Total
11928 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-10124 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| The kill_something_info function in kernel/signal.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service via an INT_MIN argument. | |||||
| CVE-2018-10114 | 1 Gegl | 1 Gegl | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in GEGL through 0.3.32. The gegl_buffer_iterate_read_simple function in buffer/gegl-buffer-access.c allows remote attackers to cause a denial of service (write access violation) or possibly have unspecified other impact via a malformed PPM file, related to improper restrictions on memory allocation in the ppm_load_read_header function in operations/external/ppm-load.c. | |||||
| CVE-2018-10113 | 1 Gegl | 1 Generic Graphics Library | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in GEGL through 0.3.32. The process function in operations/external/ppm-load.c has unbounded memory allocation, leading to a denial of service (application crash) upon allocation failure. | |||||
| CVE-2018-10112 | 1 Gegl | 1 Gegl | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in GEGL through 0.3.32. The gegl_tile_backend_swap_constructed function in buffer/gegl-tile-backend-swap.c allows remote attackers to cause a denial of service (write access violation) or possibly have unspecified other impact via a malformed PNG file that is mishandled during a call to the babl_format_get_bytes_per_pixel function in babl-format.c in babl 0.1.46. | |||||
| CVE-2018-10111 | 1 Gegl | 1 Gegl | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in GEGL through 0.3.32. The render_rectangle function in process/gegl-processor.c has unbounded memory allocation, leading to a denial of service (application crash) upon allocation failure. | |||||
| CVE-2018-10098 | 1 Escanav | 1 Escan Internet Security Suite | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| In MicroWorld eScan Internet Security Suite (ISS) for Business 14.0.1400.2029, the driver econceal.sys allows a non-privileged user to send a 0x830020E0 IOCTL request to \\.\econceal to cause a denial of service (BSOD). | |||||
| CVE-2018-10088 | 1 Xiongmaitech | 1 Uc-httpd | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Buffer overflow in XiongMai uc-httpd 1.0.0 has unspecified impact and attack vectors, a different vulnerability than CVE-2017-16725. | |||||
| CVE-2018-10055 | 1 Google | 1 Tensorflow | 2024-11-21 | 5.8 MEDIUM | 8.1 HIGH |
| Invalid memory access and/or a heap buffer overflow in the TensorFlow XLA compiler in Google TensorFlow before 1.7.1 could cause a crash or read from other parts of process memory via a crafted configuration file. | |||||
| CVE-2018-10018 | 1 Gdata-software | 1 Total Security | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The GDASPAMLib.AntiSpam ActiveX control ASK\GDASpam.dll in G DATA Total Security 25.4.0.3 has a buffer overflow via a long IsBlackListed argument. | |||||
| CVE-2018-1000886 | 1 Nasm | 1 Netwide Assembler | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| nasm version 2.14.01rc5, 2.15 contains a Buffer Overflow vulnerability in asm/stdscan.c:130 that can result in Stack-overflow caused by triggering endless macro generation, crash the program. This attack appear to be exploitable via a crafted nasm input file. | |||||
| CVE-2018-1000880 | 4 Canonical, Fedoraproject, Libarchive and 1 more | 4 Ubuntu Linux, Fedora, Libarchive and 1 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| libarchive version commit 9693801580c0cf7c70e862d305270a16b52826a7 onwards (release v3.2.0 onwards) contains a CWE-20: Improper Input Validation vulnerability in WARC parser - libarchive/archive_read_support_format_warc.c, _warc_read() that can result in DoS - quasi-infinite run time and disk usage from tiny file. This attack appear to be exploitable via the victim must open a specially crafted WARC file. | |||||
| CVE-2018-1000804 | 1 Contiki-ng | 1 Contiki-ng | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| contiki-ng version 4 contains a Buffer Overflow vulnerability in AQL (Antelope Query Language) database engine that can result in Attacker can perform Remote Code Execution on device using Contiki-NG operating system. This attack appear to be exploitable via Attacker must be able to run malicious AQL code (e.g. via SQL-like Injection attack). | |||||
| CVE-2018-1000667 | 1 Nasm | 1 Netwide Assembler | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| NASM nasm-2.13.03 nasm- 2.14rc15 version 2.14rc15 and earlier contains a memory corruption (crashed) of nasm when handling a crafted file due to function assemble_file(inname, depend_ptr) at asm/nasm.c:482. vulnerability in function assemble_file(inname, depend_ptr) at asm/nasm.c:482. that can result in aborting/crash nasm program. This attack appear to be exploitable via a specially crafted asm file.. | |||||
| CVE-2018-1000663 | 1 Jsish | 1 Jsish | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| jsish version 2.4.70 2.047 contains a Buffer Overflow vulnerability in function _jsi_evalcode from jsiEval.c that can result in Crash due to segmentation fault. This attack appear to be exploitable via The victim must execute crafted javascript code. | |||||
| CVE-2018-1000657 | 1 Rust-lang | 1 Rust | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Rust Programming Language Rust standard library version Commit bfa0e1f58acf1c28d500c34ed258f09ae021893e and later; stable release 1.3.0 and later contains a Buffer Overflow vulnerability in std::collections::vec_deque::VecDeque::reserve() function that can result in Arbitrary code execution, but no proof-of-concept exploit is currently published.. This vulnerability appears to have been fixed in after commit fdfafb510b1a38f727e920dccbeeb638d39a8e60; stable release 1.22.0 and later. | |||||
| CVE-2018-1000637 | 2 Debian, Nongnu | 2 Debian Linux, Zutils | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| zutils version prior to version 1.8-pre2 contains a Buffer Overflow vulnerability in zcat that can result in Potential denial of service or arbitrary code execution. This attack appear to be exploitable via the victim openning a crafted compressed file. This vulnerability appears to have been fixed in 1.8-pre2. | |||||
| CVE-2018-1000537 | 1 Marlinfw | 1 Marlin Firmware | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Marlin Firmware Marlin version 1.1.x and earlier contains a Buffer Overflow vulnerability in cardreader.cpp (Depending on branch/version) that can result in Arbitrary code execution. This attack appear to be exploitable via Crafted G-Code instruction/file is sent to the printer. | |||||
| CVE-2018-1000223 | 1 Surina | 1 Soundtouch | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| soundtouch version up to and including 2.0.0 contains a Buffer Overflow vulnerability in SoundStretch/WavFile.cpp:WavInFile::readHeaderBlock() that can result in arbitrary code execution. This attack appear to be exploitable via victim must open maliocius file in soundstretch utility. | |||||
| CVE-2018-1000221 | 1 Pkgconf | 1 Pkgconf | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| pkgconf version 1.5.0 to 1.5.2 contains a Buffer Overflow vulnerability in dequote() that can result in dequote() function returns 1-byte allocation if initial length is 0, leading to buffer overflow. This attack appear to be exploitable via specially crafted .pc file. This vulnerability appears to have been fixed in 1.5.3. | |||||
| CVE-2018-1000199 | 4 Canonical, Debian, Linux and 1 more | 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears to have been fixed in git commit f67b15037a7a50c57f72e69a6d59941ad90a0f0f. | |||||