Vulnerabilities > Improper Restriction of Operations within the Bounds of a Memory Buffer

DATE CVE VULNERABILITY TITLE RISK
2016-01-09 CVE-2015-7087 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Quicktime
Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-7085, CVE-2015-7086, CVE-2015-7088, CVE-2015-7089, CVE-2015-7090, CVE-2015-7091, CVE-2015-7092, and CVE-2015-7117.
local
low complexity
apple CWE-119
6.6
2016-01-09 CVE-2015-7086 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Quicktime
Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-7085, CVE-2015-7087, CVE-2015-7088, CVE-2015-7089, CVE-2015-7090, CVE-2015-7091, CVE-2015-7092, and CVE-2015-7117.
local
low complexity
apple CWE-119
6.6
2016-01-09 CVE-2015-7085 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Quicktime
Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-7086, CVE-2015-7087, CVE-2015-7088, CVE-2015-7089, CVE-2015-7090, CVE-2015-7091, CVE-2015-7092, and CVE-2015-7117.
local
low complexity
apple CWE-119
6.6
2016-01-08 CVE-2016-1131 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in DX Library Project DX Library 3.15E
Buffer overflow in the CL_vsprintf function in Takumi Yamada DX Library before 3.16 allows remote attackers to execute arbitrary code via a crafted string.
local
low complexity
dx-library-project CWE-119
7.8
2016-01-06 CVE-2015-6636 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
mediaserver in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bugs 25070493 and 24686670.
network
low complexity
google CWE-119
critical
9.8
2016-01-03 CVE-2016-1283 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The pcre_compile2 function in pcre_compile.c in PCRE 8.38 mishandles the /((?:F?+(?:^(?(R)a+\"){99}-))(?J)(?'R'(?'R'<((?'RR'(?'R'\){97)?J)?J)(?'R'(?'R'\){99|(:(?|(?'R')(\k'R')|((?'R')))H'R'R)(H'R))))))/ pattern and related patterns with named subgroups, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
network
low complexity
pcre php fedoraproject oracle CWE-119
critical
9.8
2016-01-02 CVE-2015-7422 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM I Access 7.1
Buffer overflow in IBM i Access 7.1 on Windows allows local users to cause a denial of service (application crash) via unspecified vectors.
local
low complexity
ibm CWE-119
5.5
2016-01-02 CVE-2015-2023 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM I Access 7.1
Buffer overflow in IBM i Access 7.1 on Windows allows local users to gain privileges via unspecified vectors.
local
low complexity
ibm CWE-119
8.8
2015-12-31 CVE-2015-2895 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Idera Uptime Infrastructure Monitor 7.4
Buffer overflow in the up.time client in Idera Uptime Infrastructure Monitor 7.4 might allow remote attackers to execute arbitrary code via long command input.
network
low complexity
idera CWE-119
7.3
2015-12-28 CVE-2015-8645 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products
Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8459, CVE-2015-8460, and CVE-2015-8636.
network
low complexity
adobe CWE-119
8.8