| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2021-4091 |
415 |
|
|
2022-02-18 |
2023-04-24 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
A double-free was found in the way 389-ds-base handles virtual attributes context in persistent searches. An attacker could send a series of search requests, forcing the server to behave unexpectedly, and crash. |
|
2 |
CVE-2020-8945 |
416 |
|
Exec Code |
2020-02-12 |
2022-10-18 |
5.1 |
None |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
The proglottis Go wrapper before 0.1.1 for the GPGME library has a use-after-free, as demonstrated by use for container image pulls by Docker or CRI-O. This leads to a crash or potential code execution during GPG signature verification. |
|
3 |
CVE-2020-6851 |
787 |
|
Overflow |
2020-01-13 |
2022-04-29 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of opj_j2k_update_image_dimensions validation. |
|
4 |
CVE-2020-6394 |
|
|
Bypass |
2020-02-11 |
2022-04-06 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
Insufficient policy enforcement in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass content security policy via a crafted HTML page. |
|
5 |
CVE-2020-2593 |
|
|
|
2020-01-15 |
2021-03-04 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data as well as unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N). |
|
6 |
CVE-2019-19926 |
476 |
|
|
2019-12-23 |
2022-04-15 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880. |
|
7 |
CVE-2019-19925 |
434 |
|
|
2019-12-24 |
2022-04-15 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive. |
|
8 |
CVE-2019-19923 |
476 |
|
|
2019-12-24 |
2022-04-15 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results). |
|
9 |
CVE-2019-19880 |
476 |
|
|
2019-12-18 |
2022-04-15 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled. |
|
10 |
CVE-2019-14744 |
78 |
|
Exec Code |
2019-08-07 |
2023-02-28 |
5.1 |
None |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates to libKF5ConfigCore.so, and the mishandling of .desktop and .directory files, as demonstrated by a shell command on an Icon line in a .desktop file. |
|
11 |
CVE-2019-13616 |
125 |
|
|
2019-07-16 |
2023-05-03 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
None |
Partial |
|
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c. |
|
12 |
CVE-2019-11775 |
367 |
|
|
2019-07-30 |
2020-10-08 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
None |
Partial |
|
All builds of Eclipse OpenJ9 prior to 0.15 contain a bug where the loop versioner may fail to privatize a value that is pulled out of the loop by versioning - for example if there is a condition that is moved out of the loop that reads a field we may not privatize the value of that field in the modified copy of the loop allowing the test to see one value of the field and subsequently the loop to see a modified field value without retesting the condition moved out of the loop. This can lead to a variety of different issues but read out of array bounds is one major consequence of these problems. |
|
13 |
CVE-2019-10245 |
119 |
|
Exec Code Overflow |
2019-04-19 |
2021-10-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
In Eclipse OpenJ9 prior to the 0.14.0 release, the Java bytecode verifier incorrectly allows a method to execute past the end of bytecode array causing crashes. Eclipse OpenJ9 v0.14.0 correctly detects this case and rejects the attempted class load. |
|
14 |
CVE-2019-10182 |
22 |
|
Dir. Trav. |
2019-07-31 |
2023-02-12 |
5.8 |
None |
Remote |
Medium |
Not required |
None |
Partial |
Partial |
|
It was found that icedtea-web though 1.7.2 and 1.8.2 did not properly sanitize paths from <jar/> elements in JNLP files. An attacker could trick a victim into running a specially crafted application and use this flaw to upload arbitrary files to arbitrary locations in the context of the user. |
|
15 |
CVE-2019-10160 |
172 |
|
|
2019-06-07 |
2023-02-12 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
A security regression of CVE-2019-9636 was discovered in python since commit d537ab0ff9767ef024f26246899728f0116b1ec3 affecting versions 2.7, 3.5, 3.6, 3.7 and from v3.8.0a4 through v3.8.0b1, which still allows an attacker to exploit CVE-2019-9636 by abusing the user and password parts of a URL. When an application parses user-supplied URLs to store cookies, authentication credentials, or other kind of information, it is possible for an attacker to provide specially crafted URLs to make the application locate host-related information (e.g. cookies, authentication data) and send them to a different host than where it should, unlike if the URLs had been correctly parsed. The result of an attack may vary based on the application. |
|
16 |
CVE-2019-9636 |
|
|
|
2019-03-08 |
2022-07-25 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding (with an incorrect netloc) during NFKC normalization. The impact is: Information disclosure (credentials, cookies, etc. that are cached against a given hostname). The components are: urllib.parse.urlsplit, urllib.parse.urlparse. The attack vector is: A specially crafted URL could be incorrectly parsed to locate cookies or authentication data and send that information to a different host than when parsed correctly. This is fixed in: v2.7.17, v2.7.17rc1, v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1, v3.5.7, v3.5.8, v3.5.8rc1, v3.5.8rc2, v3.5.9; v3.6.10, v3.6.10rc1, v3.6.11, v3.6.11rc1, v3.6.12, v3.6.9, v3.6.9rc1; v3.7.3, v3.7.3rc1, v3.7.4, v3.7.4rc1, v3.7.4rc2, v3.7.5, v3.7.5rc1, v3.7.6, v3.7.6rc1, v3.7.7, v3.7.7rc1, v3.7.8, v3.7.8rc1, v3.7.9. |
