Total
4813 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-3569 | 1 Google | 1 Android | 2019-10-02 | 7.2 HIGH | 7.8 HIGH |
| A buffer over-read can occur during a fast initial link setup (FILS) connection in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05. | |||||
| CVE-2017-11639 | 1 Imagemagick | 1 Imagemagick | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
| When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c, related to the GetPixelLuma function in MagickCore/pixel-accessor.h. | |||||
| CVE-2018-3579 | 1 Google | 1 Android | 2019-10-02 | 2.1 LOW | 5.5 MEDIUM |
| In the WLAN driver in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel, event->num_entries_in_page is a value received from firmware that is not properly validated which can lead to a buffer over-read | |||||
| CVE-2017-11608 | 1 Libsass | 1 Libsass | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
| There is a heap-based buffer over-read in the Sass::Prelexer::re_linebreak function in lexer.cpp in LibSass 3.4.5. A crafted input will lead to a remote denial of service attack. | |||||
| CVE-2017-11605 | 1 Libsass | 1 Libsass | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
| There is a heap based buffer over-read in LibSass 3.4.5, related to address 0xb4803ea1. A crafted input will lead to a remote denial of service attack. | |||||
| CVE-2017-2981 | 1 Adobe | 1 Digital Editions | 2019-10-02 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Digital Editions versions 4.5.3 and earlier have an exploitable buffer over-read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2018-20712 | 1 Gnu | 1 Binutils | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
| A heap-based buffer over-read exists in the function d_expression_1 in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.1. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by c++filt. | |||||
| CVE-2017-2980 | 1 Adobe | 1 Digital Editions | 2019-10-02 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Digital Editions versions 4.5.3 and earlier have an exploitable buffer over-read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2017-2979 | 1 Adobe | 1 Digital Editions | 2019-10-02 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Digital Editions versions 4.5.3 and earlier have an exploitable buffer over-read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2017-2978 | 1 Adobe | 1 Digital Editions | 2019-10-02 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Digital Editions versions 4.5.3 and earlier have an exploitable buffer over-read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2017-2977 | 1 Adobe | 1 Digital Editions | 2019-10-02 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Digital Editions versions 4.5.3 and earlier have an exploitable buffer over-read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2017-2976 | 1 Adobe | 1 Digital Editions | 2019-10-02 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Digital Editions versions 4.5.3 and earlier have an exploitable buffer over-read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2017-2975 | 1 Adobe | 1 Digital Editions | 2019-10-02 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Digital Editions versions 4.5.3 and earlier have an exploitable buffer over-read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2017-2974 | 1 Adobe | 1 Digital Editions | 2019-10-02 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Digital Editions versions 4.5.3 and earlier have an exploitable buffer over-read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2018-20409 | 1 Axiosys | 1 Bento4 | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Bento4 1.5.1-627. There is a heap-based buffer over-read in AP4_AvccAtom::Create in Core/Ap4AvccAtom.cpp, as demonstrated by mp42hls. | |||||
| CVE-2018-20201 | 1 Pur3 | 1 Espruino | 2019-10-02 | 6.8 MEDIUM | 7.8 HIGH |
| There is a stack-based buffer over-read in the jsfNameFromString function of jsflash.c in Espruino 2V00, leading to a denial of service or possibly unspecified other impact via a crafted js file. | |||||
| CVE-2017-11569 | 1 Fontforge | 1 Fontforge | 2019-10-02 | 6.8 MEDIUM | 7.8 HIGH |
| FontForge 20161012 is vulnerable to a heap-based buffer over-read in readttfcopyrights (parsettf.c) resulting in DoS or code execution via a crafted otf file. | |||||
| CVE-2018-20098 | 1 Exiv2 | 1 Exiv2 | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
| There is a heap-based buffer over-read in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack. | |||||
| CVE-2018-20096 | 1 Exiv2 | 1 Exiv2 | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
| There is a heap-based buffer over-read in the Exiv2::tEXtToDataBuf function of pngimage.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack. | |||||
| CVE-2017-11542 | 1 Tcpdump | 1 Tcpdump | 2019-10-02 | 7.5 HIGH | 9.8 CRITICAL |
| tcpdump 4.9.0 has a heap-based buffer over-read in the pimv1_print function in print-pim.c. | |||||