Memory-Corruption

A buffer overflow is a memory corruption vulnerability that occurs when data exceeds the allocated memory boundary, potentially allowing attackers to overwrite adjacent memory and execute arbitrary code. This SECMONS glossary entry explains how buffer overflows occur, their impact, and how defenders should interpret related CVEs.

CWE (Common Weakness Enumeration) is the standardized taxonomy used to classify software and hardware weakness types such as use-after-free, buffer overflow, and security feature bypass. This SECMONS glossary entry explains what CWE represents, how it differs from CVE and CVSS, and how defenders use CWE to understand exploitation patterns and prioritize remediation.

Memory corruption refers to vulnerabilities that allow unintended modification of a program’s memory. This SECMONS glossary entry explains how memory corruption occurs, common weakness types such as use-after-free and buffer overflows, how attackers exploit them, and why memory corruption often leads to remote code execution.

An out-of-bounds read occurs when a program reads data outside the boundaries of an allocated memory buffer. This SECMONS glossary entry explains how out-of-bounds reads happen, their security impact, and how they relate to memory corruption and data exposure vulnerabilities.

Remote Code Execution (RCE) allows an attacker to execute arbitrary code on a target system from a remote location. This SECMONS glossary entry explains how RCE occurs, how it differs from other impacts, how it is typically exploited, and why RCE-class vulnerabilities demand immediate attention.

Use-After-Free (CWE-416) is a memory corruption vulnerability class where a program continues to use memory after it has been freed. This SECMONS glossary entry explains how use-after-free bugs occur, why they are dangerous, how they are exploited, and how defenders should interpret related CVEs.