Total
8217 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-15363 | 2 Microsoft, Trendmicro | 5 Windows, Antivirus \+ Security, Internet Security and 2 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
An Out-of-Bounds Read Privilege Escalation vulnerability in Trend Micro Security 2018 (Consumer) products could allow a local attacker to escalate privileges on vulnerable installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit the vulnerability.
|
|||||
| CVE-2018-15161 | 1 Libesedb Project | 1 Libesedb | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
The libesedb_key_append_data function in libesedb_key.c in libesedb through 2018-04-01 allows remote attackers to cause a heap-based buffer over-read via a crafted esedb file. NOTE: the vendor has disputed this as described in the GitHub issue comments
|
|||||
| CVE-2018-15160 | 1 Libesedb Project | 1 Libesedb | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
The libesedb_catalog_definition_read function in libesedb_catalog_definition.c in libesedb through 2018-04-01 allows remote attackers to cause a heap-based buffer over-read via a crafted esedb file. NOTE: the vendor has disputed this as described in the GitHub issue comments
|
|||||
| CVE-2018-15159 | 1 Libesedb Project | 1 Libesedb | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
The libesedb_page_read_tags function in libesedb_page.c in libesedb through 2018-04-01 allows remote attackers to cause a heap-based buffer over-read via a crafted esedb file. NOTE: the vendor has disputed this as described in the GitHub issue comments
|
|||||
| CVE-2018-15158 | 1 Libesedb Project | 1 Libesedb | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
The libesedb_page_read_values function in libesedb_page.c in libesedb through 2018-04-01 allows remote attackers to cause a heap-based buffer over-read via a crafted esedb file. NOTE: the vendor has disputed this as described in the GitHub issue comments
|
|||||
| CVE-2018-15157 | 1 Libfsclfs Project | 1 Libfsclfs | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
The libfsclfs_block_read function in libfsclfs_block.c in libfsclfs before 2018-07-25 allows remote attackers to cause a heap-based buffer over-read via a crafted clfs file. NOTE: the vendor has disputed this as described in the GitHub issue comments
|
|||||
| CVE-2018-14938 | 2 Canonical, Digitalcorpora | 2 Ubuntu Linux, Tcpflow | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
|
An issue was discovered in wifipcap/wifipcap.cpp in TCPFLOW through 1.5.0-alpha. There is an integer overflow in the function handle_prism during caplen processing. If the caplen is less than 144, one can cause an integer overflow in the function handle_80211, which will result in an out-of-bounds read and may allow access to sensitive memory (or a denial of service).
|
|||||
| CVE-2018-14883 | 4 Canonical, Debian, Netapp and 1 more | 4 Ubuntu Linux, Debian Linux, Storage Automation Store and 1 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
An issue was discovered in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. An Integer Overflow leads to a heap-based buffer over-read in exif_thumbnail_extract of exif.c.
|
|||||
| CVE-2018-14880 | 7 Apple, Debian, F5 and 4 more | 23 Mac Os X, Debian Linux, Big-ip Access Policy Manager and 20 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr().
|
|||||
| CVE-2018-14851 | 4 Canonical, Debian, Netapp and 1 more | 4 Ubuntu Linux, Debian Linux, Storage Automation Store and 1 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
exif_process_IFD_in_MAKERNOTE in ext/exif/exif.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG file.
|
|||||
| CVE-2018-14824 | 1 Deltaww | 1 Delta Industrial Automation Pmsoft | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
Delta Electronics Delta Industrial Automation PMSoft v2.11 or prior has an out-of-bounds read vulnerability that can be executed when processing project files, which may allow an attacker to read confidential information.
|
|||||
| CVE-2018-14819 | 1 Fujielectric | 2 V-server, V-server Firmware | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Fuji Electric V-Server 4.0.3.0 and prior, An out-of-bounds read vulnerability has been identified, which may allow remote code execution.
|
|||||
| CVE-2018-14814 | 1 We-con | 2 Pi Studio, Pi Studio Hmi | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
WECON Technology PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior lacks proper validation of user-supplied data, which may result in a read past the end of an allocated object.
