CWE-119— Buffer Operations Within Bounds (Buffer Overflow)
10,593 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-119page 1 of 212
- CVE-1999-0002NONECVSS 0.0EG 0.01998-10-12
Buffer overflow in NFS mountd gives root access to remote attackers, mostly in Linux systems.
- CVE-1999-0027NONECVSS 0.0EG 0.01997-07-16
root privileges via buffer overflow in eject command on SGI IRIX systems.
- CVE-1999-0069HIGHCVSS 8.4EG 8.41998-04-29
Solaris ufsrestore buffer overflow.
- CVE-1999-0332NONECVSS 0.0EG 0.01998-12-01
Buffer overflow in NetMeeting allows denial of service and remote command execution.
- CVE-1999-0349NONECVSS 0.0EG 0.01999-01-27
A buffer overflow in the FTP list (ls) command in IIS allows remote attackers to conduct a denial of service and, in some cases, execute arbitrary commands.
- CVE-1999-0700NONECVSS 0.0EG 0.01999-07-29
Buffer overflow in Microsoft Phone Dialer (dialer.exe), via a malformed dialer entry in the dialer.ini file.
- CVE-1999-0802NONECVSS 0.0EG 0.01999-05-27
Buffer overflow in Internet Explorer 5 allows remote attackers to execute commands via a malformed Favorites icon.
- CVE-1999-0874NONECVSS 0.0EG 0.01999-06-16
Buffer overflow in IIS 4.0 allows remote attackers to cause a denial of service via a malformed request for files with .HTR, .IDC, or .STM extensions.
- CVE-1999-0876NONECVSS 0.0EG 0.02000-01-04
Buffer overflow in Internet Explorer 4.0 via EMBED tag.
- CVE-1999-0898NONECVSS 0.0EG 0.01999-11-04
Buffer overflows in Windows NT 4.0 print spooler allow remote attackers to gain privileges or cause a denial of service via a malformed spooler request.
- CVE-2000-1246NONECVSS 0.0EG 0.02010-04-05
NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 allows remote authenticated users to cause a denial of service (abend) by sending an RNTO command after a failed RNFR command.
- CVE-2001-0153NONECVSS 0.0EG 0.02001-05-03
Buffer overflow in VB-TSQL debugger object (vbsdicli.exe) in Visual Studio 6.0 Enterprise Edition allows remote attackers to execute arbitrary commands.
- CVE-2001-0576NONECVSS 0.0EG 0.02001-08-22
lpusers as included with SCO OpenServer 5.0 through 5.0.6 allows a local attacker to gain additional privileges via a buffer overflow attack in the '-u' command line parameter.
- CVE-2001-0629NONECVSS 0.0EG 0.02001-08-14
HP Event Correlation Service (ecsd) as included with OpenView Network Node Manager 6.1 allows a remote attacker to gain addition privileges via a buffer overflow attack in the '-restore_config' command line parameter.
- CVE-2001-0775NONECVSS 0.0EG 0.02001-10-18
Buffer overflow in xloadimage 4.1 (aka xli 1.16 and 1.17) in Linux allows remote attackers to execute arbitrary code via a FACES format image containing a long (1) Firstname or (2) Lastname field.
- CVE-2001-0803NONECVSS 0.0EG 0.02001-12-06
Buffer overflow in the client connection routine of libDtSvc.so.1 in CDE Subprocess Control Service (dtspcd) allows remote attackers to execute arbitrary commands.
- CVE-2001-0819NONECVSS 0.0EG 0.02001-12-06
A buffer overflow in Linux fetchmail before 5.8.6 allows remote attackers to execute arbitrary code via a large 'To:' field in an email header.
- CVE-2001-1456NONECVSS 0.0EG 0.02001-09-04
Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntlet Firewall 5.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted mail message.
- CVE-2001-1539NONECVSS 0.0EG 0.02001-12-31
Stack consumption vulnerability in Internet Explorer The JavaScript settimeout function in Internet Explorer allows remote attackers to cause a denial of service (crash) via the JavaScript settimeout function. NOTE: the vendor could not r…
- CVE-2001-1582NONECVSS 0.0EG 0.02001-12-31
Buffer overflow in the LDAP naming services library (libsldap) in Sun Solaris 8 allows local users to execute arbitrary code via a long LDAP_OPTIONS environment variable to a privileged program that uses libsldap.
