Vulnerabilities > Improper Restriction of Operations within the Bounds of a Memory Buffer
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-21 | CVE-2015-5315 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The eap_pwd_process function in eap_peer/eap_pwd.c in wpa_supplicant 2.x before 2.6 does not validate that the reassembly buffer is large enough for the final fragment when EAP-pwd is enabled in a network configuration profile, which allows remote attackers to cause a denial of service (process termination) via a large final fragment in an EAP-pwd message. | 5.9 |
| 2018-02-21 | CVE-2015-5314 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The eap_pwd_process function in eap_server/eap_server_pwd.c in hostapd 2.x before 2.6 does not validate that the reassembly buffer is large enough for the final fragment when used with (1) an internal EAP server or (2) a RADIUS server and EAP-pwd is enabled in a runtime configuration, which allows remote attackers to cause a denial of service (process termination) via a large final fragment in an EAP-pwd message. | 5.9 |
| 2018-02-20 | CVE-2017-6193 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apng Disassembler Project Apng Disassembler Buffer overflow in APNGDis 2.8 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted image containing a malformed image size descriptor in the IHDR chunk. | 5.5 |
| 2018-02-20 | CVE-2017-6192 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apng Disassembler Project Apng Disassembler Buffer overflow in APNGDis 2.8 and earlier allows a remote attackers to cause denial of service and possibly execute arbitrary code via a crafted image containing a malformed chunk size descriptor. | 5.5 |
| 2018-02-19 | CVE-2017-7376 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Buffer overflow in libxml2 allows remote attackers to execute arbitrary code by leveraging an incorrect limit for port values when handling redirects. | 9.8 |
| 2018-02-19 | CVE-2012-0771 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Shockwave Player Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0759. | 8.8 |
| 2018-02-19 | CVE-2010-0109 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Symantec Altiris Deployment Solution DBManager in Symantec Altiris Deployment Solution 6.9.x before DS 6.9 SP4 allows remote attackers to cause a denial of service via a crafted request. | 6.5 |
| 2018-02-19 | CVE-2018-7247 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Leptonica An issue was discovered in pixHtmlViewer in prog/htmlviewer.c in Leptonica before 1.75.3. | 9.8 |
| 2018-02-19 | CVE-2018-5473 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GE D60 Line Distance Relay Firmware 7.11 An Improper Restriction of Operations within the Bounds of a Memory Buffer issue was discovered in GE D60 Line Distance Relay devices running firmware Version 7.11 and prior. | 9.8 |
| 2018-02-19 | CVE-2018-5378 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The Quagga BGP daemon (bgpd) prior to version 1.2.3 does not properly bounds check the data sent with a NOTIFY to a peer, if an attribute length is invalid. | 5.9 |