CWE-119— Buffer Operations Within Bounds (Buffer Overflow)
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.— MITRE CWE catalog
10,834 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-119page 137 of 217
- CVE-2019-11983HIGHCVSS 7.0EG 7.02019-06-05
A remote buffer overflow vulnerability was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than v2.61b for Gen9 servers and Integrated Lights-Out 5 (iLO 5) for Gen10 Servers earlier than version v1.39.
- CVE-2019-12044HIGHCVSS 7.5EG 7.52019-05-22
A Buffer Overflow exists in Citrix NetScaler Gateway 10.5.x before 10.5.70.x, 11.1.x before 11.1.59.10, 12.0.x before 12.0.59.8, and 12.1.x before 12.1.49.23 and Citrix Application Delivery Controller 10.5.x before 10.5.70.x, 11.1.x before…
- CVE-2019-1214HIGHCVSS 7.8EG 9.0⚠ KEV2019-09-11
An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka 'Windows Common Log File System Driver Elevation of Privilege Vulnerability'.
- CVE-2019-12221MEDIUMCVSS 6.5EG 6.52019-05-20
An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a SEGV in the SDL function SDL_free_REAL at stdlib/SDL_malloc.c.
- CVE-2019-12223HIGHCVSS 7.5EG 7.52019-09-05
An issue was discovered in NVR WebViewer on Hanwah Techwin SRN-472s 1.07_190502 devices, and other SRN-x devices before 2019-05-03. A system crash and reboot can be achieved by submitting a long username in excess of 117 characters. The us…
- CVE-2019-12255CRITICALCVSS 9.8EG 9.82019-08-09
Wind River VxWorks has a Buffer Overflow in the TCP component (issue 1 of 4). This is a IPNET security vulnerability: TCP Urgent Pointer = 0 that leads to an integer underflow.
- CVE-2019-12260CRITICALCVSS 9.8EG 9.82019-08-09
Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 2 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion caused by a malformed TCP AO option.
- CVE-2019-12261CRITICALCVSS 9.8EG 9.82019-08-09
Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion during connect() to a remote host.
- CVE-2019-12263HIGHCVSS 8.1EG 8.12019-08-09
Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP component (issue 4 of 4). There is an IPNET security vulnerability: TCP Urgent Pointer state confusion due to race condition.
- CVE-2019-12325HIGHCVSS 8.8EG 8.82019-07-22
The Htek UC902 VoIP phone web management interface contains several buffer overflow vulnerabilities in the firmware version 2.0.4.4.46, which allow an attacker to crash the device (DoS) without authentication or execute code (authenticated…
- CVE-2019-12525CRITICALCVSS 9.8EG 9.82019-07-11
An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7. When Squid is configured to use Digest authentication, it parses the header Proxy-Authorization. It searches for certain tokens such as domain, uri, and qop. Squid …
- CVE-2019-12673HIGHCVSS 7.5EG 7.52019-10-02
A vulnerability in the FTP inspection engine of Cisco Adaptive Security (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an aff…
- CVE-2019-12687HIGHCVSS 8.8EG 8.82019-10-02
A vulnerability in the web UI of the Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to execute arbitrary commands on an affected device. The vulnerability is due to insufficient input validation. An a…
- CVE-2019-12688HIGHCVSS 8.8EG 8.82019-10-02
A vulnerability in the web UI of the Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to execute arbitrary commands on an affected device. The vulnerability is due to insufficient input validation. An a…
- CVE-2019-12788HIGHCVSS 7.8EG 7.82019-06-10
An issue was discovered in Photodex ProShow Producer v9.0.3797 (an application that runs with Administrator privileges). It is possible to perform a buffer overflow via a crafted file.
- CVE-2019-12802HIGHCVSS 7.8EG 7.82019-06-13
In radare2 through 3.5.1, the rcc_context function of libr/egg/egg_lang.c mishandles changing context. This allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact (invalid memory …
- CVE-2019-12806HIGHCVSS 8.8EG 8.82019-08-13
UniSign 2.0.4.0 and earlier version contains a stack-based buffer overflow vulnerability which can overwrite the stack with arbitrary data, due to a buffer overflow in a library. That leads remote attacker to execute arbitrary code via cra…
- CVE-2019-12807HIGHCVSS 7.8EG 7.82019-08-13
Alzip 10.83 and earlier version contains a stack-based buffer overflow vulnerability, caused by improper bounds checking during the parsing of crafted ISO archive file format. By persuading a victim to open a specially-crafted ISO archive …
- CVE-2019-12817HIGHCVSS 7.0EG 7.02019-06-25
arch/powerpc/mm/mmu_context_book3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB. Only a su…
- CVE-2019-12822HIGHCVSS 7.5EG 7.52019-06-14
In http.c in Embedthis GoAhead before 4.1.1 and 5.x before 5.0.1, a header parsing vulnerability causes a memory assertion, out-of-bounds memory reference, and potential DoS, as demonstrated by a colon on a line by itself.
- CVE-2019-12827MEDIUMCVSS 6.5EG 6.52019-07-12
Buffer overflow in res_pjsip_messaging in Digium Asterisk versions 13.21-cert3, 13.27.0, 15.7.2, 16.4.0 and earlier allows remote authenticated users to crash Asterisk by sending a specially crafted SIP MESSAGE message.
- CVE-2019-12829HIGHCVSS 7.5EG 7.52019-06-15
radare2 through 3.5.1 mishandles the RParse API, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact, as demonstrated by newstr buffer overflows during replace operations…
- CVE-2019-12854HIGHCVSS 7.5EG 7.52019-08-15
Due to incorrect string termination, Squid cachemgr.cgi 4.0 through 4.7 may access unallocated memory. On systems with memory access protections, this can cause the CGI process to terminate unexpectedly, resulting in a denial of service fo…
- CVE-2019-12893HIGHCVSS 7.5EG 7.52019-06-19
Alternate Pic View 2.600 has a User Mode Write AV starting at PicViewer!PerfgrapFinalize+0x00000000000a8868.
- CVE-2019-12895HIGHCVSS 7.5EG 7.52019-06-19
In Alternate Pic View 2.600, the Exception Handler Chain is Corrupted starting at PicViewer!PerfgrapFinalize+0x00000000000b916d.
- CVE-2019-12898CRITICALCVSS 9.8EG 9.82019-06-19
Delta Electronics DeviceNet Builder 2.04 has a User Mode Write AV starting at image00400000+0x000000000017a45e.
- CVE-2019-12899CRITICALCVSS 9.8EG 9.82019-06-19
Delta Electronics DeviceNet Builder 2.04 has a User Mode Write AV starting at ntdll!RtlQueueWorkItem+0x00000000000005e3.
- CVE-2019-12937HIGHCVSS 7.8EG 7.82019-06-23
apps/gsudo.c in gsudo in ToaruOS through 1.10.9 has a buffer overflow allowing local privilege escalation to the root user via the DISPLAY environment variable.
- CVE-2019-12968MEDIUMCVSS 5.3EG 5.32019-06-26
A vulnerability was found in the Sonic Robo Blast 2 (SRB2) plugin (EP_Versions 9 to 11 inclusive) distributed with Doomseeker 1.1 and 1.2. Affected plugin versions did not discard IP packets with an unnaturally long response length from a …
- CVE-2019-12981HIGHCVSS 8.8EG 8.82019-06-26
Ming (aka libming) 0.4.8 has an "fill overflow" vulnerability in the function SWFShape_setLeftFillStyle in blocks/shape.c.
- CVE-2019-12982MEDIUMCVSS 6.5EG 6.52019-06-26
Ming (aka libming) 0.4.8 has a heap buffer overflow and underflow in the decompileCAST function in util/decompile.c in libutil.a. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted SWF file.
- CVE-2019-13217HIGHCVSS 7.8EG 7.82019-08-15
A heap buffer overflow in the start_decoder function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis file.
- CVE-2019-13242HIGHCVSS 7.8EG 7.82019-07-04
IrfanView 4.52 has a User Mode Write AV starting at image00400000+0x0000000000013a98.
- CVE-2019-13243HIGHCVSS 7.8EG 7.82019-07-04
IrfanView 4.52 has a User Mode Write AV starting at image00400000+0x00000000000249c6.
- CVE-2019-13244HIGHCVSS 7.8EG 7.82019-07-04
FastStone Image Viewer 7.0 has a User Mode Write AV starting at image00400000+0x0000000000002d7d.
- CVE-2019-13245HIGHCVSS 7.8EG 7.82019-07-04
FastStone Image Viewer 7.0 has a User Mode Write AV starting at image00400000+0x00000000001a95b1.
- CVE-2019-13246HIGHCVSS 7.8EG 7.82019-07-04
FastStone Image Viewer 7.0 has a User Mode Write AV starting at image00400000+0x00000000001a9601.
- CVE-2019-13247HIGHCVSS 7.8EG 7.82019-07-04
ACDSee Free 1.1.21 has a User Mode Write AV starting at IDE_ACDStd!JPEGTransW+0x00000000000024ed.
- CVE-2019-13248HIGHCVSS 7.8EG 7.82019-07-04
ACDSee Free 1.1.21 has a User Mode Write AV starting at IDE_ACDStd!JPEGTransW+0x0000000000002450.
- CVE-2019-13249HIGHCVSS 7.8EG 7.82019-07-04
ACDSee Free 1.1.21 has a User Mode Write AV starting at IDE_ACDStd!IEP_SetColorProfile+0x00000000000b9e7a.
- CVE-2019-13250HIGHCVSS 7.8EG 7.82019-07-04
ACDSee Free 1.1.21 has a User Mode Write AV starting at IDE_ACDStd!IEP_SetColorProfile+0x00000000000b9c2f.
- CVE-2019-13251HIGHCVSS 7.8EG 7.82019-07-04
ACDSee Free 1.1.21 has a User Mode Write AV starting at IDE_ACDStd!IEP_SetColorProfile+0x00000000000c47ff.
- CVE-2019-13252HIGHCVSS 7.8EG 7.82019-07-04
ACDSee Free 1.1.21 has a User Mode Write AV starting at IDE_ACDStd!IEP_SetColorProfile+0x00000000001172b0.
- CVE-2019-13253HIGHCVSS 7.8EG 7.82019-07-04
XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000000000385474.
- CVE-2019-13254HIGHCVSS 7.8EG 7.82019-07-04
XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x000000000032e808.
- CVE-2019-13255HIGHCVSS 7.8EG 7.82019-07-04
XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000000000327464.
- CVE-2019-13451CRITICALCVSS 9.8EG 9.82019-08-27
In Xymon through 4.3.28, a buffer overflow vulnerability exists in history.c.
- CVE-2019-13452CRITICALCVSS 9.8EG 9.82019-08-27
In Xymon through 4.3.28, a buffer overflow vulnerability exists in reportlog.c.
- CVE-2019-13484CRITICALCVSS 9.8EG 9.82019-08-27
In Xymon through 4.3.28, a buffer overflow exists in the status-log viewer CGI because of expansion in appfeed.c.
- CVE-2019-13508CRITICALCVSS 9.8EG 9.82019-10-31
FreeTDS through 1.1.11 has a Buffer Overflow.
Map vulnerabilities like CWE-119 to your infrastructure
EchelonGraph correlates every CVE — across CWE-119 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →