Total
9170 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-10976 | 1 2345.cc | 1 Security Guard | 2018-06-13 | 6.1 MEDIUM | 7.8 HIGH |
| In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x00222050. | |||||
| CVE-2018-10977 | 1 2345.cc | 1 Security Guard | 2018-06-13 | 6.1 MEDIUM | 7.8 HIGH |
| In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x002220E4. | |||||
| CVE-2018-10798 | 1 Brave | 1 Brave | 2018-06-13 | 4.3 MEDIUM | 6.5 MEDIUM |
| A hang issue was discovered in Brave before 0.14.0 (on, for example, Linux). The vulnerability is caused by mishandling of JavaScript code that triggers the reload of a page continuously with an interval of 1 second. | |||||
| CVE-2018-10799 | 1 Brave | 1 Brave | 2018-06-13 | 4.3 MEDIUM | 6.5 MEDIUM |
| A hang issue was discovered in Brave before 0.14.0 (on, for example, Linux). This vulnerability is caused by the mishandling of a long URL formed by window.location+='?\u202a\uFEFF\u202b'; concatenation in a SCRIPT element. | |||||
| CVE-2018-10796 | 1 2345 Security Guard Project | 1 2345 Security Guard | 2018-06-13 | 6.1 MEDIUM | 7.8 HIGH |
| In 2345 Security Guard 3.7, the driver file (2345NetFirewall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x00222014. | |||||
| CVE-2017-11665 | 1 Ffmpeg | 1 Ffmpeg | 2018-06-12 | 5.0 MEDIUM | 7.5 HIGH |
| The ff_amf_get_field_value function in libavformat/rtmppkt.c in FFmpeg 3.3.2 allows remote RTMP servers to cause a denial of service (Segmentation Violation and application crash) via a crafted stream. | |||||
| CVE-2018-10955 | 1 2345 Security Guard Project | 1 2345 Security Guard | 2018-06-12 | 6.1 MEDIUM | 7.8 HIGH |
| In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x00222548. | |||||
| CVE-2018-10952 | 1 2345 Security Guard Project | 1 2345 Security Guard | 2018-06-12 | 6.1 MEDIUM | 7.8 HIGH |
| In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x00222088. | |||||
| CVE-2018-10953 | 1 2345 Security Guard Project | 1 2345 Security Guard | 2018-06-12 | 6.1 MEDIUM | 7.8 HIGH |
| In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x0022204C. | |||||
| CVE-2018-10954 | 1 2345 Security Guard Project | 1 2345 Security Guard | 2018-06-12 | 6.1 MEDIUM | 7.8 HIGH |
| In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x00222550. | |||||
| CVE-2018-10468 | 1 Uetoken | 1 Useless Ethereum Token | 2018-06-12 | 5.0 MEDIUM | 7.5 HIGH |
| The transferFrom function of a smart contract implementation for Useless Ethereum Token (UET), an Ethereum ERC20 token, allows attackers to steal assets (e.g., transfer all victims' balances into their account) because certain computations involving _value are incorrect, as exploited in the wild starting in December 2017, aka the "transferFlaw" issue. | |||||
| CVE-2017-18262 | 1 Blackboard | 1 Blackboard Learn | 2018-06-12 | 5.8 MEDIUM | 6.1 MEDIUM |
| Blackboard Learn (Since at least 17th of October 2017) has allowed Unvalidated Redirects on any signed-in user through its endpoints for handling Shibboleth logins, as demonstrated by a webapps/bb-auth-provider-shibboleth-BBLEARN/execute/shibbolethLogin?returnUrl= URI. | |||||
| CVE-2018-10776 | 1 Mp3gain | 1 Mp3gain | 2018-06-12 | 6.8 MEDIUM | 7.8 HIGH |
| The getbits function in mpglibDBL/common.c in mp3gain through 1.5.2-r2 allows remote attackers to cause a denial of service (segmentation fault and application crash) or possibly have unspecified other impact. | |||||
| CVE-2016-5272 | 1 Mozilla | 2 Firefox, Firefox Esr | 2018-06-11 | 6.8 MEDIUM | 8.8 HIGH |
| The nsImageGeometryMixin class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 does not properly perform a cast of an unspecified variable during handling of INPUT elements, which allows remote attackers to execute arbitrary code via a crafted web site. | |||||
| CVE-2011-0704 | 1 Fedoraproject | 1 389 Directory Server | 2018-06-07 | 4.3 MEDIUM | 5.9 MEDIUM |
| 389 Directory Server 1.2.7.5, when built with mozldap, allows remote attackers to cause a denial of service (replica crash) by sending an empty modify request. | |||||
| CVE-2018-10657 | 1 Matrix | 1 Synapse | 2018-06-07 | 5.0 MEDIUM | 7.5 HIGH |
| Matrix Synapse before 0.28.1 is prone to a denial of service flaw where malicious events injected with depth = 2^63 - 1 render rooms unusable, related to federation/federation_base.py and handlers/message.py, as exploited in the wild in April 2018. | |||||
| CVE-2017-7609 | 1 Elfutils Project | 1 Elfutils | 2018-06-06 | 4.3 MEDIUM | 5.5 MEDIUM |
| elf_compress.c in elfutils 0.168 does not validate the zlib compression factor, which allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file. | |||||
| CVE-2017-17318 | 1 Huawei | 2 E5771h-937, E5771h-937 Firmware | 2018-06-06 | 6.1 MEDIUM | 6.5 MEDIUM |
| Huawei MBB (Mobile Broadband) products E5771h-937 with the versions before E5771h-937TCPU-V200R001B328D62SP00C1133 and the versions before E5771h-937TCPU-V200R001B329D05SP00C1308 have a Denial of Service (DoS) vulnerability. When an attacker accessing device sends special http request to device, the webserver process will try to apply too much memory which can cause the device to become unable to respond. An attacker can launch a DoS attack by exploiting this vulnerability. | |||||
| CVE-2018-8176 | 1 Microsoft | 1 Office For Mac | 2018-06-05 | 9.3 HIGH | 8.8 HIGH |
| A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly validate XML content, aka "Microsoft PowerPoint Remote Code Execution Vulnerability." This affects Microsoft Office. | |||||
| CVE-2015-2177 | 1 Siemens | 2 Simatic S7-300 Cpu, Simatic S7-300 Cpu Firmware | 2018-06-01 | 7.8 HIGH | N/A |
| Siemens SIMATIC S7-300 CPU devices allow remote attackers to cause a denial of service (defect-mode transition) via crafted packets on (1) TCP port 102 or (2) Profibus. | |||||