libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-416: Use After Free vulnerability in RAR decoder - libarchive/archive_read_support_format_rar.c that can result in Crash/DoS - it is unknown if RCE is possible. This attack appear to be exploitable via the victim must open a specially crafted RAR archive.
Max CVSS
8.8
EPSS Score
1.60%
Published
2018-12-20
Updated
2019-11-06
libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-415: Double Free vulnerability in RAR decoder - libarchive/archive_read_support_format_rar.c, parse_codes(), realloc(rar->lzss.window, new_size) with new_size = 0 that can result in Crash/DoS. This attack appear to be exploitable via the victim must open a specially crafted RAR archive.
Max CVSS
8.8
EPSS Score
1.60%
Published
2018-12-20
Updated
2019-11-06
Python Cryptographic Authority pyopenssl version prior to version 17.5.0 contains a CWE-416: Use After Free vulnerability in X509 object handling that can result in Use after free can lead to possible denial of service or remote code execution.. This attack appear to be exploitable via Depends on the calling application and if it retains a reference to the memory.. This vulnerability appears to have been fixed in 17.5.0.
Max CVSS
8.1
EPSS Score
9.39%
Published
2018-10-08
Updated
2023-11-17
Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 contains a Incorrect Access Control vulnerability in SSH server that can result in RCE. This attack appear to be exploitable via network connectivity.
Max CVSS
8.8
EPSS Score
0.56%
Published
2018-10-08
Updated
2022-04-06
curl version curl 7.20.0 to and including curl 7.59.0 contains a CWE-126: Buffer Over-read vulnerability in denial of service that can result in curl can be tricked into reading data beyond the end of a heap based buffer used to store downloaded RTSP content.. This vulnerability appears to have been fixed in curl < 7.20.0 and curl >= 7.60.0.
Max CVSS
9.1
EPSS Score
0.51%
Published
2018-05-24
Updated
2019-10-03
rsyslog librelp version 1.2.14 and earlier contains a Buffer Overflow vulnerability in the checking of x509 certificates from a peer that can result in Remote code execution. This attack appear to be exploitable a remote attacker that can connect to rsyslog and trigger a stack buffer overflow by sending a specially crafted x509 certificate.
Max CVSS
9.8
EPSS Score
40.67%
Published
2018-03-23
Updated
2023-06-12
A buffer over-read exists in curl 7.20.0 to and including curl 7.58.0 in the RTSP+RTP handling code that allows an attacker to cause a denial of service or information leakage
Max CVSS
9.1
EPSS Score
0.51%
Published
2018-03-14
Updated
2019-10-03
A buffer overflow exists in curl 7.12.3 to and including curl 7.58.0 in the FTP URL handling that allows an attacker to cause a denial of service or worse.
Max CVSS
9.8
EPSS Score
0.59%
Published
2018-03-14
Updated
2019-06-18
libcurl 7.1 through 7.57.0 might accidentally leak authentication data to third parties. When asked to send custom headers in its HTTP requests, libcurl will send that set of headers first to the host in the initial URL but also, if asked to follow redirects and a 30X HTTP response code is returned, to the host mentioned in URL in the `Location:` response header value. Sending the same set of headers to subsequent hosts is in particular a problem for applications that pass on custom `Authorization:` headers, as this header often contains privacy sensitive information or data that could allow others to impersonate the libcurl-using client's request.
Max CVSS
9.8
EPSS Score
0.57%
Published
2018-01-24
Updated
2022-06-13
An issue was discovered in Artifex Ghostscript before 9.26. LockSafetyParams is not checked correctly if another device is used.
Max CVSS
9.8
EPSS Score
0.77%
Published
2018-11-21
Updated
2019-10-03
keepalived before 2.0.7 has a heap-based buffer overflow when parsing HTTP status codes resulting in DoS or possibly unspecified other impact, because extract_status_code in lib/html.c has no validation of the status code and instead writes an unlimited amount of data to the heap.
Max CVSS
9.8
EPSS Score
2.67%
Published
2018-11-08
Updated
2020-08-24
In the Linux kernel through 4.19, a use-after-free can occur due to a race condition between fanout_add from setsockopt and bind on an AF_PACKET socket. This issue exists because of the 15fe076edea787807a7cdc168df832544b58eba6 incomplete fix for a race condition. The code mishandles a certain multithreaded case involving a packet_do_bind unregister action followed by a packet_notifier register action. Later, packet_release operates on only one of the two applicable linked lists. The attacker can achieve Program Counter control.
Max CVSS
8.1
EPSS Score
1.41%
Published
2018-10-22
Updated
2023-05-16
An integer overflow in path handling lead to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Max CVSS
8.8
EPSS Score
2.40%
Published
2018-12-11
Updated
2020-08-24
Insufficient validate of external protocols in Shell Integration in Google Chrome on Windows prior to 71.0.3578.80 allowed a remote attacker to launch external programs via a crafted HTML page.
Max CVSS
8.8
EPSS Score
1.71%
Published
2018-12-11
Updated
2019-08-17
Execution of user supplied Javascript during object deserialization can update object length leading to an out of bounds write in V8 in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
Max CVSS
8.8
EPSS Score
3.72%
Published
2018-12-11
Updated
2020-08-24
Heap buffer overflow in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Max CVSS
8.8
EPSS Score
1.52%
Published
2018-12-11
Updated
2020-08-24
Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
Max CVSS
9.8
EPSS Score
0.53%
Published
2018-12-07
Updated
2020-08-24
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving the 1Policy operator.
Max CVSS
8.6
EPSS Score
0.12%
Published
2018-10-19
Updated
2019-11-05
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup. NOTE: this issue exists because of an incomplete fix for CVE-2018-17183.
Max CVSS
8.6
EPSS Score
0.24%
Published
2018-10-15
Updated
2019-10-03

CVE-2018-17480

Known exploited
Execution of user supplied Javascript during array deserialization leading to an out of bounds write in V8 in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
Max CVSS
8.8
EPSS Score
6.79%
Published
2018-12-11
Updated
2019-08-17
CISA KEV Added
2022-06-08
Use after free in HTMLImportsController in Blink in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Max CVSS
8.8
EPSS Score
2.64%
Published
2018-11-14
Updated
2020-08-24
Incorrect handling of googlechrome:// URL scheme on iOS in Intents in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to escape the <iframe> sandbox via a crafted HTML page.
Max CVSS
9.6
EPSS Score
0.49%
Published
2018-11-14
Updated
2019-10-03
Incorrect texture handling in Angle in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
Max CVSS
8.8
EPSS Score
1.86%
Published
2018-11-14
Updated
2019-03-05
Incorrect implementation of object trimming in V8 in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page.
Max CVSS
8.8
EPSS Score
2.64%
Published
2018-11-14
Updated
2018-12-19

CVE-2018-17456

Public exploit
Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive "git clone" of a superproject if a .gitmodules file has a URL field beginning with a '-' character.
Max CVSS
9.8
EPSS Score
16.06%
Published
2018-10-06
Updated
2020-08-24
235 vulnerabilities found
1 2 3 4 5 6 7 8 9 10
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!