Total
4813 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-11731 | 1 Libfsntfs Project | 1 Libfsntfs | 2018-08-31 | 1.9 LOW | 5.5 MEDIUM |
| ** DISPUTED ** The libfsntfs_mft_entry_read_attributes function in libfsntfs_mft_entry.c in libfsntfs through 2018-04-20 allows remote attackers to cause an information disclosure (heap-based buffer over-read) via a crafted ntfs file. NOTE: the vendor has disputed this as described in libyal/libfsntfs issue 8 on GitHub. | |||||
| CVE-2018-11723 | 1 Libpff Project | 1 Libpff | 2018-08-31 | 1.9 LOW | 5.5 MEDIUM |
| ** DISPUTED ** The libpff_name_to_id_map_entry_read function in libpff_name_to_id_map.c in libyal libpff through 2018-04-28 allows remote attackers to cause an information disclosure (heap-based buffer over-read) via a crafted pff file. NOTE: the vendor has disputed this as described in libyal/libpff issue 66 on GitHub. | |||||
| CVE-2018-11728 | 1 Libfsntfs Project | 1 Libfsntfs | 2018-08-31 | 1.9 LOW | 5.5 MEDIUM |
| ** DISPUTED ** The libfsntfs_reparse_point_values_read_data function in libfsntfs_reparse_point_values.c in libfsntfs through 2018-04-20 allows remote attackers to cause an information disclosure (heap-based buffer over-read) via a crafted ntfs file. NOTE: the vendor has disputed this as described in libyal/libfsntfs issue 8 on GitHub. | |||||
| CVE-2018-11729 | 1 Libfsntfs Project | 1 Libfsntfs | 2018-08-31 | 1.9 LOW | 5.5 MEDIUM |
| ** DISPUTED ** The libfsntfs_mft_entry_read_header function in libfsntfs_mft_entry.c in libfsntfs through 2018-04-20 allows remote attackers to cause an information disclosure (heap-based buffer over-read) via a crafted ntfs file. NOTE: the vendor has disputed this as described in libyal/libfsntfs issue 8 on GitHub. | |||||
| CVE-2018-12097 | 1 Liblnk Project | 1 Liblnk | 2018-08-31 | 1.9 LOW | 5.5 MEDIUM |
| ** DISPUTED ** The liblnk_location_information_read_data function in liblnk_location_information.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure (heap-based buffer over-read) via a crafted lnk file. NOTE: the vendor has disputed this as described in libyal/liblnk issue 33 on GitHub. | |||||
| CVE-2018-12098 | 1 Liblnk Project | 1 Liblnk | 2018-08-31 | 1.9 LOW | 5.5 MEDIUM |
| ** DISPUTED ** The liblnk_data_block_read function in liblnk_data_block.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure (heap-based buffer over-read) via a crafted lnk file. NOTE: the vendor has disputed this as described in libyal/liblnk issue 33 on GitHub. | |||||
| CVE-2018-12096 | 1 Liblnk Project | 1 Liblnk | 2018-08-31 | 1.9 LOW | 5.5 MEDIUM |
| ** DISPUTED ** The liblnk_data_string_get_utf8_string_size function in liblnk_data_string.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure (heap-based buffer over-read) via a crafted lnk file. NOTE: the vendor has disputed this as described in libyal/liblnk issue 33 on GitHub. | |||||
| CVE-2018-11727 | 1 Libfsntfs Project | 1 Libfsntfs | 2018-08-31 | 1.9 LOW | 5.5 MEDIUM |
| ** DISPUTED ** The libfsntfs_attribute_read_from_mft function in libfsntfs_attribute.c in libfsntfs through 2018-04-20 allows remote attackers to cause an information disclosure (heap-based buffer over-read) via a crafted ntfs file. NOTE: the vendor has disputed this as described in libyal/libfsntfs issue 8 on GitHub. | |||||
| CVE-2018-4999 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2018-08-29 | 4.3 MEDIUM | 6.5 MEDIUM |
| Adobe Acrobat and Reader versions 2018.009.20050 and earlier, 2017.011.30070 and earlier, and 2015.006.30394 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. | |||||
| CVE-2018-5886 | 1 Google | 1 Android | 2018-08-29 | 5.0 MEDIUM | 7.5 HIGH |
| A pointer in an ADSPRPC command is not properly validated in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android), which can lead to kernel memory being accessed. | |||||
| CVE-2018-1093 | 1 Linux | 1 Linux Kernel | 2018-08-29 | 7.1 HIGH | 5.5 MEDIUM |
| The ext4_valid_block_bitmap function in fs/ext4/balloc.c in the Linux kernel through 4.15.15 allows attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 image because balloc.c and ialloc.c do not validate bitmap block numbers. | |||||
| CVE-2018-13867 | 1 Hdfgroup | 1 Hdf5 | 2018-08-28 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in the function H5F__accum_read in H5Faccum.c. | |||||
| CVE-2017-18159 | 1 Google | 1 Android | 2018-08-28 | 7.2 HIGH | 7.8 HIGH |
| In Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, while processing a StrHwPlatform with length smaller than EFICHIPINFO_MAX_ID_LENGTH, an array out of bounds access may occur. | |||||
| CVE-2018-5895 | 1 Google | 1 Android | 2018-08-27 | 2.1 LOW | 5.5 MEDIUM |
| Buffer over-read may happen in wma_process_utf_event() due to improper buffer length validation before writing into param_buf->num_wow_packet_buffer in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05. | |||||
| CVE-2018-5896 | 1 Google | 1 Android | 2018-08-27 | 6.6 MEDIUM | 7.1 HIGH |
| In Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, kernel panic may happen due to out-of-bound read, caused by not checking source buffer length against length of packet stream to be copied. | |||||
| CVE-2018-5888 | 1 Google | 1 Android | 2018-08-27 | 4.6 MEDIUM | 7.8 HIGH |
| While processing the system path, an out of bounds access can occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05. | |||||
| CVE-2018-5887 | 1 Google | 1 Android | 2018-08-27 | 4.6 MEDIUM | 7.8 HIGH |
| While processing the USB StrSerialDescriptor array, an array index out of bounds can occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05. | |||||
| CVE-2018-5836 | 1 Google | 1 Android | 2018-08-27 | 2.1 LOW | 5.5 MEDIUM |
| In wma_nan_rsp_event_handler() in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, the data_len value is received from firmware and not properly validated which could potentially lead to an out-of-bounds access. | |||||
| CVE-2017-14893 | 1 Google | 1 Android | 2018-08-27 | 2.1 LOW | 5.5 MEDIUM |
| While flashing meta image, a buffer over-read may potentially occur when the image size is smaller than the image header size or is smaller than the image header size + total image header entry in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05. | |||||
| CVE-2017-14872 | 1 Google | 1 Android | 2018-08-27 | 2.1 LOW | 5.5 MEDIUM |
| While flashing a meta image, a buffer over-read can potentially occur when the number of images are out of the maximum range of 32 in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05. | |||||