Total
13459 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-20310 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
|
Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyDoAction race condition that can cause a stack-based buffer overflow or an out-of-bounds read.
|
|||||
| CVE-2018-20309 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
|
Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyGetAppEdition race condition that can cause a stack-based buffer overflow or an out-of-bounds read.
|
|||||
| CVE-2018-20305 | 2 D-link, Dlink | 2 Dir-816 A2 Firmware, Dir-816 A2 | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
D-Link DIR-816 A2 1.10 B05 devices allow arbitrary remote code execution without authentication via the newpass parameter. In the /goform/form2userconfig.cgi handler function, a long password may lead to a stack-based buffer overflow and overwrite a return address.
|
|||||
| CVE-2018-20253 | 1 Rarlab | 1 Winrar | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
In WinRAR versions prior to and including 5.60, There is an out-of-bounds write vulnerability during parsing of a crafted LHA / LZH archive formats. Successful exploitation could lead to arbitrary code execution in the context of the current user.
|
|||||
| CVE-2018-20252 | 1 Rarlab | 1 Winrar | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
In WinRAR versions prior to and including 5.60, there is an out-of-bounds write vulnerability during parsing of crafted ACE and RAR archive formats. Successful exploitation could lead to arbitrary code execution in the context of the current user.
|
|||||
| CVE-2018-20249 | 1 Foxitsoftware | 1 Quick Pdf Library | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
In Foxit Quick PDF Library (all versions prior to 16.12), issue where loading a malformed or malicious PDF containing invalid xref entries using the DAOpenFile or DAOpenFileReadOnly functions may result in an access violation caused by out of bounds memory access.
|
|||||
| CVE-2018-20248 | 1 Foxitsoftware | 1 Quick Pdf Library | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
In Foxit Quick PDF Library (all versions prior to 16.12), issue where loading a malformed or malicious PDF containing invalid xref table pointers or invalid xref table data using the LoadFromFile, LoadFromString, LoadFromStream, DAOpenFile or DAOpenFileReadOnly functions may result in an access violation caused by out of bounds memory access.
|
|||||
| CVE-2018-20247 | 1 Foxitsoftware | 1 Quick Pdf Library | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
In Foxit Quick PDF Library (all versions prior to 16.12), issue where loading a malformed or malicious PDF containing a recursive page tree structure using the LoadFromFile, LoadFromString or LoadFromStream functions results in a stack overflow.
|
|||||
| CVE-2018-20230 | 1 Gnu | 1 Pspp | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
An issue was discovered in PSPP 1.2.0. There is a heap-based buffer overflow at the function read_bytes_internal in utilities/pspp-dump-sav.c, which allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
|
|||||
| CVE-2018-20197 | 1 Audiocoding | 1 Freeware Advanced Audio Decoder 2 | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
There is a stack-based buffer underflow in the third instance of the calculate_gain function in libfaad/sbr_hfadj.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. A crafted input will lead to a denial of service or possibly unspecified other impact because limiting the additional noise energy level is mishandled for the G_max > G case.
|
|||||
| CVE-2018-20196 | 2 Audiocoding, Debian | 2 Freeware Advanced Audio Decoder 2, Debian Linux | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
There is a stack-based buffer overflow in the third instance of the calculate_gain function in libfaad/sbr_hfadj.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. A crafted input will lead to a denial of service or possibly unspecified other impact because the S_M array is mishandled.
|
|||||
| CVE-2018-20194 | 1 Audiocoding | 1 Freeware Advanced Audio Decoder 2 | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
There is a stack-based buffer underflow in the third instance of the calculate_gain function in libfaad/sbr_hfadj.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. A crafted input will lead to a denial of service or possibly unspecified other impact because limiting the additional noise energy level is mishandled for the G_max <= G case.
|
|||||
| CVE-2018-20184 | 2 Debian, Graphicsmagick | 2 Debian Linux, Graphicsmagick | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
In GraphicsMagick 1.4 snapshot-20181209 Q8, there is a heap-based buffer overflow in the WriteTGAImage function of tga.c, which allows attackers to cause a denial of service via a crafted image file, because the number of rows or columns can exceed the pixel-dimension restrictions of the TGA specification.
