Vulnerabilities > Improper Restriction of Operations within the Bounds of a Memory Buffer
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-22 | CVE-2017-15801 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xnview 2.43 XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77310000!LdrpResSearchResourceInsideDirectory+0x000000000000029e." | 7.8 |
| 2017-10-20 | CVE-2017-15670 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Glibc The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the ~ operator followed by a long string. | 9.8 |
| 2017-10-19 | CVE-2017-15650 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Musl-Libc Musl musl libc before 1.1.17 has a buffer overflow via crafted DNS replies because dns_parse_callback in network/lookup_name.c does not restrict the number of addresses, and thus an attacker can provide an unexpected number by sending A records in a reply to an AAAA query. | 7.5 |
| 2017-10-19 | CVE-2015-4422 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei Mate 7 Firmware The TEEOS module in Huawei Mate 7 (Mate7-TL10) smartphones before V100R001CHNC00B126SP03 allows local users with root permissions to gain privileges or cause a denial of service (memory corruption) via a crafted application. | 7.0 |
| 2017-10-19 | CVE-2015-4421 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei Mate 7 Firmware The tzdriver module in Huawei Mate 7 (Mate7-TL10) smartphones before V100R001CHNC00B126SP03 allows local users to gain privileges or cause a denial of service (memory corruption) via an unspecified input. | 7.5 |
| 2017-10-19 | CVE-2017-12260 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products A vulnerability in the implementation of Session Initiation Protocol (SIP) functionality in Cisco Small Business SPA50x, SPA51x, and SPA52x Series IP Phones could allow an unauthenticated, remote attacker to cause an affected device to become unresponsive, resulting in a denial of service (DoS) condition. | 7.5 |
| 2017-10-19 | CVE-2017-12259 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Small Business IP Phone Firmware 7.6.2 A vulnerability in the implementation of Session Initiation Protocol (SIP) functionality in Cisco Small Business SPA51x Series IP Phones could allow an unauthenticated, remote attacker to cause an affected device to become unresponsive, resulting in a denial of service (DoS) condition. | 7.5 |
| 2017-10-18 | CVE-2017-15601 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Libextractor 1.4 In GNU Libextractor 1.4, there is a heap-based buffer overflow in the EXTRACTOR_png_extract_method function in plugins/png_extractor.c, related to processiTXt and stndup. | 7.5 |
| 2017-10-18 | CVE-2017-8022 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in EMC Networker An issue was discovered in EMC NetWorker (prior to 8.2.4.9, all supported 9.0.x versions, prior to 9.1.1.3, prior to 9.2.0.4). | 8.1 |
| 2017-10-18 | CVE-2011-5320 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Glibc scanf and related functions in glibc before 2.15 allow local users to cause a denial of service (segmentation fault) via a large string of 0s. | 6.2 |