There is a heap-based buffer overflow at fromsixel.c (function: image_buffer_resize) in libsixel 1.8.2 that will cause a denial of service or possibly unspecified other impact.
Max CVSS
7.8
EPSS Score
0.07%
Published
2018-11-30
Updated
2020-08-24
A stack-based buffer overflow in the find_green() function of dcraw through 9.28, as used in ufraw-batch and many other products, may allow a remote attacker to cause a control-flow hijack, denial-of-service, or unspecified other impact via a maliciously crafted raw photo file.
Max CVSS
8.8
EPSS Score
0.78%
Published
2018-11-29
Updated
2020-08-24
In Cesanta Mongoose 6.13, a SIGSEGV exists in the mongoose.c mg_mqtt_add_session() function.
Max CVSS
6.5
EPSS Score
0.37%
Published
2018-11-27
Updated
2019-01-31
A floating point exception in kodak_radc_load_raw in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code.
Max CVSS
5.5
EPSS Score
0.06%
Published
2018-11-26
Updated
2018-12-19
A floating point exception in parse_tiff_ifd in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code.
Max CVSS
5.5
EPSS Score
0.06%
Published
2018-11-26
Updated
2018-12-19
An issue was discovered in JasPer 1.900.8, 1.900.9, 1.900.10, 1.900.11, 1.900.12, 1.900.13, 1.900.14, 1.900.15, 1.900.16, 1.900.17, 1.900.18, 1.900.19, 1.900.20, 1.900.21, 1.900.22, 1.900.23, 1.900.24, 1.900.25, 1.900.26, 1.900.27, 1.900.28, 1.900.29, 1.900.30, 1.900.31, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.0.10, 2.0.11, 2.0.12, 2.0.13, 2.0.14, 2.0.15, 2.0.16. There is a heap-based buffer overflow of size 1 in the function jas_icctxtdesc_input in libjasper/base/jas_icc.c.
Max CVSS
8.8
EPSS Score
0.72%
Published
2018-11-26
Updated
2021-01-29
TP-Link TL-WR886N 7.0 1.1.0 devices allow remote attackers to cause a denial of service (Tlb Load Exception) via crafted DNS packets to port 53/udp.
Max CVSS
10.0
EPSS Score
0.69%
Published
2018-11-26
Updated
2018-12-19
An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.1. There was a stack-based buffer overflow in the function calculate_gain() in libfaad/sbr_hfadj.c.
Max CVSS
7.8
EPSS Score
0.48%
Published
2018-11-23
Updated
2020-08-24
An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.1. There was a heap-based buffer overflow in the function excluded_channels() in libfaad/syntax.c.
Max CVSS
7.8
EPSS Score
0.51%
Published
2018-11-23
Updated
2020-08-24
An issue was discovered in cairo.trm in Gnuplot 5.2.5. This issue allows an attacker to conduct a buffer overflow with an arbitrary amount of data in the cairotrm_options function. This flaw is caused by a missing size check of an argument passed to the "set font" function. This issue occurs when the Gnuplot pngcairo terminal is used as a backend.
Max CVSS
7.8
EPSS Score
0.10%
Published
2018-11-23
Updated
2020-09-28
An issue was discovered in post.trm in Gnuplot 5.2.5. This issue allows an attacker to conduct a buffer overflow with an arbitrary amount of data in the PS_options function. This flaw is caused by a missing size check of an argument passed to the "set font" function. This issue occurs when the Gnuplot postscript terminal is used as a backend.
Max CVSS
7.8
EPSS Score
0.10%
Published
2018-11-23
Updated
2020-09-28
An issue was discovered in datafile.c in Gnuplot 5.2.5. This issue allows an attacker to conduct a heap-based buffer overflow with an arbitrary amount of data in df_generate_ascii_array_entry. To exploit this vulnerability, an attacker must pass an overlong string as the right bound of the range argument that is passed to the plot function.
Max CVSS
7.8
EPSS Score
0.10%
Published
2018-11-23
Updated
2020-09-28
Adult Filter 1.0 has a Buffer Overflow via a crafted Black Domain List file.
Max CVSS
7.8
EPSS Score
0.07%
Published
2018-11-22
Updated
2018-12-18
An issue was discovered in the MQTT server in Contiki-NG before 4.2. The function parse_publish_vhdr() that parses MQTT PUBLISH messages with a variable length header uses memcpy to input data into a fixed size buffer. The allocated buffer can fit only MQTT_MAX_TOPIC_LENGTH (default 64) bytes, and a length check is missing. This could lead to Remote Code Execution via a stack-smashing attack (overwriting the function return address). Contiki-NG does not separate the MQTT server from other servers and the OS modules, so access to all memory regions is possible.
Max CVSS
10.0
EPSS Score
1.13%
Published
2018-11-21
Updated
2019-02-04
Buffer overflow in DNS SRV and NAPTR lookups in Digium Asterisk 15.x before 15.6.2 and 16.x before 16.0.1 allows remote attackers to crash Asterisk via a specially crafted DNS SRV or NAPTR response, because a buffer size is supposed to match an expanded length but actually matches a compressed length.
Max CVSS
7.5
EPSS Score
0.45%
Published
2018-11-14
Updated
2018-12-30
In LibSass 3.5-stable, there is an illegal address access at Sass::Eval::operator that will lead to a DoS attack.
Max CVSS
6.5
EPSS Score
0.08%
Published
2018-11-12
Updated
2020-08-24
An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an integer overflow via a uriComposeQuery* or uriComposeQueryEx* function because of an unchecked multiplication.
Max CVSS
9.8
EPSS Score
0.98%
Published
2018-11-12
Updated
2019-08-06
An issue has been found in libIEC61850 v1.3. It is a heap-based buffer overflow in BerEncoder_encodeOctetString in mms/asn1/ber_encoder.c. This is exploitable even after CVE-2018-18834 has been patched, with a different dataSetValue sequence than the CVE-2018-18834 attack vector.
Max CVSS
9.8
EPSS Score
0.78%
Published
2018-11-12
Updated
2020-08-24
ethereumjs-vm 2.4.0 allows attackers to cause a denial of service (vm.runCode failure and REVERT) via a "code: Buffer.from(my_code, 'hex')" attribute. NOTE: the vendor disputes this because REVERT is a normal bytecode that can be triggered from high-level source code, leading to a normal programmatic execution result.
Max CVSS
7.5
EPSS Score
0.42%
Published
2018-11-12
Updated
2024-03-21
Memory corruption in PDMODELProvidePDModelHFT in pdmodel.dll in pdfforge PDF Architect 6 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact because of a "Data from Faulting Address controls Code Flow" issue.
Max CVSS
7.8
EPSS Score
0.22%
Published
2018-11-10
Updated
2019-01-16
In Libav 12.3, there is an invalid memory access in vc1_decode_frame in libavcodec/vc1dec.c that allows attackers to cause a denial-of-service via a crafted aac file. NOTE: This may be a duplicate of CVE-2017-17127
Max CVSS
6.5
EPSS Score
0.09%
Published
2018-11-09
Updated
2024-03-21
keepalived before 2.0.7 has a heap-based buffer overflow when parsing HTTP status codes resulting in DoS or possibly unspecified other impact, because extract_status_code in lib/html.c has no validation of the status code and instead writes an unlimited amount of data to the heap.
Max CVSS
9.8
EPSS Score
2.67%
Published
2018-11-08
Updated
2020-08-24
In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD image reader may suffer from a denial of service (infinite loop) caused by an integer overflow via a crafted PSD image file.
Max CVSS
6.5
EPSS Score
0.60%
Published
2018-11-08
Updated
2023-01-13
In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called from psdimage.cpp in the PSD image reader) may suffer from a denial of service (heap-based buffer over-read) caused by an integer overflow via a crafted PSD image file.
Max CVSS
6.5
EPSS Score
0.87%
Published
2018-11-08
Updated
2023-03-01
RegFilter.sys in IOBit Malware Fighter 6.2 is susceptible to a stack-based buffer overflow when an attacker uses IOCTL 0x8006E044 with a size larger than 8 bytes. This can lead to denial of service or code execution with root privileges.
Max CVSS
7.8
EPSS Score
0.05%
Published
2018-11-10
Updated
2020-08-24
89 vulnerabilities found
1 2 3 4
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!