|
|||||
| CVE-2018-20181 | 2 Debian, Rdesktop | 2 Debian Linux, Rdesktop | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
rdesktop versions up to and including v1.8.3 contain an Integer Underflow that leads to a Heap-Based Buffer Overflow in the function seamless_process() and results in memory corruption and probably even a remote code execution.
|
|||||
| CVE-2018-20177 | 3 Debian, Opensuse, Rdesktop | 4 Debian Linux, Backports, Leap and 1 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in the function rdp_in_unistr() and results in memory corruption and possibly even a remote code execution.
|
|||||
| CVE-2018-20056 | 2 D-link, Dlink | 4 Dir-605l Firmware, Dir-619l Firmware, Dir-605l and 1 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An issue was discovered in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 and DIR-605L Rev.B 2.12B1 devices. There is a stack-based buffer overflow allowing remote attackers to execute arbitrary code without authentication via the goform/formLanguageChange currTime parameter.
|
|||||
| CVE-2018-20020 | 3 Canonical, Debian, Libvnc Project | 3 Ubuntu Linux, Debian Linux, Libvncserver | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
LibVNC before commit 7b1ef0ffc4815cab9a96c7278394152bdc89dc4d contains heap out-of-bound write vulnerability inside structure in VNC client code that can result remote code execution
|
|||||
| CVE-2018-20019 | 4 Canonical, Debian, Libvnc Project and 1 more | 15 Ubuntu Linux, Debian Linux, Libvncserver and 12 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
LibVNC before commit a83439b9fbe0f03c48eb94ed05729cb016f8b72f contains multiple heap out-of-bound write vulnerabilities in VNC client code that can result remote code execution
|
|||||
| CVE-2018-20004 | 3 Debian, Fedoraproject, Mini-xml Project | 3 Debian Linux, Fedora, Mini-xml | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
An issue has been found in Mini-XML (aka mxml) 2.12. It is a stack-based buffer overflow in mxml_write_node in mxml-file.c via vectors involving a double-precision floating point number and the '<order type="real">' substring, as demonstrated by testmxml.
|
|||||
| CVE-2018-1936 | 3 Ibm, Linux, Microsoft | 3 Db2, Linux Kernel, Windows | 2024-11-21 | 7.2 HIGH | 8.4 HIGH |
|
IBM DB2 9.7, 10.1, 10.5, and 11.1 libdb2e.so.1 is vulnerable to a stack based buffer overflow, caused by improper bounds checking which could allow an attacker to execute arbitrary code. IBM X-Force ID: 153316.
|
|||||
| CVE-2018-1897 | 3 Ibm, Linux, Microsoft | 3 Db2, Linux Kernel, Windows | 2024-11-21 | 4.6 MEDIUM | 8.4 HIGH |
|
IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5., and 11.1 db2pdcfg is vulnerable to a stack based buffer overflow, caused by improper bounds checking which could allow an attacker to execute arbitrary code. IBM X-Force ID: 152462.
|
|||||
| CVE-2018-1636 | 1 Ibm | 1 Informix Dynamic Server | 2024-11-21 | 7.2 HIGH | 6.7 MEDIUM |
|
Stack-based buffer overflow in oninit in IBM Informix Dynamic Server Enterprise Edition 12.1 allows an authenticated user to execute predefined code with root privileges, such as escalating to a root shell. IBM X-Force ID: 144441.
|
|||||
| CVE-2018-1635 | 1 Ibm | 1 Informix Dynamic Server | 2024-11-21 | 7.2 HIGH | 6.7 MEDIUM |
|
Stack-based buffer overflow in oninit in IBM Informix Dynamic Server Enterprise Edition 12.1 allows an authenticated user to execute predefined code with root privileges, such as escalating to a root shell. IBM X-Force ID: 144439.
|
|||||
| CVE-2018-1459 | 3 Ibm, Linux, Microsoft | 3 Db2, Linux Kernel, Windows | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to stack based buffer overflow, caused by improper bounds checking which could lead an attacker to execute arbitrary code. IBM X-Force ID: 140210.
|
|||||
| CVE-2018-1232 | 1 Rsa | 1 Authentication Agent For Web | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
RSA Authentication Agent version 8.0.1 and earlier for Web for both IIS and Apache Web Server are impacted by a stack-based buffer overflow which may occur when handling certain malicious web cookies that have invalid formats. The attacker could exploit this vulnerability to crash the authentication agent and cause a denial-of-service situation.
|
|||||
| CVE-2018-1176 | 1 Foxitsoftware | 2 Foxit Reader, Phantompdf | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ePub files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage this vulnerabilit ...
Show More |
|||||
| CVE-2018-1171 | 2 Joyent, Oracle | 2 Smartos, Solaris | 2024-11-21 | 6.9 MEDIUM | 7.0 HIGH |
|
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the DTrace DOF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage ...
Show More |
|||||
| CVE-2018-1165 | 2 Joyent, Oracle | 3 Smartos, Solaris, Zfs Storage Appliance | 2024-11-21 | 6.9 MEDIUM | 7.0 HIGH |
|
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the SMB_IOC_SVCENUM IOCTL. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length, heap-based buffer. An attacker ca ...
Show More |
|||||
| CVE-2018-1156 | 1 Mikrotik | 1 Routeros | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
|
Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to stack buffer overflow through the license upgrade interface. This vulnerability could theoretically allow a remote authenticated attacker execute arbitrary code on the system.
|
|||||
| CVE-2018-1124 | 6 Canonical, Debian, Opensuse and 3 more | 9 Ubuntu Linux, Debian Linux, Leap and 6 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or arbitrary code execution in proc utilities run by other users.
|
|||||
| CVE-2018-1100 | 3 Canonical, Redhat, Zsh | 5 Ubuntu Linux, Enterprise Linux Desktop, Enterprise Linux Server and 2 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the utils.c:checkmailpath function. A local attacker could exploit this to execute arbitrary code in the context of another user.
|
|||||
| CVE-2018-1071 | 4 Canonical, Debian, Redhat and 1 more | 6 Ubuntu Linux, Debian Linux, Enterprise Linux Desktop and 3 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the exec.c:hashcmd() function. A local attacker could exploit this to cause a denial of service.
|
|||||
| CVE-2018-1068 | 4 Canonical, Debian, Linux and 1 more | 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more | 2024-11-21 | 7.2 HIGH | 6.7 MEDIUM |
|
A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory.
|
|||||
| CVE-2018-1046 | 1 Powerdns | 1 Pdns | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
pdns before version 4.1.2 is vulnerable to a buffer overflow in dnsreplay. In the dnsreplay tool provided with PowerDNS Authoritative, replaying a specially crafted PCAP file can trigger a stack-based buffer overflow, leading to a crash and potentially arbitrary code execution. This buffer overflow only occurs when the -ecs-stamp option of dnsreplay is used.
|
|||||
| CVE-2018-1023 | 1 Microsoft | 4 Chakracore, Edge, Windows 10 and 1 more | 2024-11-21 | 7.6 HIGH | 7.5 HIGH |
|
A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka "Microsoft Browser Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore.
|
|||||
| CVE-2018-1022 | 1 Microsoft | 3 Chakracore, Edge, Internet Explorer | 2024-11-21 | 7.6 HIGH | 7.5 HIGH |
|
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139.
|
|||||
| CVE-2018-1020 | 1 Microsoft | 8 Internet Explorer, Windows 10, Windows 7 and 5 more | 2024-11-21 | 7.6 HIGH | 7.5 HIGH |
|
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-0870, CVE-2018-0991, CVE-2018-0997, CVE-2018-1018.
|
|||||
| CVE-2018-1019 | 1 Microsoft | 2 Edge, Windows 10 | 2024-11-21 | 7.6 HIGH | 7.5 HIGH |
|
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979, CVE-2018-0980, CVE-2018-0990, CVE-2018-0993, CVE-2018-0994, CVE-2018-0995.
|
|||||
| CVE-2018-1018 | 1 Microsoft | 8 Internet Explorer, Windows 10, Windows 7 and 5 more | 2024-11-21 | 7.6 HIGH | 7.5 HIGH |
|
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 11. This CVE ID is unique from CVE-2018-0870, CVE-2018-0991, CVE-2018-0997, CVE-2018-1020.
|
|||||
| CVE-2018-1004 | 1 Microsoft | 8 Internet Explorer, Windows 10, Windows 7 and 5 more | 2024-11-21 | 9.3 HIGH | 8.8 HIGH |
|
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Internet Explorer 9, Windows RT 8.1, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10.
|
|||||