|
|||||
| CVE-2018-14800 | 1 Deltaww | 1 Ispsoft | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
Delta Electronics ISPSoft version 3.0.5 and prior allow an attacker, by opening a crafted file, to cause the application to read past the boundary allocated to a stack object, which could allow execution of code under the context of the application.
|
|||||
| CVE-2018-14798 | 1 Fujielectric | 7 Frenic-ace, Frenic-eco, Frenic-mega and 4 more | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
Fuji Electric FRENIC LOADER v3.3 v7.3.4.1a of FRENIC-Mini (C1), FRENIC-Mini (C2), FRENIC-Eco, FRENIC-Multi, FRENIC-MEGA, FRENIC-Ace. The program does not properly parse FNC files that may allow for information disclosure.
|
|||||
| CVE-2018-14790 | 1 Fujielectric | 7 Frenic-ace, Frenic-eco, Frenic-mega and 4 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
Fuji Electric FRENIC LOADER v3.3 v7.3.4.1a of FRENIC-Mini (C1), FRENIC-Mini (C2), FRENIC-Eco, FRENIC-Multi, FRENIC-MEGA, FRENIC-Ace. A buffer over-read vulnerability may allow remote code execution on the device.
|
|||||
| CVE-2018-14780 | 1 Yubico | 3 Piv Manager, Piv Tool, Smart Card Minidriver | 2024-11-21 | 2.1 LOW | 4.6 MEDIUM |
|
An out-of-bounds read issue was discovered in the Yubico-Piv 1.5.0 smartcard driver. The file lib/ykpiv.c contains the following code in the function `_ykpiv_fetch_object()`: {% highlight c %} if(sw == SW_SUCCESS) { size_t outlen; int offs = _ykpiv_get_length(data + 1, &outlen); if(offs == 0) { return YKPIV_SIZE_ERROR; } memmove(data, data + 1 + offs, outlen); *len = outlen; return YKPIV_OK; } else { return YKPIV_GENERIC_ERROR; } {% endhighlight %} -- in the end, a `memmove()` occurs with a leng ...
Show More |
|||||
| CVE-2018-14736 | 1 Pbc Project | 1 Pbc | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. A buffer over-read can occur in pbc_wmessage_string in wmessage.c for PTYPE_ENUM.
|
|||||
| CVE-2018-14645 | 3 Canonical, Haproxy, Redhat | 5 Ubuntu Linux, Haproxy, Enterprise Linux and 2 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
A flaw was discovered in the HPACK decoder of HAProxy, before 1.8.14, that is used for HTTP/2. An out-of-bounds read access in hpack_valid_idx() resulted in a remote crash and denial of service.
|
|||||
| CVE-2018-14610 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 7.1 HIGH | 5.5 MEDIUM |
|
An issue was discovered in the Linux kernel through 4.17.10. There is out-of-bounds access in write_extent_buffer() when mounting and operating a crafted btrfs image, because of a lack of verification that each block group has a corresponding chunk at mount time, within btrfs_read_block_groups in fs/btrfs/extent-tree.c.
|
|||||
| CVE-2018-14589 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
An issue has been discovered in Bento4 1.5.1-624. AP4_Mp4AudioDsiParser::ReadBits in Codecs/Ap4Mp4AudioInfo.cpp has a heap-based buffer over-read.
|
|||||
| CVE-2018-14587 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
An issue has been discovered in Bento4 1.5.1-624. AP4_MemoryByteStream::WritePartial in Core/Ap4ByteStream.cpp has a buffer over-read.
|
|||||
| CVE-2018-14585 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
An issue has been discovered in Bento4 1.5.1-624. AP4_BytesToUInt16BE in Core/Ap4Utils.h has a heap-based buffer over-read after a call from the AP4_Stz2Atom class.
|
|||||
| CVE-2018-14584 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
An issue has been discovered in Bento4 1.5.1-624. AP4_AvccAtom::Create in Core/Ap4AvccAtom.cpp has a heap-based buffer over-read.
