Total
11970 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-19978 | 1 Auerswald | 2 Comfortel 1200 Ip, Comfortel 1200 Ip Firmware | 2024-11-21 | 7.7 HIGH | 8.0 HIGH |
| A buffer overflow vulnerability in the DHCP and PPPOE configuration interface of the Auerswald COMfort 1200 IP phone 3.4.4.1-10589 allows a remote attacker (authenticated as simple user in the same network as the device) to trigger remote code execution via a POST request (ManufacturerName parameter) to the web server on the device. The web server is running with root privileges and the injected code will also run with root privileges. | |||||
| CVE-2018-19891 | 1 Audiocoding | 1 Freeware Advanced Audio Coder | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| An invalid memory address dereference was discovered in the huffcode function (libfaac/huff2.c) in Freeware Advanced Audio Coder (FAAC) 1.29.9.2. The vulnerability causes a segmentation fault and application crash, which leads to denial of service in the book 10 case. | |||||
| CVE-2018-19890 | 1 Audiocoding | 1 Freeware Advanced Audio Coder | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| An invalid memory address dereference was discovered in the huffcode function (libfaac/huff2.c) in Freeware Advanced Audio Coder (FAAC) 1.29.9.2. The vulnerability causes a segmentation fault and application crash, which leads to denial of service in the book 2 case. | |||||
| CVE-2018-19889 | 1 Audiocoding | 1 Freeware Advanced Audio Coder | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| An invalid memory address dereference was discovered in the huffcode function (libfaac/huff2.c) in Freeware Advanced Audio Coder (FAAC) 1.29.9.2. The vulnerability causes a segmentation fault and application crash, which leads to denial of service in the book 6 case. | |||||
| CVE-2018-19888 | 1 Audiocoding | 1 Freeware Advanced Audio Coder | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| An invalid memory address dereference was discovered in the huffcode function (libfaac/huff2.c) in Freeware Advanced Audio Coder (FAAC) 1.29.9.2. The vulnerability causes a segmentation fault and application crash, which leads to denial of service in the HCB_ESC case. | |||||
| CVE-2018-19887 | 1 Audiocoding | 1 Freeware Advanced Audio Coder | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| An invalid memory address dereference was discovered in the huffcode function (libfaac/huff2.c) in Freeware Advanced Audio Coder (FAAC) 1.29.9.2. The vulnerability causes a segmentation fault and application crash, which leads to denial of service in the book 4 case. | |||||
| CVE-2018-19886 | 1 Audiocoding | 1 Freeware Advanced Audio Coder | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| An invalid memory address dereference was discovered in the huffcode function (libfaac/huff2.c) in Freeware Advanced Audio Coder (FAAC) 1.29.9.2. The vulnerability causes a segmentation fault and application crash, which leads to denial of service in the book 8 case. | |||||
| CVE-2018-19864 | 1 Nuuo | 1 Nvrmini2 Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| NUUO NVRmini2 Network Video Recorder firmware through 3.9.1 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow), resulting in ability to read camera feeds or reconfigure the device. | |||||
| CVE-2018-19862 | 1 Minishare Project | 1 Minishare | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP POST request. NOTE: this product is discontinued. | |||||
| CVE-2018-19861 | 1 Minishare Project | 1 Minishare | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP HEAD request. NOTE: this product is discontinued. | |||||
| CVE-2018-19800 | 1 Aubio | 1 Aubio | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| aubio v0.4.0 to v0.4.8 has a Buffer Overflow in new_aubio_tempo. | |||||
| CVE-2018-19792 | 1 Litespeedtech | 1 Openlitespeed | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
| The server in LiteSpeed OpenLiteSpeed before 1.5.0 RC6 allows local users to cause a denial of service (buffer overflow) or possibly have unspecified other impact by creating a symlink through which the openlitespeed program can be invoked with a long command name (involving ../ characters), which is mishandled in the LshttpdMain::getServerRootFromExecutablePath function. | |||||
| CVE-2018-19587 | 1 Cesanta | 1 Mongoose | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| In Cesanta Mongoose 6.13, a SIGSEGV exists in the mongoose.c mg_mqtt_add_session() function. | |||||
| CVE-2018-19568 | 1 Dcraw Project | 1 Dcraw | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| A floating point exception in kodak_radc_load_raw in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code. | |||||
| CVE-2018-19567 | 1 Dcraw Project | 1 Dcraw | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| A floating point exception in parse_tiff_ifd in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code. | |||||
| CVE-2018-19528 | 1 Tp-link | 2 Tl-wr886n, Tl-wr886n Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| TP-Link TL-WR886N 7.0 1.1.0 devices allow remote attackers to cause a denial of service (Tlb Load Exception) via crafted DNS packets to port 53/udp. | |||||
| CVE-2018-19523 | 1 Driveagent | 1 Driveagent | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| DriverAgent 2.2015.7.14, which includes DrvAgent64.sys 1.0.0.1, allows a user to send an IOCTL (0x80002068) with a user defined buffer size. If the size of the buffer is less than 512 bytes, then the driver will overwrite the next pool header if there is one next to the user buffer's pool. | |||||
| CVE-2018-19492 | 3 Debian, Gnuplot, Opensuse | 3 Debian Linux, Gnuplot, Leap | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in cairo.trm in Gnuplot 5.2.5. This issue allows an attacker to conduct a buffer overflow with an arbitrary amount of data in the cairotrm_options function. This flaw is caused by a missing size check of an argument passed to the "set font" function. This issue occurs when the Gnuplot pngcairo terminal is used as a backend. | |||||
| CVE-2018-19491 | 3 Debian, Gnuplot, Opensuse | 3 Debian Linux, Gnuplot, Leap | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in post.trm in Gnuplot 5.2.5. This issue allows an attacker to conduct a buffer overflow with an arbitrary amount of data in the PS_options function. This flaw is caused by a missing size check of an argument passed to the "set font" function. This issue occurs when the Gnuplot postscript terminal is used as a backend. | |||||
| CVE-2018-19459 | 1 Armcode | 1 Adult Filter | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Adult Filter 1.0 has a Buffer Overflow via a crafted Black Domain List file. | |||||