Vulnerabilities > Improper Restriction of Operations within the Bounds of a Memory Buffer
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-09-21 | CVE-2016-5017 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apache Zookeeper Buffer overflow in the C cli shell in Apache Zookeeper before 3.4.9 and 3.5.x before 3.5.3, when using the "cmd:" batch mode syntax, allows attackers to have unspecified impact via a long command string. | 8.1 |
| 2016-09-21 | CVE-2016-4302 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap-based buffer overflow in the parse_codes function in archive_read_support_format_rar.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a RAR file with a zero-sized dictionary. | 7.8 |
| 2016-09-21 | CVE-2016-4301 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libarchive Stack-based buffer overflow in the parse_device function in archive_read_support_format_mtree.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a crafted mtree file. | 7.8 |
| 2016-09-20 | CVE-2015-8929 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Memory leak in the __archive_read_get_extract function in archive_read_extract2.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service via a tar file. | 5.5 |
| 2016-09-20 | CVE-2015-8919 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The lha_read_file_extended_header function in archive_read_support_format_lha.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds heap) via a crafted (1) lzh or (2) lha file. | 7.5 |
| 2016-09-20 | CVE-2015-8918 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The archive_string_append function in archive_string.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted cab files, related to "overlapping memcpy." | 7.5 |
| 2016-09-19 | CVE-2016-5814 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Rockwellautomation products Buffer overflow in Rockwell Automation RSLogix Micro Starter Lite, RSLogix Micro Developer, RSLogix 500 Starter Edition, RSLogix 500 Standard Edition, and RSLogix 500 Professional Edition allows remote attackers to execute arbitrary code via a crafted RSS project file. | 8.6 |
| 2016-09-18 | CVE-2016-4705 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Xcode otool in Apple Xcode before 8 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via unspecified vectors, a different vulnerability than CVE-2016-4704. | 7.8 |
| 2016-09-18 | CVE-2016-4704 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Xcode otool in Apple Xcode before 8 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via unspecified vectors, a different vulnerability than CVE-2016-4705. | 7.8 |
| 2016-09-17 | CVE-2016-7418 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in PHP The php_wddx_push_element function in ext/wddx/wddx.c in PHP before 5.6.26 and 7.x before 7.0.11 allows remote attackers to cause a denial of service (invalid pointer access and out-of-bounds read) or possibly have unspecified other impact via an incorrect boolean element in a wddxPacket XML document, leading to mishandling in a wddx_deserialize call. | 7.5 |