|
|||||
| CVE-2018-14565 | 1 Thunlp | 1 Thulac | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An issue was discovered in libthulac.so in THULAC through 2018-02-25. A heap-based buffer over-read can occur in NGramFeature::find_bases in include/cb_ngram_feature.h.
|
|||||
| CVE-2018-14545 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
There exists one invalid memory read bug in AP4_SampleDescription::GetType() in Ap4SampleDescription.h in Bento4 1.5.1-624, which can allow attackers to cause a denial-of-service via a crafted mp4 file. This vulnerability can be triggered by the executable mp42ts.
|
|||||
| CVE-2018-14544 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
There exists one invalid memory read bug in AP4_SampleDescription::GetFormat() in Ap4SampleDescription.h in Bento4 1.5.1-624, which can allow attackers to cause a denial-of-service via a crafted mp4 file. This vulnerability can be triggered by the executable mp42ts.
|
|||||
| CVE-2018-14532 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An issue was discovered in Bento4 1.5.1-624. There is a heap-based buffer over-read in AP4_Mpeg2TsVideoSampleStream::WriteSample in Core/Ap4Mpeg2Ts.cpp after a call from Mp42Hls.cpp, a related issue to CVE-2018-13846.
|
|||||
| CVE-2018-14523 | 3 Aubio, Opensuse, Suse | 3 Aubio, Leap, Linux Enterprise | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
An issue was discovered in aubio 0.4.6. A buffer over-read can occur in new_aubio_pitchyinfft in pitch/pitchyinfft.c, as demonstrated by aubionotes.
|
|||||
| CVE-2018-14498 | 5 Debian, Fedoraproject, Libjpeg-turbo and 2 more | 5 Debian Linux, Fedora, Libjpeg-turbo and 2 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
get_8bit_row in rdbmp.c in libjpeg-turbo through 1.5.90 and MozJPEG through 3.3.1 allows attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted 8-bit BMP in which one or more of the color indices is out of range for the number of palette entries.
|
|||||
| CVE-2018-14469 | 7 Apple, Debian, F5 and 4 more | 7 Mac Os X, Debian Linux, Traffix Signaling Delivery Controller and 4 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print().
|
|||||
| CVE-2018-14466 | 6 Apple, Debian, Fedoraproject and 3 more | 6 Mac Os X, Debian Linux, Fedora and 3 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert().
|
|||||
| CVE-2018-14464 | 6 Apple, Debian, Fedoraproject and 3 more | 6 Mac Os X, Debian Linux, Fedora and 3 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs().
|
|||||
| CVE-2018-14463 | 7 Apple, Debian, F5 and 4 more | 7 Mac Os X, Debian Linux, Traffix Signaling Delivery Controller and 4 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 2, a different vulnerability than CVE-2019-15167.
|
|||||
| CVE-2018-14460 | 1 Hdfgroup | 1 Hdf5 | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_sdspace_decode in H5Osdspace.c.
|
|||||
| CVE-2018-14454 | 1 Linuxsampler | 1 Libgig | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
An issue was discovered in libgig 4.1.0. There is an out-of-bounds read in the function RIFF::Chunk::Read in RIFF.cpp.
|
|||||
| CVE-2018-14452 | 1 Linuxsampler | 1 Libgig | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
An issue was discovered in libgig 4.1.0. There is an out-of-bounds read in the "always assign the sample of the first dimension region of this region" feature of the function gig::Region::UpdateChunks in gig.cpp.
|
|||||
| CVE-2018-14450 | 1 Linuxsampler | 1 Libgig | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
An issue was discovered in libgig 4.1.0. There is an out-of-bounds read in the "update dimension region's chunks" feature of the function gig::Region::UpdateChunks in gig.cpp.
|
|||||
| CVE-2018-14449 | 1 Linuxsampler | 1 Libgig | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
An issue was discovered in libgig 4.1.0. There is an out of bounds read in gig::File::UpdateChunks in gig.cpp.
|
|||||
| CVE-2018-14447 | 2 Debian, Libconfuse Project | 2 Debian Linux, Libconfuse | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
trim_whitespace in lexer.l in libConfuse v3.2.1 has an out-of-bounds read.
|
|||||