Vulnerabilities > Improper Restriction of Operations within the Bounds of a Memory Buffer
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-15 | CVE-2018-11095 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libming The decompileJUMP function in decompile.c in libming through 0.4.8 mishandles cases where the header indicates a file size greater than the actual size, which allows remote attackers to cause a denial of service (Segmentation fault and application crash) or possibly have unspecified other impact. | 8.8 |
| 2018-05-14 | CVE-2018-11033 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xpdfreader Xpdf 4.00 The DCTStream::readHuffSym function in Stream.cc in the DCT decoder in xpdf before 4.00 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JPEG data. | 7.8 |
| 2018-05-13 | CVE-2018-11017 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libming The newVar_N function in decompile.c in libming through 0.4.8 mishandles cases where the header indicates a file size greater than the actual size, which allows remote attackers to cause a denial of service (Segmentation fault and application crash) or possibly have unspecified other impact. | 8.8 |
| 2018-05-12 | CVE-2018-10996 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in D-Link Dir-629-B Firmware The weblogin_log function in /htdocs/cgibin on D-Link DIR-629-B1 devices allows attackers to execute arbitrary code or cause a denial of service (buffer overflow) via a session.cgi?ACTION=logout request involving a long REMOTE_ADDR environment variable. | 9.8 |
| 2018-05-10 | CVE-2018-10655 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Devicelock Plug and Play Auditor 5.72 DLPnpAuditor.exe in DeviceLock Plug and Play Auditor (freeware) 5.72 has a Unicode Buffer Overflow (SEH). | 7.8 |
| 2018-05-10 | CVE-2017-6289 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In Android before the 2018-05-05 security patch level, NVIDIA Trusted Execution Environment (TEE) contains a memory corruption (due to unusual root cause) vulnerability, which if run within the speculative execution of the TEE, may lead to local escalation of privileges. | 7.8 |
| 2018-05-10 | CVE-2018-8061 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Hwinfo Amd64 Kernel Driver 8.98 HWiNFO AMD64 Kernel driver version 8.98 and lower allows an unprivileged user to send IOCTL 0x85FE2608 to the device driver with the HWiNFO32 symbolic device name, resulting in direct physical memory read or write. | 7.1 |
| 2018-05-10 | CVE-2018-10958 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In types.cpp in Exiv2 0.26, a large size value may lead to a SIGABRT during an attempt at memory allocation for an Exiv2::Internal::PngChunk::zlibUncompress call. | 6.5 |
| 2018-05-09 | CVE-2018-8151 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Exchange Server 2010/2013/2016 An information disclosure vulnerability exists when Microsoft Exchange improperly handles objects in memory, aka "Microsoft Exchange Memory Corruption Vulnerability." This affects Microsoft Exchange Server. | 4.3 |
| 2018-05-09 | CVE-2018-10940 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c in the Linux kernel before 4.16.6 allows local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory. | 5.5 |