CWE · MITRE source
CWE-118Incorrect Access of Indexable Resource ('Range Error')
The product does not restrict or incorrectly restricts operations within the boundaries of a resource that is accessed using an index or pointer, such as memory or files.
Last updated: 09 May 2026 03:25 UTC
NIST 800-53 r5 controls that address this weakness (0)AI
| Control | Title | Family | Why it addresses this CWE |
|---|---|---|---|
| No NIST controls proposed yet. | |||
Top CVEs of this weakness type, ranked by Risk Priority
| CVE | Risk | CVSS | EPSS | Published |
|---|---|---|---|---|
CVE-2014-9411 | 2.0 | 9.8 | 0.0011 | 2017-08-18 |
CVE-2015-2000 | 2.0 | 9.8 | 0.0109 | 2018-03-29 |
CVE-2015-2001 | 2.0 | 9.8 | 0.0109 | 2018-03-29 |
CVE-2015-2002 | 2.0 | 9.8 | 0.0109 | 2018-03-29 |
CVE-2015-2003 | 2.0 | 9.8 | 0.0109 | 2018-03-29 |
CVE-2015-2004 | 2.0 | 9.8 | 0.0109 | 2018-03-29 |
CVE-2015-9142 | 2.0 | 9.8 | 0.0021 | 2018-04-18 |
CVE-2016-10495 | 2.0 | 9.8 | 0.0021 | 2018-04-18 |
CVE-2017-5884 | 1.6 | 7.8 | 0.0046 | 2017-02-28 |
CVE-2018-7530 | 1.6 | 7.8 | 0.0006 | 2018-04-17 |
CVE-2020-3235 | 1.6 | 7.7 | 0.0029 | 2020-06-03 |
CVE-2020-3369 | 1.6 | 7.5 | 0.0116 | 2020-07-16 |
CVE-2023-37921 | 1.6 | 7.8 | 0.0007 | 2024-01-08 |
CVE-2023-37922 | 1.6 | 7.8 | 0.0007 | 2024-01-08 |
CVE-2023-37923 | 1.6 | 7.8 | 0.0007 | 2024-01-08 |
CVE-2024-43524 | 1.4 | 6.8 | 0.0050 | 2024-10-08 |
CVE-2017-10872 | 1.3 | 6.5 | 0.0068 | 2017-12-22 |
CVE-2022-36402 | 1.3 | 6.3 | 0.0005 | 2022-09-16 |
CVE-2022-38072 | 1.3 | 6.5 | 0.0060 | 2023-04-03 |
CVE-2023-0201 | 1.3 | 6.7 | 0.0013 | 2023-04-22 |
CVE-2025-48902 | 1.3 | 6.6 | 0.0003 | 2025-06-06 |
CVE-2017-0302 | 1.1 | 5.3 | 0.0031 | 2017-05-09 |
CVE-2019-6130 | 1.1 | 5.5 | 0.0019 | 2019-01-11 |
CVE-2025-54628 | 1.1 | 5.3 | 0.0006 | 2025-08-06 |