- CVE-2001-1587NONECVSS 0.0EG 0.02010-04-05
NWFTPD.nlm before 5.01w in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (abend) via an anonymous STOU command.
- CVE-2002-0053NONECVSS 0.0EG 0.02002-03-08
Buffer overflow in SNMP agent service in Windows 95/98/98SE, Windows NT 4.0, Windows 2000, and Windows XP allows remote attackers to cause a denial of service or execute arbitrary code via a malformed management request. NOTE: this candid…
- CVE-2002-0070NONECVSS 0.0EG 0.02002-03-15
Buffer overflow in Windows Shell (used as the Windows Desktop) allows local and possibly remote attackers to execute arbitrary code via a custom URL handler that has not been removed for an application that has been improperly uninstalled.
- CVE-2002-0649NONECVSS 0.0EG 9.02002-08-12
Multiple buffer overflows in the Resolution Service for Microsoft SQL Server 2000 and Microsoft Desktop Engine 2000 (MSDE) allow remote attackers to cause a denial of service or execute arbitrary code via UDP packets to port 1434 in which …
- CVE-2002-0813NONECVSS 0.0EG 0.02002-08-12
Heap-based buffer overflow in the TFTP server capability in Cisco IOS 11.1, 11.2, and 11.3 allows remote attackers to cause a denial of service (reset) or modify configuration via a long filename.
- CVE-2002-1174NONECVSS 0.0EG 0.02002-10-11
Buffer overflows in Fetchmail 6.0.0 and earlier allow remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) long headers that are not properly processed by the readheaders function, or (2) via long Receive…
- CVE-2002-1200NONECVSS 0.0EG 0.02002-10-28
Balabit Syslog-NG 1.4.x before 1.4.15, and 1.5.x before 1.5.20, when using template filenames or output, does not properly track the size of a buffer when constant characters are encountered during macro expansion, which allows remote atta…
- CVE-2002-1222NONECVSS 0.0EG 0.02002-10-28
Buffer overflow in the embedded HTTP server for Cisco Catalyst switches running CatOS 5.4 through 7.3 allows remote attackers to cause a denial of service (reset) via a long HTTP request.
- CVE-2002-1357NONECVSS 0.0EG 0.02002-12-23
Multiple SSH2 servers and clients do not properly handle packets or data elements with incorrect length specifiers, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SS…
- CVE-2002-1365NONECVSS 0.0EG 0.02002-12-23
Heap-based buffer overflow in Fetchmail 6.1.3 and earlier does not account for the "@" character when determining buffer lengths for local addresses, which allows remote attackers to execute arbitrary code via a header with a large number …
- CVE-2002-1401NONECVSS 0.0EG 0.02003-01-17
Buffer overflows in (1) circle_poly, (2) path_encode and (3) path_add (also incorrectly identified as path_addr) for PostgreSQL 7.2.3 and earlier allow attackers to cause a denial of service and possibly execute arbitrary code, possibly as…
- CVE-2002-2196NONECVSS 0.0EG 0.02002-12-31
Samba before 2.2.5 does not properly terminate the enum_csc_policy data structure, which may allow remote attackers to execute arbitrary code via a buffer overflow attack.
- CVE-2002-2226NONECVSS 0.0EG 0.02002-12-31
Buffer overflow in tftpd of TFTP32 2.21 and earlier allows remote attackers to execute arbitrary code via a long filename argument.
- CVE-2002-2227NONECVSS 0.0EG 0.02002-12-31
Buffer underflow in ssldump 0.9b2 and earlier allows remote attackers to cause a denial of service (memory corruption) via a crafted SSLv2 challenge value.
- CVE-2002-2232NONECVSS 0.0EG 0.02002-12-31
Buffer overflow in Enceladus Server Suite 3.9 allows remote attackers to execute arbitrary code via a long CD (CWD) command.
