Total
12111 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-14799 | 1 Philips | 10 Pagewriter Tc10, Pagewriter Tc10 Firmware, Pagewriter Tc20 and 7 more | 2024-02-04 | 4.6 MEDIUM | 3.7 LOW |
| In Philips PageWriter TC10, TC20, TC30, TC50, TC70 Cardiographs, all versions prior to May 2018, the PageWriter device does not sanitize data entered by user. This can lead to buffer overflow or format string vulnerabilities. | |||||
| CVE-2018-16745 | 1 Mgetty Project | 1 Mgetty | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
| An issue was discovered in mgetty before 1.2.1. In fax_notify_mail() in faxrec.c, the mail_to parameter is not sanitized. It could allow a buffer overflow if long untrusted input can reach it. | |||||
| CVE-2018-13888 | 1 Qualcomm | 64 Mdm9206, Mdm9206 Firmware, Mdm9607 and 61 more | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
| There is potential for memory corruption in the RIL daemon due to de reference of memory outside the allocated array length in RIL in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in versions MDM9206, MDM9607, MDM9635M, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDM439, SDM630, SDM660, ZZ_QCS605. | |||||
| CVE-2018-14948 | 1 Sound Project | 1 Sound | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
| An issue has been found in dilawar sound through 2017-11-27. The end of openWavFile in wav-file.cc has Mismatched Memory Management Routines (operator new [] versus operator delete). | |||||
| CVE-2017-15398 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| A stack buffer overflow in the QUIC networking stack in Google Chrome prior to 62.0.3202.89 allowed a remote attacker to gain code execution via a malicious server. | |||||
| CVE-2017-1084 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 7.8 HIGH | 7.5 HIGH |
| In FreeBSD before 11.2-RELEASE, multiple issues with the implementation of the stack guard-page reduce the protections afforded by the guard-page. This results in the possibility a poorly written process could be cause a stack overflow. | |||||
| CVE-2018-4147 | 2 Apple, Microsoft | 5 Icloud, Iphone Os, Itunes and 2 more | 2024-02-04 | 6.8 MEDIUM | 9.8 CRITICAL |
| In iCloud for Windows before 7.3, Safari before 11.0.3, iTunes before 12.7.3 for Windows, and iOS before 11.2.5, multiple memory corruption issues exist and were addressed with improved memory handling. | |||||
| CVE-2018-3925 | 1 Samsung | 2 Sth-eth-250, Sth-eth-250 Firmware | 2024-02-04 | 9.0 HIGH | 9.9 CRITICAL |
| An exploitable buffer overflow vulnerability exists in the remote video-host communication of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process insecurely parses the AWSELB cookie while communicating with remote video-host servers, leading to a buffer overflow on the heap. An attacker able to impersonate the remote HTTP servers could trigger this vulnerability. | |||||
| CVE-2018-10637 | 1 Fujielectric | 1 V-server | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
| A maliciously crafted project file may cause a buffer overflow, which may allow the attacker to execute arbitrary code that affects Fuji Electric V-Server Lite 4.0.3.0 and prior. | |||||
| CVE-2018-14749 | 1 Qnap | 1 Qts | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer Overflow vulnerability in QTS 4.3.5 build 20181013, QTS 4.3.4 build 20181008, QTS 4.3.3 build 20180829, QTS 4.2.6 build 20180829 and earlier versions could have unspecified impact on the NAS. | |||||
| CVE-2018-3984 | 1 Atlantiswordprocessor | 1 Atlantis Word Processor | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable uninitialized length vulnerability exists within the Word document-parser of the Atlantis Word Processor 3.0.2.3 and 3.0.2.5. A specially crafted document can cause Atlantis to skip initializing a value representing the number of columns of a table. Later, the application will use this as a length within a loop that will write to a pointer on the heap. Due to this value being controlled, a buffer overflow will occur, which can lead to code execution under the context of the application. An attacker must convince a victim to open a document in order to trigger this vulnerability. | |||||
| CVE-2018-14015 | 1 Radare | 1 Radare2 | 2024-02-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| The sdb_set_internal function in sdb.c in radare2 2.7.0 allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted ELF file because of missing input validation in r_bin_dwarf_parse_comp_unit in libr/bin/dwarf.c. | |||||
| CVE-2018-19567 | 1 Dcraw Project | 1 Dcraw | 2024-02-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| A floating point exception in parse_tiff_ifd in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code. | |||||
| CVE-2018-18861 | 1 Pcman Ftp Server Project | 1 Pcman Ftp Server | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer overflow in PCMan FTP Server 2.0.7 allows for remote code execution via the APPE command. | |||||
| CVE-2018-15172 | 1 Tp-link | 2 Tl-wr840n, Tl-wr840n Firmware | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| TP-Link WR840N devices have a buffer overflow via a long Authorization HTTP header. | |||||
| CVE-2009-5153 | 1 Microfocus | 1 Netware | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| In Novell NetWare before 6.5 SP8, a stack buffer overflow in processing of CALLIT RPC calls in the NFS Portmapper daemon in PKERNEL.NLM allowed remote unauthenticated attackers to execute code, because a length field was incorrectly trusted. | |||||
| CVE-2017-14447 | 1 Insteon | 2 Hub, Hub Firmware | 2024-02-04 | 5.5 MEDIUM | 7.7 HIGH |
| An exploitable buffer overflow vulnerability exists in the PubNub message handler for the 'ad' channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2016-9603 | 4 Citrix, Debian, Qemu and 1 more | 9 Xenserver, Debian Linux, Qemu and 6 more | 2024-02-04 | 9.0 HIGH | 9.9 CRITICAL |
| A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA emulator's VNC display driver support before 2.9; the issue could occur when a VNC client attempted to update its display after a VGA operation is performed by a guest. A privileged user/process inside a guest could use this flaw to crash the QEMU process or, potentially, execute arbitrary code on the host with privileges of the QEMU process. | |||||
| CVE-2018-14779 | 1 Yubico | 3 Piv Manager, Piv Tool, Smart Card Minidriver | 2024-02-04 | 7.2 HIGH | 6.8 MEDIUM |
| A buffer overflow issue was discovered in the Yubico-Piv 1.5.0 smartcard driver. The file lib/ykpiv.c contains the following code in the function `ykpiv_transfer_data()`: {% highlight c %} if(*out_len + recv_len - 2 > max_out) { fprintf(stderr, "Output buffer to small, wanted to write %lu, max was %lu.", *out_len + recv_len - 2, max_out); } if(out_data) { memcpy(out_data, data, recv_len - 2); out_data += recv_len - 2; *out_len += recv_len - 2; } {% endhighlight %} -- it is clearly checked whether the buffer is big enough to hold the data copied using `memcpy()`, but no error handling happens to avoid the `memcpy()` in such cases. This code path can be triggered with malicious data coming from a smartcard. | |||||
| CVE-2018-11871 | 1 Qualcomm | 98 Ipq4019, Ipq4019 Firmware, Ipq8064 and 95 more | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
| Buffer overwrite can happen in WLAN function while processing set pdev parameter command due to lack of input validation in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version IPQ4019, IPQ8064, IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378, QCA9379, QCA9531, QCA9558, QCA9563, QCA9880, QCA9886, QCA9980, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 600, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM630, SDM632, SDM636, SDM660, SDM710, SDX20, Snapdragon_High_Med_2016. | |||||