Vulnerabilities > Improper Restriction of Operations within the Bounds of a Memory Buffer

DATE CVE VULNERABILITY TITLE RISK
2016-10-03 CVE-2016-8276 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei products
Buffer overflow in the Point-to-Point Protocol over Ethernet (PPPoE) module in Huawei USG2100, USG2200, USG5100, and USG5500 unified security gateways with software before V300R001C10SPC600, when CHAP authentication is configured on the server, allows remote attackers to cause a denial of service (server restart) or execute arbitrary code via crafted packets sent during authentication.
network
low complexity
huawei CWE-119
critical
9.8
2016-10-03 CVE-2016-1243 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Stack-based buffer overflow in the extractTree function in unADF allows remote attackers to execute arbitrary code via a long pathname.
network
low complexity
debian unadf-project CWE-119
critical
9.8
2016-09-27 CVE-2016-7045 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The format_send_to_gui function in the format parsing code in Irssi before 0.8.20 allows remote attackers to cause a denial of service (heap corruption and crash) via vectors involving the length of a string.
network
low complexity
irssi debian canonical CWE-119
7.5
2016-09-27 CVE-2016-7044 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The unformat_24bit_color function in the format parsing code in Irssi before 0.8.20, when compiled with true-color enabled, allows remote attackers to cause a denial of service (heap corruption and crash) via an incomplete 24bit color code.
network
low complexity
irssi debian canonical CWE-119
7.5
2016-09-25 CVE-2016-4779 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X
Apple Type Services (ATS) in Apple OS X before 10.12 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file.
local
low complexity
apple CWE-119
7.8
2016-09-25 CVE-2016-4775 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Tvos and Watchos
The kernel in Apple OS X before 10.12, tvOS before 10, and watchOS before 3 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
local
low complexity
apple CWE-119
7.8
2016-09-25 CVE-2016-4769 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Itunes
WebKit in Apple iTunes before 12.5.1 on Windows and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
network
low complexity
apple CWE-119
8.8
2016-09-25 CVE-2016-4768 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4759, CVE-2016-4765, CVE-2016-4766, and CVE-2016-4767.
network
low complexity
apple CWE-119
8.8
2016-09-25 CVE-2016-4767 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4759, CVE-2016-4765, CVE-2016-4766, and CVE-2016-4768.
network
low complexity
apple CWE-119
8.8
2016-09-25 CVE-2016-4766 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4759, CVE-2016-4765, CVE-2016-4767, and CVE-2016-4768.
network
low complexity
apple CWE-119
8.8