Vulnerabilities > Improper Restriction of Operations within the Bounds of a Memory Buffer

DATE CVE VULNERABILITY TITLE RISK
2016-08-09 CVE-2016-3318 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Office 2007/2010/2013
Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2013 RT SP1 allow remote attackers to execute arbitrary code via a crafted file, aka "Graphics Component Memory Corruption Vulnerability."
local
low complexity
microsoft CWE-119
7.8
2016-08-09 CVE-2016-3317 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products
Microsoft Office 2010 SP2, Word 2007 SP3, Word 2010 SP2, Word for Mac 2011, Word 2016 for Mac, and Word Viewer allow remote attackers to execute arbitrary code via a crafted file, aka "Microsoft Office Memory Corruption Vulnerability."
local
low complexity
microsoft CWE-119
7.8
2016-08-09 CVE-2016-3316 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Word and Word for mac
Microsoft Word 2013 SP1, 2013 RT SP1, 2016, and 2016 for Mac allow remote attackers to execute arbitrary code via a crafted file, aka "Microsoft Office Memory Corruption Vulnerability."
local
low complexity
microsoft CWE-119
7.8
2016-08-09 CVE-2016-3313 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Office, Word for mac and Word Viewer
Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016, Word 2016 for Mac, and Word Viewer allow remote attackers to execute arbitrary code via a crafted file, aka "Microsoft Office Memory Corruption Vulnerability."
local
low complexity
microsoft CWE-119
7.8
2016-08-09 CVE-2016-3296 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."
network
high complexity
microsoft CWE-119
7.5
2016-08-09 CVE-2016-3293 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge and Internet Explorer
Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to execute arbitrary code via a crafted web page, aka "Microsoft Browser Memory Corruption Vulnerability."
network
high complexity
microsoft CWE-119
7.5
2016-08-09 CVE-2016-3290 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Internet Explorer 11
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code via a crafted web page, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3288.
network
high complexity
microsoft CWE-119
7.5
2016-08-09 CVE-2016-3289 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge and Internet Explorer
Microsoft Internet Explorer 11 and Edge allow remote attackers to execute arbitrary code via a crafted web page, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3322.
network
high complexity
microsoft CWE-119
7.5
2016-08-09 CVE-2016-3288 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Internet Explorer 11
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code via a crafted web page, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3290.
network
high complexity
microsoft CWE-119
7.5
2016-08-07 CVE-2016-2063 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel
Stack-based buffer overflow in the supply_lm_input_write function in drivers/thermal/supply_lm_core.c in the MSM Thermal driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted application that sends a large amount of data through the debugfs interface.
local
low complexity
linux CWE-119
7.8