Vulnerabilities > Improper Restriction of Operations within the Bounds of a Memory Buffer
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-01-09 | CVE-2015-7087 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Quicktime Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-7085, CVE-2015-7086, CVE-2015-7088, CVE-2015-7089, CVE-2015-7090, CVE-2015-7091, CVE-2015-7092, and CVE-2015-7117. | 6.6 |
2016-01-09 | CVE-2015-7086 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Quicktime Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-7085, CVE-2015-7087, CVE-2015-7088, CVE-2015-7089, CVE-2015-7090, CVE-2015-7091, CVE-2015-7092, and CVE-2015-7117. | 6.6 |
2016-01-09 | CVE-2015-7085 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Quicktime Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-7086, CVE-2015-7087, CVE-2015-7088, CVE-2015-7089, CVE-2015-7090, CVE-2015-7091, CVE-2015-7092, and CVE-2015-7117. | 6.6 |
2016-01-08 | CVE-2016-1131 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in DX Library Project DX Library 3.15E Buffer overflow in the CL_vsprintf function in Takumi Yamada DX Library before 3.16 allows remote attackers to execute arbitrary code via a crafted string. | 7.8 |
2016-01-06 | CVE-2015-6636 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android mediaserver in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bugs 25070493 and 24686670. | 9.8 |
2016-01-03 | CVE-2016-1283 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The pcre_compile2 function in pcre_compile.c in PCRE 8.38 mishandles the /((?:F?+(?:^(?(R)a+\"){99}-))(?J)(?'R'(?'R'<((?'RR'(?'R'\){97)?J)?J)(?'R'(?'R'\){99|(:(?|(?'R')(\k'R')|((?'R')))H'R'R)(H'R))))))/ pattern and related patterns with named subgroups, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. | 9.8 |
2016-01-02 | CVE-2015-7422 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM I Access 7.1 Buffer overflow in IBM i Access 7.1 on Windows allows local users to cause a denial of service (application crash) via unspecified vectors. | 5.5 |
2016-01-02 | CVE-2015-2023 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM I Access 7.1 Buffer overflow in IBM i Access 7.1 on Windows allows local users to gain privileges via unspecified vectors. | 8.8 |
2015-12-31 | CVE-2015-2895 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Idera Uptime Infrastructure Monitor 7.4 Buffer overflow in the up.time client in Idera Uptime Infrastructure Monitor 7.4 might allow remote attackers to execute arbitrary code via long command input. | 7.3 |
2015-12-28 | CVE-2015-8645 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8459, CVE-2015-8460, and CVE-2015-8636. | 8.8 |