Vulnerabilities > Improper Restriction of Operations within the Bounds of a Memory Buffer
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-04-12 | CVE-2016-2857 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The net_checksum_calculate function in net/checksum.c in QEMU allows local guest OS users to cause a denial of service (out-of-bounds heap read and crash) via the payload length in a crafted packet. | 8.4 |
| 2016-04-12 | CVE-2016-1885 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Freebsd 10.1/10.2/9.3 Integer signedness error in the amd64_set_ldt function in sys/amd64/amd64/sys_machdep.c in FreeBSD 9.3 before p39, 10.1 before p31, and 10.2 before p14 allows local users to cause a denial of service (kernel panic) via an i386_set_ldt system call, which triggers a heap-based buffer overflow. | 6.2 |
| 2016-04-11 | CVE-2015-8710 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The htmlParseComment function in HTMLparser.c in libxml2 allows attackers to obtain sensitive information, cause a denial of service (out-of-bounds heap memory access and application crash), or possibly have unspecified other impact via an unclosed HTML comment. | 9.8 |
| 2016-04-11 | CVE-2015-8708 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Claws-Mail 3.13.1 Stack-based buffer overflow in the conv_euctojis function in codeconv.c in Claws Mail 3.13.1 allows remote attackers to have unspecified impact via a crafted email, involving Japanese character set conversion. | 7.3 |
| 2016-04-11 | CVE-2015-8614 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Multiple stack-based buffer overflows in the (1) conv_jistoeuc, (2) conv_euctojis, and (3) conv_sjistoeuc functions in codeconv.c in Claws Mail before 3.13.1 allow remote attackers to have unspecified impact via a crafted email, involving Japanese character set conversion. | 7.3 |
| 2016-04-11 | CVE-2016-2385 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap-based buffer overflow in the encode_msg function in encode_msg.c in the SEAS module in Kamailio (formerly OpenSER and SER) before 4.3.5 allows remote attackers to cause a denial of service (memory corruption and process crash) or possibly execute arbitrary code via a large SIP packet. | 9.8 |
| 2016-04-11 | CVE-2012-6700 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The decode_search function in dhcp.c in dhcpcd 3.x does not properly free allocated memory, which allows remote DHCP servers to cause a denial of service via a crafted response. | 7.5 |
| 2016-04-11 | CVE-2012-6699 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The decode_search function in dhcp.c in dhcpcd 3.x allows remote DHCP servers to cause a denial of service (out-of-bounds read) via a crafted response. | 7.5 |
| 2016-04-11 | CVE-2012-6698 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The decode_search function in dhcp.c in dhcpcd 3.x allows remote DHCP servers to cause a denial of service (out-of-bounds write) via a crafted response. | 7.5 |
| 2016-04-08 | CVE-2016-2324 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Integer overflow in Git before 2.7.4 allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, which triggers a heap-based buffer overflow. | 9.8 |