- CVE-2002-2248NONECVSS 0.0EG 0.02002-12-31
Buffer overflow in the sun.awt.windows.WDefaultFontCharset Java class implementation in Netscape 4.0 allows remote attackers to execute arbitrary code via an applet that calls the WDefaultFontCharset constructor with a long string and invo…
- CVE-2002-2250NONECVSS 0.0EG 0.02002-12-31
Multiple buffer overflows in Sybase Adaptive Server 12.0 and 12.5 allow remote attackers to execute arbitrary code via (1) a long parameter to the xp_freedll extended stored procedure or (2) a long database name argument to the DBCC CHECKV…
- CVE-2002-2251NONECVSS 0.0EG 0.02002-12-31
Buffer overflow in the changevalue function in libcgi.h for Marcos Luiz Onisto Lib CGI 0.1 allows remote attackers to execute arbitrary code via a long argument.
- CVE-2002-2253NONECVSS 0.0EG 0.02002-12-31
Multiple buffer overflows in Cyrus Sieve / libSieve 2.1.2 and earlier allow remote attackers to execute arbitrary code via (1) a long header name, (2) a long IMAP flag, or (3) a script that generates a large number of errors that overflow …
- CVE-2002-2257NONECVSS 0.0EG 0.02002-12-31
Stack-based buffer overflow in the parse_field function in cgi_lib.c for LIBCGI 1.0.2 and 1.0.3 allows remote attackers to execute arbitrary code via a long argument.
- CVE-2002-2258NONECVSS 0.0EG 0.02002-12-31
Moby NetSuite allows remote attackers to cause a denial of service (crash) via an HTTP POST request with a (1) large integer or (2) non-numeric value in the Content-Length header, which causes an access violation after a failed atoi functi…
- CVE-2002-2259NONECVSS 0.0EG 0.02002-12-31
Buffer overflow in the French documentation patch for Gnuplot 3.7 in SuSE Linux before 8.0 allows local users to execute arbitrary code as root via unknown attack vectors.
- CVE-2002-2268NONECVSS 0.0EG 0.02002-12-31
Buffer overflow in Webster HTTP Server allows remote attackers to execute arbitrary code via a long URL.
- CVE-2002-2271NONECVSS 0.0EG 0.02002-12-31
Buffer overflow in BigFun 1.51b IRC client, when the Direct Client Connection (DCC) option is used, allows remote attackers to cause a denial of service (crash) via a long string.
- CVE-2002-2272NONECVSS 0.0EG 0.02002-12-31
Tomcat 4.0 through 4.1.12, using mod_jk 1.2.1 module on Apache 1.3 through 1.3.27, allows remote attackers to cause a denial of service (desynchronized communications) via an HTTP GET request with a Transfer-Encoding chunked field with inv…
- CVE-2002-2291NONECVSS 0.0EG 0.02002-12-31
Calisto Internet Talker 0.04 and earlier allows remote attackers to cause a denial of service (hang) via a long request, possibly triggering a buffer overflow.
- CVE-2002-2294NONECVSS 0.0EG 0.02002-12-31
Multiple buffer overflows in Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 allow remote attackers to cause a denial of service (…
- CVE-2002-2295NONECVSS 0.0EG 0.02002-12-31
Buffer overflow in Pico Server (pServ) 2.0 beta 1 through beta 5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a 1024-byte TCP stream message, which triggers an off-by-one buffer o…
- CVE-2002-2300NONECVSS 0.0EG 0.02002-12-31
Buffer overflow in ftpd 5.4 in 3Com NBX 4.0.17 or ftpd 5.4.2 in 3Com NBX 4.1.4 allows remote attackers to cause a denial of service (crash) via a long CEL command.
- CVE-2002-2332NONECVSS 0.0EG 0.02002-12-31
Buffer overflow in Opera 6.01 allows remote attackers to cause a denial of service (crash) via an IMG tag with large width and height attributes.
Map vulnerabilities like CWE-119 to your infrastructure
EchelonGraph correlates every CVE — across CWE-119 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →