Vulnerabilities > Improper Restriction of Operations within the Bounds of a Memory Buffer
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-07-13 | CVE-2016-3240 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Internet Explorer 10/11/9 Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3241 and CVE-2016-3242. | 7.5 |
| 2016-07-13 | CVE-2016-3204 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Internet Explorer 10/11/9 The Microsoft (1) JScript 5.8 and 9 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." | 8.8 |
| 2016-07-12 | CVE-2015-3192 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Pivotal Spring Framework before 3.2.14 and 4.x before 4.1.7 do not properly process inline DTD declarations when DTD is not entirely disabled, which allows remote attackers to cause a denial of service (memory consumption and out-of-memory errors) via a crafted XML file. | 5.5 |
| 2016-07-12 | CVE-2016-5781 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Wecon Levistudio Stack-based buffer overflow in WECON LeviStudio allows remote attackers to execute arbitrary code via a crafted file. | 7.8 |
| 2016-07-12 | CVE-2016-5308 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Symantec Client Intrusion Detection System The Client Intrusion Detection System (CIDS) driver before 15.0.6 in Symantec Endpoint Protection (SEP) and before 15.1.2 in Norton Security allows remote attackers to cause a denial of service (memory corruption and system crash) via a malformed Portable Executable (PE) file. | 5.5 |
| 2016-07-12 | CVE-2016-4533 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Wecon Levistudiou Heap-based buffer overflow in WECON LeviStudio allows remote attackers to execute arbitrary code via a crafted file. | 7.8 |
| 2016-07-11 | CVE-2016-3758 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android Multiple buffer overflows in libdex/OptInvocation.cpp in DexClassLoader in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allow attackers to gain privileges via a crafted application that provides a long filename, aka internal bug 27840771. | 7.8 |
| 2016-07-11 | CVE-2016-3745 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android Multiple buffer overflows in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allow attackers to gain privileges via a crafted application that provides an AudioEffect reply, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 28173666. | 9.8 |
| 2016-07-11 | CVE-2016-2508 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android media/libmediaplayerservice/nuplayer/GenericSource.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 does not validate certain track data, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 28799341. | 7.8 |
| 2016-07-11 | CVE-2016-2506 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android DRMExtractor.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 does not validate a certain offset value, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 28175045. | 9.8 |