Total
8120 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-15908 | 4 Artifex, Canonical, Debian and 1 more | 8 Ghostscript, Ubuntu Linux, Debian Linux and 5 more | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
In Artifex Ghostscript 9.23 before 2018-08-23, attackers are able to supply malicious PostScript files to bypass .tempfile restrictions and write files. | |||||
CVE-2019-3822 | 7 Canonical, Debian, Haxx and 4 more | 16 Ubuntu Linux, Debian Linux, Libcurl and 13 more | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header (`lib/vauth/ntlm.c:Curl_auth_create_ntlm_type3_message()`), generates the request HTTP header contents based on previously received data. The check that exists to prevent the local buffer from getting overflowed is implemented wrongly (using unsigned math) and as such it does not prevent the overflow from happening. This output data can grow larger than the local buffer if very large 'nt response' data is extracted from a previous NTLMv2 header provided by the malicious or broken HTTP server. Such a 'large value' needs to be around 1000 bytes or more. The actual payload data copied to the target buffer comes from the NTLMv2 type-2 response header. | |||||
CVE-2018-6098 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Linux Desktop and 2 more | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. | |||||
CVE-2018-10906 | 3 Debian, Fuse Project, Redhat | 5 Debian Linux, Fuse, Enterprise Linux Desktop and 2 more | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
In fuse before versions 2.9.8 and 3.x before 3.2.5, fusermount is vulnerable to a restriction bypass when SELinux is active. This allows non-root users to mount a FUSE file system with the 'allow_other' mount option regardless of whether 'user_allow_other' is set in the fuse configuration. An attacker may use this flaw to mount a FUSE file system, accessible by other users, and trick them into accessing files on that file system, possibly causing Denial of Service or other unspecified effects. | |||||
CVE-2018-6041 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more | 2024-02-04 | 4.3 MEDIUM | 4.3 MEDIUM |
Incorrect security UI in navigation in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | |||||
CVE-2018-16837 | 3 Debian, Redhat, Suse | 5 Debian Linux, Ansible Engine, Ansible Tower and 2 more | 2024-02-04 | 2.1 LOW | 7.8 HIGH |
Ansible "User" module leaks any data which is passed on as a parameter to ssh-keygen. This could lean in undesirable situations such as passphrases credentials passed as a parameter for the ssh-keygen executable. Showing those credentials in clear text form for every user which have access just to the process list. | |||||
CVE-2018-20549 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
There is an illegal WRITE memory access at caca/file.c (function caca_file_read) in libcaca 0.99.beta19. | |||||
CVE-2018-6035 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
Insufficient policy enforcement in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user local file data via a crafted Chrome Extension. | |||||
CVE-2019-1999 | 3 Canonical, Debian, Google | 3 Ubuntu Linux, Debian Linux, Android | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
In binder_alloc_free_page of binder_alloc.c, there is a possible double free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-120025196. | |||||
CVE-2019-7653 | 3 Canonical, Debian, Rdflib Project | 3 Ubuntu Linux, Debian Linux, Rdflib | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
The Debian python-rdflib-tools 4.2.2-1 package for RDFLib 4.2.2 has CLI tools that can load Python modules from the current working directory, allowing code injection, because "python -m" looks in this directory, as demonstrated by rdf2dot. This issue is specific to use of the debian/scripts directory. | |||||
CVE-2018-8793 | 3 Debian, Opensuse, Rdesktop | 3 Debian Linux, Leap, Rdesktop | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function cssp_read_tsrequest() that results in a memory corruption and probably even a remote code execution. | |||||
CVE-2018-20544 | 3 Canonical, Debian, Libcaca Project | 3 Ubuntu Linux, Debian Linux, Libcaca | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
There is floating point exception at caca/dither.c (function caca_dither_bitmap) in libcaca 0.99.beta19. | |||||
CVE-2018-14357 | 5 Canonical, Debian, Mutt and 2 more | 10 Ubuntu Linux, Debian Linux, Mutt and 7 more | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They allow remote IMAP servers to execute arbitrary commands via backquote characters, related to the mailboxes command associated with an automatic subscription. | |||||
CVE-2018-6147 | 4 Apple, Debian, Google and 1 more | 6 Mac Os X, Debian Linux, Chrome and 3 more | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
Lack of secure text entry mode in Browser UI in Google Chrome on Mac prior to 67.0.3396.62 allowed a local attacker to obtain potentially sensitive information from process memory via a local process. | |||||
CVE-2019-7638 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Map1toN in video/SDL_pixels.c. | |||||
CVE-2018-19628 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
In Wireshark 2.6.0 to 2.6.4, the ZigBee ZCL dissector could crash. This was addressed in epan/dissectors/packet-zbee-zcl-lighting.c by preventing a divide-by-zero error. | |||||
CVE-2018-18312 | 5 Canonical, Debian, Netapp and 2 more | 8 Ubuntu Linux, Debian Linux, E-series Santricity Os Controller and 5 more | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. | |||||
CVE-2018-16430 | 2 Debian, Gnu | 2 Debian Linux, Libextractor | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
GNU Libextractor through 1.7 has an out-of-bounds read vulnerability in EXTRACTOR_zip_extract_method() in zip_extractor.c. | |||||
CVE-2018-6037 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
Inappropriate implementation in autofill in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to obtain autofill data with insufficient user gestures via a crafted HTML page. | |||||
CVE-2018-18873 | 4 Canonical, Debian, Jasper Project and 1 more | 5 Ubuntu Linux, Debian Linux, Jasper and 2 more | 2024-02-04 | 4.3 MEDIUM | 5.5 MEDIUM |
An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function ras_putdatastd in ras/ras_enc.c. |