CWE-119— Buffer Operations Within Bounds (Buffer Overflow)
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.— MITRE CWE catalog
10,832 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-119page 136 of 217
- CVE-2019-10193HIGHCVSS 7.2EG 7.22019-07-11
A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By corrupting a hyperloglog using the SETRANGE command, an attacker could cause Red…
- CVE-2019-10245HIGHCVSS 7.5EG 7.52019-04-19
In Eclipse OpenJ9 prior to the 0.14.0 release, the Java bytecode verifier incorrectly allows a method to execute past the end of bytecode array causing crashes. Eclipse OpenJ9 v0.14.0 correctly detects this case and rejects the attempted c…
- CVE-2019-10502HIGHCVSS 7.8EG 7.82019-11-06
Possible stack overflow when an index equal to io buffer size is accessed in camera module in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8…
- CVE-2019-10535MEDIUMCVSS 5.5EG 5.52019-11-21
Improper validation for loop variable received from firmware can lead to out of bound access in WLAN function while iterating through loop in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Con…
- CVE-2019-10541CRITICALCVSS 9.8EG 9.82019-11-06
Dereference on uninitialized buffer can happen when parsing FLV clip with corrupted codec specific data in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music…
- CVE-2019-10544HIGHCVSS 7.8EG 7.82019-12-18
Improper length check on source buffer to handle userspace data received can lead to out-of-bound access in diag handlers in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdr…
- CVE-2019-10618MEDIUMCVSS 5.5EG 5.52019-12-12
Driver may access an invalid address while processing IO control due to lack of check of address validation in Snapdragon Connectivity in QCA6390
- CVE-2019-10624HIGHCVSS 7.8EG 7.82020-04-16
While handling the vendor command there is an integer truncation issue that could yield a buffer overflow due to int data type copied to u8 data type in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Sna…
- CVE-2019-10626MEDIUMCVSS 5.5EG 5.52020-06-22
Payload size is not validated before reading memory that may cause issue of accessing invalid pointer or some garbage data in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdrag…
- CVE-2019-10627CRITICALCVSS 9.8EG 9.82019-11-21
Integer overflow to buffer overflow vulnerability in PostScript image handling code used by the PostScript- and PDF-compatible interpreters due to incorrect buffer size calculation. in PostScript and PDF printers that use IPS versions prio…
- CVE-2019-10655CRITICALCVSS 9.8EG 9.82019-03-30
Grandstream GAC2500 1.0.3.35, GXP2200 1.0.3.27, GVC3202 1.0.3.51, GXV3275 before 1.0.3.219 Beta, and GXV3240 before 1.0.3.219 Beta devices allow unauthenticated remote code execution via shell metacharacters in a /manager?action=getlogcat …
- CVE-2019-10978HIGHCVSS 7.8EG 7.82019-09-23
Red Lion Controls Crimson, version 3.0 and prior and version 3.1 prior to release 3112.00, allow multiple vulnerabilities to be exploited when a valid user opens a specially crafted, malicious input file that operates outside of the design…
- CVE-2019-10993CRITICALCVSS 9.8EG 9.82019-06-28
In WebAccess/SCADA Versions 8.3.5 and prior, multiple untrusted pointer dereference vulnerabilities may allow a remote attacker to execute arbitrary code.
- CVE-2019-11059CRITICALCVSS 9.8EG 9.82019-05-10
Das U-Boot 2016.11-rc1 through 2019.04 mishandles the ext4 64-bit extension, resulting in a buffer overflow.
- CVE-2019-11113MEDIUMCVSS 4.4EG 4.42019-11-14
Buffer overflow in Kernel Mode module for Intel(R) Graphics Driver before version 25.20.100.6618 (DCH) or 21.20.x.5077 (aka15.45.5077) may allow a privileged user to potentially enable information disclosure via local access.
- CVE-2019-11126MEDIUMCVSS 6.7EG 6.72019-06-13
Pointer corruption in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.
- CVE-2019-11127MEDIUMCVSS 6.7EG 6.72019-06-13
Buffer overflow in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.
