CWE-119: Buffer Overflow
The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.
Yearly Trend
Top Affected Vendors
All Buffer Overflow CVEs (1,232)
This vulnerability allows local information disclosure on Android devices through an out-of-bounds read in the VendorGraphicBufferMeta initialization....
Mar 24, 2023An out-of-bounds read vulnerability in Open Babel's CIF file handler allows remote attackers to read memory beyond allocated buffers. This affects Ope...
Feb 19, 2026This CVE describes a memory handling vulnerability in Apple's WebKit browser engine that affects multiple Apple operating systems and Safari. Processi...
Feb 11, 2026This vulnerability in Tenda W18E routers allows remote attackers to trigger a stack-based buffer overflow by manipulating the Password parameter in th...
Apr 4, 2025This CVE describes a memory handling vulnerability in Apple's Safari browser and related operating systems. Processing malicious web content could cau...
Mar 31, 2025This vulnerability in Assimp's CSM file handler allows remote attackers to trigger an out-of-bounds read by manipulating the 'na' argument. This could...
Mar 25, 2025This CVE describes a stack-based buffer overflow vulnerability in quickjs-ng QuickJS JavaScript engine versions up to 0.8.0. The vulnerability in the ...
Mar 21, 2025A stack-based buffer overflow vulnerability exists in the TOTOLINK EX1800T router's web interface, specifically in the cgi-bin/cstecgi.cgi file when p...
Dec 9, 2024This GPU driver vulnerability allows non-privileged users to exploit improper GPU system calls, enabling the GPU hardware to write to arbitrary physic...
Jan 13, 2026A heap-based buffer overflow vulnerability exists in the SoLoud audio library's FLAC file parsing function. This allows local attackers to execute arb...
Mar 1, 2026CVE-2026-3391 is an out-of-bounds read vulnerability in the clear_storages function of FascinatedBox lily up to version 2.3. This flaw allows local at...
Mar 1, 2026This vulnerability allows local attackers to perform out-of-bounds read operations in FascinatedBox lily's error reporting component. The flaw could p...
Mar 1, 2026A memory corruption vulnerability exists in ChaiScript's Boxed_Number::get_as function that allows local attackers to potentially execute arbitrary co...
Mar 1, 2026A use-after-free vulnerability in CCExtractor's processmp4 function allows local attackers to potentially execute arbitrary code or cause denial of se...
Feb 21, 2026This CVE describes an out-of-bounds read vulnerability in the janet-lang Janet programming language's handleattr handler. Attackers with local access ...
Feb 21, 2026This vulnerability allows local attackers to perform out-of-bounds read attacks on FascinatedBox lily software up to version 2.3. The weakness in the ...
Feb 18, 2026This vulnerability in Squirrel (up to version 3.2) allows local attackers to trigger an out-of-bounds read via manipulation of the _target_stack argum...
Feb 18, 2026This CVE describes a memory corruption vulnerability in the lobster::Parser::ParseStatements function of the aardappel lobster library. Attackers with...
Feb 10, 2026CVE-2026-2258 is a memory corruption vulnerability in aardappel lobster's WaveFunctionCollapse function that allows local attackers to execute arbitra...
Feb 10, 2026An out-of-bounds read vulnerability exists in CCExtractor's MPEG-TS file parser affecting versions up to 183. This allows local attackers to read memo...
Feb 9, 2026A memory corruption vulnerability in AprilRobotics apriltag library versions up to 3.4.5 allows local attackers to potentially execute arbitrary code ...
Feb 9, 2026CVE-2026-2241 is an out-of-bounds read vulnerability in the os_strftime function of Janet programming language. This allows local attackers to read me...
Feb 9, 2026This vulnerability in janet-lang allows local attackers to perform out-of-bounds read operations via the janetc_if function. It affects janet versions...
Feb 9, 2026CVE-2026-2240 is an out-of-bounds read vulnerability in the janet programming language's compiler function janetc_pop_funcdef. This allows local attac...
Feb 9, 2026A stack-based buffer overflow vulnerability exists in llama.cpp's GBNF grammar handler. This allows local attackers to potentially execute arbitrary c...
Feb 6, 2026A memory corruption vulnerability in MicroPython's mp_import_all function allows local attackers to potentially execute arbitrary code or crash the in...
Feb 6, 2026This vulnerability in OpenColorIO allows local attackers to perform out-of-bounds read operations via manipulation of the ConvertToRegularExpression f...
Jan 11, 2026A double-free vulnerability exists in the nnn file manager up to version 5.1, specifically in the show_content_in_floating_window/run_cmd_as_plugin fu...
Nov 23, 2025This vulnerability allows an attacker with access to a guest virtual machine to exploit a memory buffer issue in PCIe Link, potentially causing a deni...
Feb 13, 2026This CVE describes a buffer overflow vulnerability in CardboardPowered's cardboard software, specifically in WorldImpl.java. Attackers could exploit t...
Jan 27, 2026This CVE describes a buffer overflow vulnerability in the miniUPnP library component of Gaijin Entertainment's DagorEngine game engine. Attackers coul...
Jan 27, 2026This CVE describes a buffer overflow vulnerability in the FAAD2 library component of anyRTC-RTMP-OpenSource, specifically in bits.C and syntax.C files...
Jan 27, 2026About Buffer Overflow (CWE-119)
The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.
Our database tracks 1,232 CVEs classified as CWE-119, with 144 rated critical and 897 rated high severity. The average CVSS score for Buffer Overflow vulnerabilities is 8.0.
External reference: View CWE-119 on MITRE CWE →
Monitor Buffer Overflow Vulnerabilities
Get alerted when new Buffer Overflow CVEs affect your infrastructure.
Start Monitoring Free