Total
12110 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-14741 | 1 Pbc Project | 1 Pbc | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. A SEGV can occur in pbc_pattern_pack in pattern.c. | |||||
| CVE-2018-0678 | 1 Panasonic | 2 Bn-sdwbp3, Bn-sdwbp3 Firmware | 2024-02-04 | 5.2 MEDIUM | 6.8 MEDIUM |
| Buffer overflow in BN-SDWBP3 firmware version 1.0.9 and earlier allows an attacker on the same network segment to execute arbitrary code via unspecified vectors. | |||||
| CVE-2018-20547 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2024-02-04 | 5.8 MEDIUM | 8.1 HIGH |
| There is an illegal READ memory access at caca/dither.c (function get_rgba_default) in libcaca 0.99.beta19 for 24bpp data. | |||||
| CVE-2018-18820 | 2 Debian, Xiph | 2 Debian Linux, Icecast | 2024-02-04 | 6.8 MEDIUM | 8.1 HIGH |
| A buffer overflow was discovered in the URL-authentication backend of the Icecast before 2.4.4. If the backend is enabled, then any malicious HTTP client can send a request for that specific resource including a crafted header, leading to denial of service and potentially remote code execution. | |||||
| CVE-2019-8996 | 1 Signiant | 1 Manager\+agents | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| In Signiant Manager+Agents before 13.5, the implementation of the set command has a Buffer Overflow. | |||||
| CVE-2018-12149 | 1 Intel | 1 Extreme Tuning Utility | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
| Buffer overflow in input handling in Intel Extreme Tuning Utility before 6.4.1.21 may allow an authenticated user to potentially deny service to the application via local access. | |||||
| CVE-2018-16419 | 1 Opensc Project | 1 Opensc | 2024-02-04 | 4.6 MEDIUM | 6.6 MEDIUM |
| Several buffer overflows when handling responses from a Cryptoflex card in read_public_key in tools/cryptoflex-tool.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact. | |||||
| CVE-2018-14802 | 1 Fujielectric | 7 Frenic-ace, Frenic-eco, Frenic-mega and 4 more | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| Fuji Electric FRENIC LOADER v3.3 v7.3.4.1a of FRENIC-Mini (C1), FRENIC-Mini (C2), FRENIC-Eco, FRENIC-Multi, FRENIC-MEGA, FRENIC-Ace. The program does not properly check user-supplied comments which may allow for arbitrary remote code execution. | |||||
| CVE-2017-2792 | 1 Marklogic | 1 Marklogic | 2024-02-04 | 6.8 MEDIUM | 9.6 CRITICAL |
| An exploitable heap corruption vulnerability exists in the iBldDirInfo functionality of Antenna House DMC HTMLFilter used by MarkLogic 8.0-6. A specially crafted xls file can cause a heap corruption resulting in arbitrary code execution. An attacker can provide a malicious xls file to trigger this vulnerability. | |||||
| CVE-2018-19492 | 3 Debian, Gnuplot, Opensuse | 3 Debian Linux, Gnuplot, Leap | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in cairo.trm in Gnuplot 5.2.5. This issue allows an attacker to conduct a buffer overflow with an arbitrary amount of data in the cairotrm_options function. This flaw is caused by a missing size check of an argument passed to the "set font" function. This issue occurs when the Gnuplot pngcairo terminal is used as a backend. | |||||
| CVE-2018-0651 | 1 Yokogawa | 8 Astplanner, Idefine For Prosafe-rs, Idefine For Prosafe-rs Firmware and 5 more | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer overflow in the license management function of YOKOGAWA products (iDefine for ProSafe-RS R1.16.3 and earlier, STARDOM VDS R7.50 and earlier, STARDOM FCN/FCJ Simulator R4.20 and earlier, ASTPLANNER R15.01 and earlier, TriFellows V5.04 and earlier) allows remote attackers to stop the license management function or execute an arbitrary program via unspecified vectors. | |||||
| CVE-2018-3657 | 2 Intel, Siemens | 25 Active Management Technology Firmware, Converged Security Management Engine Firmware, Manageability Engine Firmware and 22 more | 2024-02-04 | 7.2 HIGH | 6.7 MEDIUM |
| Multiple buffer overflows in Intel AMT in Intel CSME firmware versions before version 12.0.5 may allow a privileged user to potentially execute arbitrary code with Intel AMT execution privilege via local access. | |||||
| CVE-2018-16644 | 3 Canonical, Debian, Imagemagick | 3 Ubuntu Linux, Debian Linux, Imagemagick | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
| There is a missing check for length in the functions ReadDCMImage of coders/dcm.c and ReadPICTImage of coders/pict.c in ImageMagick 7.0.8-11, which allows remote attackers to cause a denial of service via a crafted image. | |||||
| CVE-2018-20359 | 1 Audiocoding | 1 Freeware Advanced Audio Decoder 2 | 2024-02-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| An invalid memory address dereference was discovered in the sbrDecodeSingleFramePS function of libfaad/sbr_dec.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service. | |||||
| CVE-2018-17962 | 6 Canonical, Debian, Oracle and 3 more | 6 Ubuntu Linux, Debian Linux, Linux and 3 more | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used. | |||||
| CVE-2018-20248 | 1 Foxitsoftware | 1 Quick Pdf Library | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| In Foxit Quick PDF Library (all versions prior to 16.12), issue where loading a malformed or malicious PDF containing invalid xref table pointers or invalid xref table data using the LoadFromFile, LoadFromString, LoadFromStream, DAOpenFile or DAOpenFileReadOnly functions may result in an access violation caused by out of bounds memory access. | |||||
| CVE-2018-11877 | 1 Qualcomm | 8 Sd 835, Sd 835 Firmware, Sd 845 and 5 more | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
| When the buffer length passed is very large in WLAN, bounds check could be bypassed leading to potential buffer overwrite in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660. | |||||
| CVE-2018-12407 | 2 Canonical, Mozilla | 2 Ubuntu Linux, Firefox | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content, when working with the VertexBuffer11 module. This results in a potentially exploitable crash. This vulnerability affects Firefox < 64. | |||||
| CVE-2018-16713 | 1 Iobit | 1 Advanced Systemcare | 2024-02-04 | 6.8 MEDIUM | 6.5 MEDIUM |
| IObit Advanced SystemCare, which includes Monitor_win10_x64.sys or Monitor_win7_x64.sys, 1.2.0.5 (and possibly earlier versions) allows a user to send an IOCTL (0x9C402084) with a buffer containing user defined content. The driver's subroutine will execute a rdmsr instruction with the user's buffer for input, and provide output from the instruction. | |||||
| CVE-2018-18193 | 1 Linuxsampler | 1 Libgig | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in libgig 4.1.0. There is operator new[] failure (due to a big pWavePoolTable heap request) in DLS::File::File in DLS.cpp. | |||||