- CVE-2019-11182HIGHCVSS 7.5EG 7.52019-11-14
Memory corruption in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable denial of service via network access.
- CVE-2019-11356CRITICALCVSS 9.8EG 9.82019-06-03
The CalDAV feature in httpd in Cyrus IMAP 2.5.x through 2.5.12 and 3.0.x through 3.0.9 allows remote attackers to execute arbitrary code via a crafted HTTP PUT operation for an event with a long iCalendar property name.
- CVE-2019-11360MEDIUMCVSS 4.2EG 4.22019-07-12
A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xsh…
- CVE-2019-11371CRITICALCVSS 9.8EG 9.82019-04-20
BWA (aka Burrow-Wheeler Aligner) 0.7.17 r1198 has a Buffer Overflow via a long prefix that is mishandled in bns_fasta2bntseq and bns_dump at btnseq.c.
- CVE-2019-11395CRITICALCVSS 9.8EG 9.82019-04-22
A buffer overflow in MailCarrier 2.51 allows remote attackers to execute arbitrary code via a long string, as demonstrated by SMTP RCPT TO, POP3 USER, POP3 LIST, POP3 TOP, or POP3 RETR.
- CVE-2019-11400CRITICALCVSS 9.8EG 9.82019-12-18
An issue was discovered on TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices. A buffer overflow occurs through the get_set.ccp ccp_act parameter.
- CVE-2019-11412HIGHCVSS 7.5EG 7.52019-04-22
An issue was discovered in Artifex MuJS 1.0.5. jscompile.c can cause a denial of service (invalid stack-frame jump) because it lacks an ENDTRY opcode call.
- CVE-2019-11417CRITICALCVSS 9.8EG 9.82019-04-22
system.cgi on TRENDnet TV-IP110WN cameras has a buffer overflow caused by an inadequate source-length check before a strcpy operation in the respondAsp function. Attackers can exploit the vulnerability by using the languse parameter with a…
- CVE-2019-11418CRITICALCVSS 9.8EG 9.82019-04-22
apply.cgi on the TRENDnet TEW-632BRP 1.010B32 router has a buffer overflow via long strings to the SOAPACTION:HNAP1 interface.
- CVE-2019-1145HIGHCVSS 8.8EG 8.82019-08-14
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker…
- CVE-2019-11467HIGHCVSS 7.5EG 7.52019-09-10
In Couchbase Server 4.6.3 and 5.5.0, secondary indexing encodes the entries to be indexed using collatejson. When index entries contain certain characters like \t, <, >, it caused buffer overrun as encoded string would be much larger than …
- CVE-2019-11493HIGHCVSS 7.8EG 7.82019-04-26
VeryPDF 4.1 has a Memory Overflow leading to Code Execution because pdfocx!CxImageTIF::operator in pdfocx.ocx (used by pdfeditor.exe and pdfcmd.exe) is mishandled.
- CVE-2019-11528HIGHCVSS 7.5EG 7.52019-10-10
An issue was discovered in Softing uaGate SI 1.60.01. A system default path for executables is user writable.
- CVE-2019-11560CRITICALCVSS 9.8EG 9.82019-05-07
A buffer overflow vulnerability in the streaming server provided by hisilicon in HI3516 models allows an unauthenticated attacker to remotely run arbitrary code by sending a special RTSP over HTTP packet. The vulnerability was found in man…
- CVE-2019-11577CRITICALCVSS 9.8EG 9.82019-04-28
dhcpcd before 7.2.1 contains a buffer overflow in dhcp6_findna in dhcp6.c when reading NA/TA addresses.
- CVE-2019-11579MEDIUMCVSS 5.3EG 5.32019-04-28
dhcp.c in dhcpcd before 7.2.1 contains a 1-byte read overflow with DHO_OPTSOVERLOADED.
- CVE-2019-11682CRITICALCVSS 9.8EG 9.82019-05-02
A buffer overflow in the SMTP response service in MailCarrier 2.51 allows the attacker to execute arbitrary code remotely via a long HELP command, a related issue to CVE-2019-11395.
