Vulnerabilities > Improper Restriction of Operations within the Bounds of a Memory Buffer

DATE CVE VULNERABILITY TITLE RISK
2016-09-21 CVE-2016-7094 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in XEN
Buffer overflow in Xen 4.7.x and earlier allows local x86 HVM guest OS administrators on guests running with shadow paging to cause a denial of service via a pagetable update.
local
high complexity
xen CWE-119
4.1
2016-09-21 CVE-2016-6354 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Heap-based buffer overflow in the yy_get_next_buffer function in Flex before 2.6.1 might allow context-dependent attackers to cause a denial of service or possibly execute arbitrary code via vectors involving num_to_read.
network
low complexity
debian westes CWE-119
critical
9.8
2016-09-21 CVE-2016-5017 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apache Zookeeper
Buffer overflow in the C cli shell in Apache Zookeeper before 3.4.9 and 3.5.x before 3.5.3, when using the "cmd:" batch mode syntax, allows attackers to have unspecified impact via a long command string.
network
high complexity
apache CWE-119
8.1
2016-09-21 CVE-2016-4302 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Heap-based buffer overflow in the parse_codes function in archive_read_support_format_rar.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a RAR file with a zero-sized dictionary.
local
low complexity
redhat libarchive CWE-119
7.8
2016-09-21 CVE-2016-4301 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libarchive
Stack-based buffer overflow in the parse_device function in archive_read_support_format_mtree.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a crafted mtree file.
local
low complexity
libarchive CWE-119
7.8
2016-09-20 CVE-2015-8929 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Memory leak in the __archive_read_get_extract function in archive_read_extract2.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service via a tar file.
local
low complexity
suse libarchive CWE-119
5.5
2016-09-20 CVE-2015-8919 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The lha_read_file_extended_header function in archive_read_support_format_lha.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds heap) via a crafted (1) lzh or (2) lha file.
network
low complexity
canonical libarchive novell CWE-119
7.5
2016-09-20 CVE-2015-8918 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The archive_string_append function in archive_string.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted cab files, related to "overlapping memcpy."
network
low complexity
novell libarchive CWE-119
7.5
2016-09-19 CVE-2016-5814 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Rockwellautomation products
Buffer overflow in Rockwell Automation RSLogix Micro Starter Lite, RSLogix Micro Developer, RSLogix 500 Starter Edition, RSLogix 500 Standard Edition, and RSLogix 500 Professional Edition allows remote attackers to execute arbitrary code via a crafted RSS project file.
local
low complexity
rockwellautomation CWE-119
8.6
2016-09-18 CVE-2016-4705 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Xcode
otool in Apple Xcode before 8 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via unspecified vectors, a different vulnerability than CVE-2016-4704.
local
low complexity
apple CWE-119
7.8