Total
7059 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-14449 | 1 Linuxsampler | 1 Libgig | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in libgig 4.1.0. There is an out of bounds read in gig::File::UpdateChunks in gig.cpp. | |||||
| CVE-2018-14447 | 2 Debian, Libconfuse Project | 2 Debian Linux, Libconfuse | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| trim_whitespace in lexer.l in libConfuse v3.2.1 has an out-of-bounds read. | |||||
| CVE-2018-14444 | 1 Libdxfrw Project | 1 Libdxfrw | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| libdxfrw 0.6.3 has an Integer Overflow in dwgCompressor::decompress18 in dwgutil.cpp, leading to an out-of-bounds read and application crash. | |||||
| CVE-2018-14401 | 1 Axml Parser Project | 1 Axml Parser | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| CopyData in AxmlParser.c in AXML Parser through 2018-01-04 has an out-of-bounds read. | |||||
| CVE-2018-14370 | 1 Wireshark | 1 Wireshark | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the IEEE 802.11 protocol dissector could crash. This was addressed in epan/crypt/airpdcap.c via bounds checking that prevents a buffer over-read. | |||||
| CVE-2018-14344 | 1 Wireshark | 1 Wireshark | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ISMP dissector could crash. This was addressed in epan/dissectors/packet-ismp.c by validating the IPX address length to avoid a buffer over-read. | |||||
| CVE-2018-14340 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, dissectors that support zlib decompression could crash. This was addressed in epan/tvbuff_zlib.c by rejecting negative lengths to avoid a buffer over-read. | |||||
| CVE-2018-14316 | 2 Foxitsoftware, Microsoft | 3 Foxit Reader, Phantompdf, Windows | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of PDF documents. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6351. | |||||
| CVE-2018-14289 | 2 Foxitsoftware, Microsoft | 3 Foxit Reader, Phantompdf, Windows | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF documents. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-6221. | |||||
| CVE-2018-14046 | 1 Exiv2 | 1 Exiv2 | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Exiv2 0.26 has a heap-based buffer over-read in WebPImage::decodeChunks in webpimage.cpp. | |||||
| CVE-2018-14035 | 1 Hdfgroup | 1 Hdf5 | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5VM_memcpyvv in H5VM.c. | |||||
| CVE-2018-14034 | 1 Hdfgroup | 1 Hdf5 | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in the function H5O_pline_reset in H5Opline.c. | |||||
| CVE-2018-14033 | 1 Hdfgroup | 1 Hdf5 | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_layout_decode in H5Olayout.c, related to HDmemcpy. | |||||
| CVE-2018-14031 | 1 Hdfgroup | 1 Hdf5 | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5T_copy in H5T.c. | |||||
| CVE-2018-14017 | 1 Radare | 1 Radare2 | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| The r_bin_java_annotation_new function in shlr/java/class.c in radare2 2.7.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted .class file because of missing input validation in r_bin_java_line_number_table_attr_new. | |||||
| CVE-2018-14016 | 1 Radare | 1 Radare2 | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| The r_bin_mdmp_init_directory_entry function in mdmp.c in radare2 2.7.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted Mini Crash Dump file. | |||||
| CVE-2018-13996 | 1 Codeplea | 1 Genann | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Genann through 2018-07-08 has a stack-based buffer over-read in genann_train in genann.c. | |||||
| CVE-2018-13988 | 4 Canonical, Debian, Freedesktop and 1 more | 8 Ubuntu Linux, Debian Linux, Poppler and 5 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Poppler through 0.62 contains an out of bounds read vulnerability due to an incorrect memory access that is not mapped in its memory space, as demonstrated by pdfunite. This can result in memory corruption and denial of service. This may be exploitable when a victim opens a specially crafted PDF file. | |||||
| CVE-2018-13911 | 1 Qualcomm | 92 Mdm9150, Mdm9150 Firmware, Mdm9206 and 89 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Out of bounds memory read and access may lead to unexpected behavior in GNSS XTRA Parser in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130 | |||||
| CVE-2018-13910 | 1 Qualcomm | 50 Ipq8074, Ipq8074 Firmware, Mdm9206 and 47 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Out-of-Bounds access in TZ due to invalid index calculated to check against DDR in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9206, MDM9607, MDM9650, MDM9655, MSM8996AU, QCA8081, Qualcomm 215, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 650/52, SD 820, SD 820A, SDM439, Snapdragon_High_Med_2016 | |||||