Vulnerabilities > Improper Restriction of Operations within the Bounds of a Memory Buffer
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-31 | CVE-2017-16913 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel The "stub_recv_cmd_submit()" function (drivers/usb/usbip/stub_rx.c) in the Linux Kernel before version 4.14.8, 4.9.71, and 4.4.114 when handling CMD_SUBMIT packets allows attackers to cause a denial of service (arbitrary memory allocation) via a specially crafted USB over IP packet. | 5.9 |
| 2018-01-31 | CVE-2017-15655 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Asus Asuswrt Multiple buffer overflow vulnerabilities exist in the HTTPd server in Asus asuswrt version <=3.0.0.4.376.X. | 9.6 |
| 2018-01-31 | CVE-2018-5996 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Insufficient exception handling in the method NCompress::NRar3::CDecoder::Code of 7-Zip before 18.00 and p7zip can lead to multiple memory corruptions within the PPMd code, allows remote attackers to cause a denial of service (segmentation fault) or execute arbitrary code via a crafted RAR archive. | 7.8 |
| 2018-01-31 | CVE-2018-5701 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Iolo System Shield 5.0.0.136 In Iolo System Shield AntiVirus and AntiSpyware 5.0.0.136, the amp.sys driver file contains an Arbitrary Write vulnerability due to not validating input values from IOCtl 0x00226003. | 9.8 |
| 2018-01-30 | CVE-2014-4705 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei products Multiple heap-based buffer overflows in the eSap software platform in Huawei Campus S9300, S7700, S9700, S5300, S5700, S6300, and S6700 series switches; AR150, AR160, AR200, AR1200, AR2200, AR3200, AR530, NetEngine16EX, SRG1300, SRG2300, and SRG3300 series routers; and WLAN AC6005, AC6605, and ACU2 access controllers allow remote attackers to cause a denial of service (device restart) via a crafted length field in a packet. | 7.5 |
| 2018-01-29 | CVE-2018-6390 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in WPS Office 10.1.0.7106/10.2.0.5978 The WStr::assign function in kso.dll in Kingsoft WPS Office 10.1.0.7106 and 10.2.0.5978 does not validate the size of the source memory block before an _copy call, which allows remote attackers to cause a denial of service (access violation and application crash) via a crafted (a) web page, (b) office document, or (c) .rtf file. | 6.5 |
| 2018-01-29 | CVE-2018-6381 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In ZZIPlib 0.13.67, 0.13.66, 0.13.65, 0.13.64, 0.13.63, 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57 and 0.13.56 there is a segmentation fault caused by invalid memory access in the zzip_disk_fread function (zzip/mmapped.c) because the size variable is not validated against the amount of file->stored data. | 6.5 |
| 2018-01-26 | CVE-2017-12379 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. | 9.8 |
| 2018-01-26 | CVE-2017-12376 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. | 7.8 |
| 2018-01-26 | CVE-2017-12375 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |