Total
4813 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-5601 | 1 Libarchive | 1 Libarchive | 2018-11-30 | 5.0 MEDIUM | 7.5 HIGH |
| An error in the lha_read_file_header_1() function (archive_read_support_format_lha.c) in libarchive 3.2.2 allows remote attackers to trigger an out-of-bounds read memory access and subsequently cause a crash via a specially crafted archive. | |||||
| CVE-2015-8915 | 1 Libarchive | 1 Libarchive | 2018-11-30 | 4.3 MEDIUM | 5.5 MEDIUM |
| bsdcpio in libarchive before 3.2.0 allows remote attackers to cause a denial of service (invalid read and crash) via crafted cpio file. | |||||
| CVE-2018-16982 | 1 Byvoid | 1 Open Chinese Convert | 2018-11-29 | 4.3 MEDIUM | 5.5 MEDIUM |
| Open Chinese Convert (OpenCC) 1.0.5 allows attackers to cause a denial of service (segmentation fault) because BinaryDict::NewFromFile in BinaryDict.cpp may have out-of-bounds keyOffset and valueOffset values via a crafted .ocd file. | |||||
| CVE-2018-16985 | 1 Lizard Project | 1 Lizard | 2018-11-27 | 5.0 MEDIUM | 7.5 HIGH |
| In Lizard (formerly LZ5) 2.0, use of an invalid memory address was discovered in LZ5_compress_continue in lz5_compress.c, related to LZ5_compress_fastSmall and MEM_read32. The vulnerability causes a segmentation fault and application crash, which leads to denial of service. | |||||
| CVE-2017-16829 | 1 Gnu | 1 Binutils | 2018-11-27 | 6.8 MEDIUM | 7.8 HIGH |
| The _bfd_elf_parse_gnu_properties function in elf-properties.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not prevent negative pointers, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a crafted ELF file. | |||||
| CVE-2018-11285 | 1 Qualcomm | 64 Mdm9206, Mdm9206 Firmware, Mdm9607 and 61 more | 2018-11-23 | 9.3 HIGH | 7.8 HIGH |
| In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, SDX20, Snapdragon_High_Med_2016, while parsing FLAC file with corrupted picture block, a buffer over-read can occur. | |||||
| CVE-2018-18194 | 1 Linuxsampler | 1 Libgig | 2018-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in libgig 4.1.0. There is a heap-based buffer over-read in DLS::Region::GetSample() in DLS.cpp. | |||||
| CVE-2018-18196 | 1 Linuxsampler | 1 Libgig | 2018-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in libgig 4.1.0. There is a heap-based buffer over-read in RIFF::List::GetListTypeString in RIFF.cpp. | |||||
| CVE-2018-12818 | 1 Adobe | 1 Digital Editions | 2018-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Digital Editions versions 4.5.8 and below have an out of bounds read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2018-12819 | 1 Adobe | 1 Digital Editions | 2018-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Digital Editions versions 4.5.8 and below have an out of bounds read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2018-12820 | 1 Adobe | 1 Digital Editions | 2018-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Digital Editions versions 4.5.8 and below have an out of bounds read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2018-12821 | 1 Adobe | 1 Digital Editions | 2018-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Digital Editions versions 4.5.8 and below have an out of bounds read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2018-12816 | 1 Adobe | 1 Digital Editions | 2018-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Digital Editions versions 4.5.8 and below have an out of bounds read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2018-17292 | 1 Webassembly Virtual Machine Project | 1 Webassembly Virtual Machine | 2018-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in WAVM before 2018-09-16. The loadModule function in Include/Inline/CLI.h lacks checking of the file length before a file magic comparison, allowing attackers to cause a Denial of Service (application crash caused by out-of-bounds read) by crafting a file that has fewer than 4 bytes. | |||||
| CVE-2018-9502 | 1 Google | 1 Android | 2018-11-20 | 6.1 MEDIUM | 6.5 MEDIUM |
| In rfc_process_mx_message of rfc_ts_frames.cc, there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote information disclosure in the Bluetooth service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-111936792 | |||||
| CVE-2018-9503 | 1 Google | 1 Android | 2018-11-20 | 7.8 HIGH | 7.5 HIGH |
| In rfc_process_mx_message of rfc_ts_frames.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-80432928 | |||||
| CVE-2018-9505 | 1 Google | 1 Android | 2018-11-20 | 6.1 MEDIUM | 6.5 MEDIUM |
| In mca_ccb_hdl_req of mca_cact.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-110791536 | |||||
| CVE-2018-9506 | 1 Google | 1 Android | 2018-11-20 | 6.1 MEDIUM | 6.5 MEDIUM |
| In avrc_msg_cback of avrc_api.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-111803925 | |||||
| CVE-2018-9507 | 1 Google | 1 Android | 2018-11-20 | 6.1 MEDIUM | 6.5 MEDIUM |
| In bta_av_proc_meta_cmd of bta_av_act.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-111893951 | |||||
| CVE-2018-9508 | 1 Google | 1 Android | 2018-11-20 | 6.1 MEDIUM | 6.5 MEDIUM |
| In smp_process_keypress_notification of smp_act.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-111936834 | |||||