Vulnerabilities > Improper Restriction of Operations within the Bounds of a Memory Buffer
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-01-31 | CVE-2016-8698 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Potrace Project Potrace Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8699, CVE-2016-8700, CVE-2016-8701, CVE-2016-8702, and CVE-2016-8703. | 7.8 |
| 2017-01-31 | CVE-2016-8686 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Potrace Project Potrace The bm_new function in bitmap.h in potrace 1.13 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure. | 7.8 |
| 2017-01-31 | CVE-2016-8685 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Potrace Project Potrace The findnext function in decompose.c in potrace 1.13 allows remote attackers to cause a denial of service (invalid memory access and crash) via a crafted BMP image. | 5.5 |
| 2017-01-30 | CVE-2015-2181 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Roundcube Webmail Multiple buffer overflows in the DBMail driver in the Password plugin in Roundcube before 1.1.0 allow remote attackers to have unspecified impact via the (1) password or (2) username. | 8.8 |
| 2017-01-30 | CVE-2016-2519 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in NTP ntpd in NTP before 4.2.8p7 and 4.3.x before 4.3.92 allows remote attackers to cause a denial of service (ntpd abort) by a large request data value, which triggers the ctl_getitem function to return a NULL value. | 5.9 |
| 2017-01-30 | CVE-2015-7975 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in NTP The nextvar function in NTP before 4.2.8p6 and 4.3.x before 4.3.90 does not properly validate the length of its input, which allows an attacker to cause a denial of service (application crash). | 6.2 |
| 2017-01-28 | CVE-2017-5486 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tcpdump The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print(). | 9.8 |
| 2017-01-28 | CVE-2017-5485 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tcpdump The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in addrtoname.c:lookup_nsap(). | 9.8 |
| 2017-01-28 | CVE-2017-5484 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tcpdump The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:sig_print(). | 9.8 |
| 2017-01-28 | CVE-2017-5483 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tcpdump The SNMP parser in tcpdump before 4.9.0 has a buffer overflow in print-snmp.c:asn1_parse(). | 9.8 |