Total
11483 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-16782 | 1 Entropymine | 1 Imageworsener | 2018-11-14 | 6.8 MEDIUM | 8.8 HIGH |
| libimageworsener.a in ImageWorsener 1.3.2 has a buffer overflow in the bmpr_read_rle_internal function in imagew-bmp.c. | |||||
| CVE-2017-1000257 | 2 Debian, Haxx | 2 Debian Linux, Libcurl | 2018-11-13 | 6.4 MEDIUM | 9.1 CRITICAL |
| An IMAP FETCH response line indicates the size of the returned data, in number of bytes. When that response says the data is zero bytes, libcurl would pass on that (non-existing) data with a pointer and the size (zero) to the deliver-data function. libcurl's deliver-data function treats zero as a magic number and invokes strlen() on the data to figure out the length. The strlen() is called on a heap based buffer that might not be zero terminated so libcurl might read beyond the end of it into whatever memory lies after (or just crash) and then deliver that to the application as if it was actually downloaded. | |||||
| CVE-2017-1000101 | 1 Haxx | 1 Curl | 2018-11-13 | 4.3 MEDIUM | 6.5 MEDIUM |
| curl supports "globbing" of URLs, in which a user can pass a numerical range to have the tool iterate over those numbers to do a sequence of transfers. In the globbing function that parses the numerical range, there was an omission that made curl read a byte beyond the end of the URL if given a carefully crafted, or just wrongly written, URL. The URL is stored in a heap based buffer, so it could then be made to wrongly read something else instead of crashing. An example of a URL that triggers the flaw would be `http://ur%20[0-60000000000000000000`. | |||||
| CVE-2018-11265 | 1 Google | 1 Android | 2018-11-09 | 4.6 MEDIUM | 7.8 HIGH |
| In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, possible buffer overflow while incrementing the log_buf of type uint64_t in memcpy function, since the log_buf pointer can access the memory beyond the size to store the data after pointer increment. | |||||
| CVE-2018-11274 | 1 Google | 1 Android | 2018-11-09 | 7.2 HIGH | 7.8 HIGH |
| In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, buffer overflow may occur when payload size is extremely large. | |||||
| CVE-2018-11298 | 1 Google | 1 Android | 2018-11-09 | 4.6 MEDIUM | 7.8 HIGH |
| In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing SET_PASSPOINT_LIST vendor command HDD does not make sure that the realm string that gets passed by upper-layer is NULL terminated. This may lead to buffer overflow as strlen is used to get realm string length to construct the PASSPOINT WMA command. | |||||
| CVE-2018-11893 | 1 Google | 1 Android | 2018-11-09 | 4.6 MEDIUM | 7.8 HIGH |
| In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing vendor scan request, when input argument - length of request IEs is greater than maximum can lead to a buffer overflow. | |||||
| CVE-2018-11836 | 1 Google | 1 Android | 2018-11-09 | 7.2 HIGH | 7.8 HIGH |
| In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper length check can lead to out-of-bounds access in WLAN function. | |||||
| CVE-2018-11842 | 1 Google | 1 Android | 2018-11-09 | 7.2 HIGH | 7.8 HIGH |
| In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, during wlan association, driver allocates memory. In case the mem allocation fails driver does a mem free though the memory was not allocated. | |||||
| CVE-2018-11863 | 1 Google | 1 Android | 2018-11-09 | 7.2 HIGH | 7.8 HIGH |
| In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check of input received from firmware to calculate the length of WMA roam synch buffer can lead to buffer overwrite during memcpy. | |||||
| CVE-2018-17076 | 1 Logological | 1 General-purpose Preprocessor | 2018-11-08 | 6.8 MEDIUM | 8.8 HIGH |
| GPP through 2.25 will try to use more memory space than is available on the stack, leading to a segmentation fault or possibly unspecified other impact via a crafted file. | |||||
| CVE-2009-1633 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2018-11-08 | 7.1 HIGH | N/A |
| Multiple buffer overflows in the cifs subsystem in the Linux kernel before 2.6.29.4 allow remote CIFS servers to cause a denial of service (memory corruption) and possibly have unspecified other impact via (1) a malformed Unicode string, related to Unicode string area alignment in fs/cifs/sess.c; or (2) long Unicode characters, related to fs/cifs/cifssmb.c and the cifs_readdir function in fs/cifs/readdir.c. | |||||
| CVE-2009-0193 | 1 Adobe | 1 Acrobat Reader | 2018-11-08 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 allows remote attackers to execute arbitrary code via a PDF file with a malformed JBIG2 symbol dictionary segment, a different vulnerability than CVE-2009-1061 and CVE-2009-1062. | |||||
| CVE-2018-3573 | 1 Google | 1 Android | 2018-11-08 | 4.6 MEDIUM | 7.8 HIGH |
| In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while relocating kernel images with a specially crafted boot image, an out of bounds access can occur. | |||||
| CVE-2018-5905 | 1 Google | 1 Android | 2018-11-08 | 4.4 MEDIUM | 7.0 HIGH |
| In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, a race condition while accessing num of clients in DIAG services can lead to out of boundary access. | |||||
| CVE-2018-15897 | 1 Website Seller Script Project | 1 Website Seller Script | 2018-11-08 | 4.0 MEDIUM | 6.5 MEDIUM |
| PHP Scripts Mall Website Seller Script 2.0.5 allows remote attackers to cause a denial of service via crafted JavaScript code in the First Name, Last Name, Company Name, or Fax field, as demonstrated by crossPwn. | |||||
| CVE-2017-15396 | 4 Debian, Google, Icu-project and 1 more | 6 Debian Linux, Chrome, International Components For Unicode and 3 more | 2018-11-07 | 4.3 MEDIUM | 6.5 MEDIUM |
| A stack buffer overflow in NumberingSystem in International Components for Unicode (ICU) for C/C++ before 60.2, as used in V8 in Google Chrome prior to 62.0.3202.75 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2018-12149 | 1 Intel | 1 Extreme Tuning Utility | 2018-11-07 | 2.1 LOW | 5.5 MEDIUM |
| Buffer overflow in input handling in Intel Extreme Tuning Utility before 6.4.1.21 may allow an authenticated user to potentially deny service to the application via local access. | |||||
| CVE-2017-15398 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more | 2018-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| A stack buffer overflow in the QUIC networking stack in Google Chrome prior to 62.0.3202.89 allowed a remote attacker to gain code execution via a malicious server. | |||||
| CVE-2018-12150 | 1 Intel | 1 Extreme Tuning Utility | 2018-11-07 | 4.6 MEDIUM | 6.7 MEDIUM |
| Escalation of privilege in Installer for Intel Extreme Tuning Utility before 6.4.1.21 may allow an authenticated user to potentially execute code or disclose information as administrator via local access. | |||||