Vulnerabilities > Improper Restriction of Operations within the Bounds of a Memory Buffer
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-23 | CVE-2017-13140 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Imagemagick In ImageMagick before 6.9.9-1 and 7.x before 7.0.6-2, the ReadOnePNGImage function in coders/png.c allows remote attackers to cause a denial of service (application hang in LockSemaphoreInfo) via a PNG file with a width equal to MAGICK_WIDTH_LIMIT. | 6.5 |
| 2017-08-22 | CVE-2017-12787 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Noviflow Noviware 400.2.6 A network interface of the novi_process_manager_daemon service, included in the NoviWare software distribution through NW400.2.6 and deployed on NoviSwitch devices, can be inadvertently exposed if an operator attempts to modify ACLs, because of a bug when ACL modifications are applied. | 9.8 |
| 2017-08-22 | CVE-2017-12786 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Noviflow Noviware 400.2.6 Network interfaces of the cliengine and noviengine services, included in the NoviWare software distribution through NW400.2.6 and deployed on NoviSwitch devices, can be inadvertently exposed if an operator attempts to modify ACLs, because of a bug when ACL modifications are applied. | 9.8 |
| 2017-08-22 | CVE-2017-12785 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Noviflow Noviware 400.2.6 The novish command-line interface, included in the NoviWare software distribution through NW400.2.6 and deployed on NoviSwitch devices, is prone to a buffer overflow in the "show log cli" command. | 9.8 |
| 2017-08-22 | CVE-2017-13064 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:311:12. | 6.5 |
| 2017-08-22 | CVE-2017-13063 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:314:12. | 6.5 |
| 2017-08-21 | CVE-2017-12983 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Imagemagick 7.0.68 Heap-based buffer overflow in the ReadSFWImage function in coders/sfw.c in ImageMagick 7.0.6-8 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file. | 8.8 |
| 2017-08-21 | CVE-2017-12982 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Uclouvain Openjpeg The bmp_read_info_header function in bin/jp2/convertbmp.c in OpenJPEG 2.2.0 does not reject headers with a zero biBitCount, which allows remote attackers to cause a denial of service (memory allocation failure) in the opj_image_create function in lib/openjp2/image.c, related to the opj_aligned_alloc_n function in opj_malloc.c. | 5.5 |
| 2017-08-20 | CVE-2017-12966 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Asn1C Project Asn1C 0.9.28 The asn1f_lookup_symbol_impl function in asn1fix_retrieve.c in libasn1fix.a in asn1c 0.9.28 allows remote attackers to cause a denial of service (segmentation fault) via a crafted .asn1 file. | 6.5 |
| 2017-08-19 | CVE-2017-11323 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Estsoft Alzip Stack-based buffer overflow in ESTsoft ALZip 8.51 and earlier allows remote attackers to execute arbitrary code via a crafted MS-DOS device file, as demonstrated by use of "AUX" as the initial substring of a filename. | 7.8 |