- CVE-2019-11693CRITICALCVSS 9.8EG 9.82019-07-23
The bufferdata function in WebGL is vulnerable to a buffer overflow with specific graphics drivers on Linux. This could result in malicious content freezing a tab or triggering a potentially exploitable crash. *Note: this issue only occurs…
- CVE-2019-11703CRITICALCVSS 9.8EG 9.82019-07-23
A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in parser_get_next_char when processing certain email messages, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.7.1.
- CVE-2019-11704CRITICALCVSS 9.8EG 9.82019-07-23
A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in icalmemory_strdup_and_dequote when processing certain email messages, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 60…
- CVE-2019-11709CRITICALCVSS 9.8EG 9.82019-07-23
Mozilla developers and community members reported memory safety bugs present in Firefox 67 and Firefox ESR 60.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exp…
- CVE-2019-11710CRITICALCVSS 9.8EG 9.82019-07-23
Mozilla developers and community members reported memory safety bugs present in Firefox 67. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitra…
- CVE-2019-11729HIGHCVSS 7.5EG 7.52019-07-23
Empty or malformed p256-ECDH public keys may trigger a segmentation fault due values being improperly sanitized before being copied into memory and used. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
- CVE-2019-11740HIGHCVSS 8.8EG 8.82019-09-27
Mozilla developers and community members reported memory safety bugs present in Firefox 68, Firefox ESR 68, and Firefox 60.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these…
- CVE-2019-11758HIGHCVSS 8.8EG 8.82020-01-08
Mozilla community member Philipp reported a memory safety bug present in Firefox 68 when 360 Total Security was installed. This bug showed evidence of memory corruption in the accessibility engine and we presume that with enough effort tha…
- CVE-2019-11834CRITICALCVSS 9.8EG 9.82019-05-09
cJSON before 1.7.11 allows out-of-bounds access, related to \x00 in a string literal.
- CVE-2019-11835CRITICALCVSS 9.8EG 9.82019-05-09
cJSON before 1.7.11 allows out-of-bounds access, related to multiline comments.
- CVE-2019-11848MEDIUMCVSS 4.1EG 4.12020-08-21
An API abuse vulnerability exists in the AT command API of ALEOS before 4.13.0, 4.9.5, 4.4.9 due to lack of length checking when handling certain user-provided values.
- CVE-2019-11873CRITICALCVSS 9.8EG 9.82019-05-23
wolfSSL 4.0.0 has a Buffer Overflow in DoPreSharedKeys in tls13.c when a current identity size is greater than a client identity size. An attacker sends a crafted hello client packet over the network to a TLSv1.3 wolfSSL server. The length…
- CVE-2019-11925CRITICALCVSS 9.8EG 9.82019-09-06
Insufficient boundary checks when processing the JPEG APP12 block marker in the GD extension could allow access to out-of-bounds memory via a maliciously constructed invalid JPEG input. This issue affects HHVM versions prior to 3.30.9, all…
- CVE-2019-11926CRITICALCVSS 9.8EG 9.82019-09-06
Insufficient boundary checks when processing M_SOFx markers from JPEG headers in the GD extension could allow access to out-of-bounds memory via a maliciously constructed invalid JPEG input. This issue affects HHVM versions prior to 3.30.9…
- CVE-2019-11929CRITICALCVSS 9.8EG 9.82019-10-02
Insufficient boundary checks when formatting numbers in number_format allows read/write access to out-of-bounds memory, potentially leading to remote code execution. This issue affects HHVM versions prior to 3.30.10, all versions between 4…
- CVE-2019-11933CRITICALCVSS 9.8EG 9.82019-10-23
A heap buffer overflow bug in libpl_droidsonroids_gif before 1.2.19, as used in WhatsApp for Android before version 2.19.291 could allow remote attackers to execute arbitrary code or cause a denial of service.
Map vulnerabilities like CWE-119 to your infrastructure
EchelonGraph correlates every CVE — across CWE-119 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →