Vulnerabilities > Improper Restriction of Operations within the Bounds of a Memory Buffer
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-18 | CVE-2014-10052 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile, Snapdragon Wear, and Small Cell SoC FSM9055, IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 600, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, SD 810, SD 835, and SDX20, the reserved memory of TZ subsystem (like TZ apps and some PIL image subsystem) is not cleared after being used. | 9.8 |
| 2018-04-18 | CVE-2014-10045 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 820, and SDX20, buffer overflow vulnerability exist in Sahara boot when program header are parsing. | 9.8 |
| 2018-04-18 | CVE-2014-10043 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, and SD 800, while reading PlayReady rights string information from command buffer (which is sent from non-secure side), if length of rights string is very large, a buffer over read occurs, exposing TZ App memory to non-secure side. | 7.5 |
| 2018-04-17 | CVE-2017-9638 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mitsubishielectric E-Designer 7.52 Mitsubishi E-Designer, Version 7.52 Build 344 contains six code sections which may be exploited to overwrite the stack. | 9.8 |
| 2018-04-17 | CVE-2017-9636 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mitsubishielectric E-Designer 7.52 Mitsubishi E-Designer, Version 7.52 Build 344 contains five code sections which may be exploited to overwrite the heap. | 9.8 |
| 2018-04-16 | CVE-2018-10124 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The kill_something_info function in kernel/signal.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service via an INT_MIN argument. | 5.5 |
| 2018-04-16 | CVE-2018-10114 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Gegl An issue was discovered in GEGL through 0.3.32. | 8.8 |
| 2018-04-16 | CVE-2018-10113 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Gegl Generic Graphics Library An issue was discovered in GEGL through 0.3.32. | 7.5 |
| 2018-04-16 | CVE-2018-10112 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Gegl An issue was discovered in GEGL through 0.3.32. | 8.8 |
| 2018-04-16 | CVE-2018-10111 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Gegl An issue was discovered in GEGL through 0.3.32. | 7.5 |