-04-03
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.2.
- CVE-2018-4450HIGHCVSS 7.8EG 7.82019-04-03
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.2.
- CVE-2018-4456HIGHCVSS 7.8EG 7.82019-04-03
A memory corruption issue was addressed with improved input validation. This issue affected versions prior to macOS High Sierra 10.13.6, macOS Mojave 10.14.
- CVE-2018-4461HIGHCVSS 7.8EG 7.82019-04-03
A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2.
- CVE-2018-4463HIGHCVSS 7.8EG 7.82019-04-03
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.2.
- CVE-2018-4464HIGHCVSS 8.8EG 8.82019-04-03
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.
- CVE-2018-4465HIGHCVSS 7.8EG 7.82019-04-03
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2.
- CVE-2018-4928HIGHCVSS 7.8EG 7.82018-05-19
Adobe InDesign versions 13.0 and below have an exploitable Memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
- CVE-2018-4936MEDIUMCVSS 6.5EG 7.52018-05-19
Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable Heap Overflow vulnerability. Successful exploitation could lead to information disclosure.
- CVE-2018-4998HIGHCVSS 8.8EG 8.82018-07-09
Adobe Acrobat and Reader versions 2018.009.20050 and earlier, 2017.011.30070 and earlier, and 2015.006.30394 and earlier have a Memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution in the context …
- CVE-2018-5034HIGHCVSS 8.8EG 8.82018-07-20
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Buffer Errors vulnerability. Successful exploitation could lead to arbitrary code execution in the context of t…
- CVE-2018-5037HIGHCVSS 8.8EG 8.82018-07-20
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Buffer Errors vulnerability. Successful exploitation could lead to arbitrary code execution in the context of t…
- CVE-2018-5043HIGHCVSS 8.8EG 8.82018-07-20
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Buffer Errors vulnerability. Successful exploitation could lead to arbitrary code execution in the context of t…
- CVE-2018-5089CRITICALCVSS 9.8EG 9.82018-06-11
Memory safety bugs were reported in Firefox 57 and Firefox ESR 52.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerabi…
- CVE-2018-5090CRITICALCVSS 9.8EG 9.82018-06-11
Memory safety bugs were reported in Firefox 57. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox …
- CVE-2018-5093HIGHCVSS 7.5EG 7.52018-06-11
A heap buffer overflow vulnerability may occur in WebAssembly during Memory/Table resizing, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 58.
- CVE-2018-5094HIGHCVSS 7.5EG 7.52018-06-11
A heap buffer overflow vulnerability may occur in WebAssembly when "shrinkElements" is called followed by garbage collection on memory that is now uninitialized. This results in a potentially exploitable crash. This vulnerability affects F…
- CVE-2018-5125HIGHCVSS 8.8EG 8.82018-06-11
Memory safety bugs were reported in Firefox 58 and Firefox ESR 52.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerabi…
- CVE-2018-5126CRITICALCVSS 9.8EG 9.82018-06-11
Memory safety bugs were reported in Firefox 58. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox …
- CVE-2018-5127HIGHCVSS 8.8EG 8.82018-06-11
A buffer overflow can occur when manipulating the SVG "animatedPathSegList" through script. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.7, Firefox ESR < 52.7, and Firefox < 59.
- CVE-2018-5145CRITICALCVSS 9.8EG 9.82018-06-11
Memory safety bugs were reported in Firefox ESR 52.6. These bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox ES…
- CVE-2018-5150CRITICALCVSS 9.8EG 9.82018-06-11
Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbird 52.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary c…
- CVE-2018-5151CRITICALCVSS 9.8EG 9.82018-06-11
Memory safety bugs were reported in Firefox 59. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox …
- CVE-2018-5177HIGHCVSS 7.5EG 7.52018-06-11
A vulnerability exists in XSLT during number formatting where a negative buffer size may be allocated in some instances, leading to a buffer overflow and crash if it occurs. This vulnerability affects Firefox < 60.
Map vulnerabilities like CWE-119 to your infrastructure
EchelonGraph correlates every CVE — across CWE-119 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →