CWE-119 · Improper Restriction of Operations within the Bounds of a Memory Buffer
13989 CVEs classified under CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer). Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-2778 | Critical | 10.0 | 2026-02-24 | Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox… |
CVE-2026-2776 | Critical | 10.0 | 2026-02-24 | Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software. This vulnerability was fixed in Firefox 148, Firefox ESR 1… |
CVE-2024-23616 | Critical | 10.0 | 2024-01-26 | A buffer overflow vulnerability exists in Symantec Server Management Suite version 7.9 and before. A remote, anonymous attacker can exploit this vulnerability… |
CVE-2024-23615 | Critical | 10.0 | 2024-01-26 | A buffer overflow vulnerability exists in Symantec Messaging Gateway versions 10.5 and before. A remote, anonymous attacker can exploit this vulnerability to a… |
CVE-2024-23614 | Critical | 10.0 | 2024-01-26 | A buffer overflow vulnerability exists in Symantec Messaging Gateway versions 9.5 and before. A remote, anonymous attacker can exploit this vulnerability to ac… |
CVE-2024-23613 | Critical | 10.0 | 2024-01-26 | A buffer overflow vulnerability exists in Symantec Deployment Solution version 7.9 when parsing UpdateComputer tokens. A remote, anonymous attacker can exploit… |
CVE-2022-27625 | Critical | 10.0 | 2022-10-20 | A vulnerability regarding improper restriction of operations within the bounds of a memory buffer is found in the message processing functionality of Out-of-Ba… |
CVE-2022-27624 | Critical | 10.0 | 2022-10-20 | A vulnerability regarding improper restriction of operations within the bounds of a memory buffer is found in the packet decryption functionality of Out-of-Ban… |
CVE-2021-21951 | Critical | 10.0 | 2021-12-08 | An out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6… |
CVE-2021-21950 | Critical | 10.0 | 2021-12-08 | An out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6… |
CVE-2020-11896 | Critical | 10.0 | 2020-06-17 | The Treck TCP/IP stack before 6.0.1.66 allows Remote Code Execution, related to IPv4 tunneling. |
CVE-2020-0796 | Critical | 10.0 | 2020-03-12 | A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows S… |
CVE-2015-0565 | Critical | 10.0 | 2020-02-25 | NaCl in 2015 allowed the CLFLUSH instruction, making rowhammer attacks possible. |
CVE-2018-19417 | Critical | 10.0 | 2018-11-21 | An issue was discovered in the MQTT server in Contiki-NG before 4.2. The function parse_publish_vhdr() that parses MQTT PUBLISH messages with a variable length… |
CVE-2017-12087 | Critical | 10.0 | 2018-04-24 | An exploitable heap overflow vulnerability exists in the tinysvcmdns library version 2016-07-18. A specially crafted packet can make the library overwrite an a… |
CVE-2017-16740 | Critical | 10.0 | 2018-01-09 | A Buffer Overflow issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1400 Controllers, Series B and C Versions 21.002 and earlier. The stack-… |
CVE-2017-10921 | Critical | 10.0 | 2017-07-05 | The grant-table feature in Xen through 4.8.x does not ensure sufficient type counts for a GNTMAP_device_map and GNTMAP_host_map mapping, which allows guest OS… |
CVE-2017-10920 | Critical | 10.0 | 2017-07-05 | The grant-table feature in Xen through 4.8.x mishandles a GNTMAP_device_map and GNTMAP_host_map mapping, when followed by only a GNTMAP_host_map unmapping, whi… |
CVE-2017-3088 | Critical | 10.0 | 2017-06-20 | Adobe Digital Editions versions 4.5.4 and earlier have an exploitable memory corruption vulnerability in the PDF runtime engine. Successful exploitation could… |
CVE-2017-2788 | Critical | 10.0 | 2017-03-10 | A buffer overflows exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. A specially crafted packet can be sent to the victim's c… |