|
17 |
CVE-2019-6470 |
|
|
|
2019-11-01 |
2019-11-06 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in DHCPv6 mode. There was also a bug in dhcpd relating to the use of this function per its documentation, but the bug in the library function prevented this from causing any harm. All releases of dhcpd from ISC contain copies of this, and other, BIND libraries in combinations that have been tested prior to release and are known to not present issues like this. Some third-party packagers of ISC software have modified the dhcpd source, BIND source, or version matchup in ways that create the crash potential. Based on reports available to ISC, the crash probability is large and no analysis has been done on how, or even if, the probability can be manipulated by an attacker. Affects: Builds of dhcpd versions prior to version 4.4.1 when using BIND versions 9.11.2 or later, or BIND versions with specific bug fixes backported to them. ISC does not have access to comprehensive version lists for all repackagings of dhcpd that are vulnerable. In particular, builds from other vendors may also be affected. Operators are advised to consult their vendor documentation. |
|
18 |
CVE-2019-5755 |
189 |
|
|
2019-02-19 |
2019-04-17 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
Incorrect handling of negative zero in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. |
|
19 |
CVE-2019-3816 |
22 |
|
Dir. Trav. |
2019-03-14 |
2023-02-12 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Openwsman, versions up to and including 2.6.9, are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted HTTP request to openwsman server. |
|
20 |
CVE-2019-3813 |
193 |
|
DoS Exec Code |
2019-02-04 |
2022-04-26 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read due to an off-by-one error in memslot_get_virt. This may lead to a denial of service, or, in the worst case, code-execution by unauthenticated attackers. |
|
21 |
CVE-2019-2975 |
|
|
DoS |
2019-10-16 |
2022-10-06 |
5.8 |
None |
Remote |
Medium |
Not required |
None |
Partial |
Partial |
|
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). Supported versions that are affected are Java SE: 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 4.8 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L). |
|
22 |
CVE-2019-2816 |
|
|
|
2019-07-23 |
2022-10-06 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data as well as unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N). |
|
23 |
CVE-2019-2769 |
|
|
DoS |
2019-07-23 |
2022-10-06 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Utilities). Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). |
|
24 |
CVE-2019-2762 |
|
|
DoS |
2019-07-23 |
2022-10-06 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Utilities). Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). |
|
25 |
CVE-2019-2602 |
400 |
|
|
2019-04-23 |
2022-10-06 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Java SE, Java SE Embedded. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). |
|
26 |
CVE-2019-0223 |
|
|
|
2019-04-23 |
2022-04-22 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
While investigating bug PROTON-2014, we discovered that under some circumstances Apache Qpid Proton versions 0.9 to 0.27.0 (C library and its language bindings) can connect to a peer anonymously using TLS *even when configured to verify the peer certificate* while used with OpenSSL versions before 1.1.0. This means that an undetected man in the middle attack could be constructed if an attacker can arrange to intercept TLS traffic. |
|
27 |
CVE-2018-1000121 |
476 |
|
DoS |
2018-03-14 |
2019-07-23 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
A NULL pointer dereference exists in curl 7.21.0 to and including curl 7.58.0 in the LDAP code that allows an attacker to cause a denial of service |
|
28 |
CVE-2018-1000007 |
|
|
+Info |
2018-01-24 |
2022-06-13 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
libcurl 7.1 through 7.57.0 might accidentally leak authentication data to third parties. When asked to send custom headers in its HTTP requests, libcurl will send that set of headers first to the host in the initial URL but also, if asked to follow redirects and a 30X HTTP response code is returned, to the host mentioned in URL in the `Location:` response header value. Sending the same set of headers to subsequent hosts is in particular a problem for applications that pass on custom `Authorization:` headers, as this header often contains privacy sensitive information or data that could allow others to impersonate the libcurl-using client's request. |
|
29 |
CVE-2018-18074 |
522 |
|
|
2018-10-09 |
2022-07-25 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network. |
|
30 |
CVE-2018-16881 |
190 |
|
DoS |
2019-01-25 |
2022-10-06 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
A denial of service vulnerability was found in rsyslog in the imptcp module. An attacker could send a specially crafted message to the imptcp socket, which would cause rsyslog to crash. Versions before 8.27.0 are vulnerable. |
|
31 |
CVE-2018-16871 |
476 |
|
|
2019-07-30 |
2023-02-12 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the NFS server will be lost. |
|
32 |
CVE-2018-15978 |
125 |
|
|
2018-11-29 |
2018-12-28 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Flash Player versions 31.0.0.122 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. |
|
33 |
CVE-2018-15967 |
200 |
|
+Info |
2018-09-25 |
2019-10-03 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Adobe Flash Player versions 30.0.0.154 and earlier have a privilege escalation vulnerability. Successful exploitation could lead to information disclosure. |
|
34 |
CVE-2018-15688 |
120 |
|
Overflow |
2018-10-26 |
2022-01-31 |
5.8 |
None |
Local Network |
Low |
Not required |
Partial |
Partial |
Partial |
|
A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. Affected releases are systemd: versions up to and including 239. |
|
35 |
CVE-2018-15473 |
362 |
|
|
2018-08-17 |
2023-02-23 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c. |
|
36 |
CVE-2018-14647 |
909 |
|
DoS |
2018-09-25 |
2020-07-29 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Python's elementtree C accelerator failed to initialise Expat's hash salt during initialization. This could make it easy to conduct denial of service attacks against Expat by constructing an XML document that would cause pathological hash collisions in Expat's internal data structures, consuming large amounts CPU and RAM. The vulnerability exists in Python versions 3.7.0, 3.6.0 through 3.6.6, 3.5.0 through 3.5.6, 3.4.0 through 3.4.9, 2.7.0 through 2.7.15. |
|
37 |
CVE-2018-14638 |
415 |
|
DoS |
2018-09-14 |
2019-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
A flaw was found in 389-ds-base before version 1.3.8.4-13. The process ns-slapd crashes in delete_passwdPolicy function when persistent search connections are terminated unexpectedly leading to remote denial of service. |
|
38 |
CVE-2018-14624 |
20 |
|
|
2018-09-06 |
2023-02-12 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
A vulnerability was discovered in 389-ds-base through versions 1.3.7.10, 1.3.8.8 and 1.4.0.16. The lock controlling the error log was not correctly used when re-opening the log file in log__error_emergency(). An attacker could send a flood of modifications to a very large DN, which would cause slapd to crash. |
|
39 |
CVE-2018-14622 |
252 |
|
|
2018-08-30 |
2023-02-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
A null-pointer dereference vulnerability was found in libtirpc before version 0.3.3-rc3. The return value of makefd_xprt() was not checked in all instances, which could lead to a crash when the server exhausted the maximum number of available file descriptors. A remote attacker could cause an rpc-based application to crash by flooding it with new connections. |
|
40 |
CVE-2018-12827 |
125 |
|
|
2018-08-29 |
2018-10-30 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. |
|
41 |
CVE-2018-12826 |
125 |
|
|
2018-08-29 |
2018-10-30 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. |
|
42 |
CVE-2018-12395 |
|
|
Bypass |
2019-02-28 |
2019-10-03 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
By rewriting the Host: request headers using the webRequest API, a WebExtension can bypass domain restrictions through domain fronting. This would allow access to domains that share a host that are otherwise restricted. This vulnerability affects Firefox ESR < 60.3 and Firefox < 63. |
|
43 |
CVE-2018-12393 |
787 |
|
Overflow |
2019-02-28 |
2020-08-24 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
A potential vulnerability was found in 32-bit builds where an integer overflow during the conversion of scripts to an internal UTF-16 representation could result in allocating a buffer too small for the conversion. This leads to a possible out-of-bounds write. *Note: 64-bit builds are not vulnerable to this issue.*. This vulnerability affects Firefox < 63, Firefox ESR < 60.3, and Thunderbird < 60.3. |
|
44 |
CVE-2018-12386 |
704 |
|
Exec Code |
2018-10-18 |
2018-12-06 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process when triggered. This vulnerability affects Firefox ESR < 60.2.2 and Firefox < 62.0.3. |
|
45 |
CVE-2018-12121 |
400 |
|
DoS |
2018-11-28 |
2022-09-06 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers (almost 80 KB per connection), and carefully timed completion of the headers, it is possible to cause the HTTP server to abort from heap allocation failure. Attack potential is mitigated by the use of a load balancer or other proxy layer. |
|
46 |
CVE-2018-12020 |
706 |
|
|
2018-06-08 |
2022-04-18 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the "--status-fd 2" option. For example, the OpenPGP data might represent an original filename that contains line feed characters in conjunction with GOODSIG or VALIDSIG status codes. |
|
47 |
CVE-2018-10911 |
200 |
|
+Info |
2018-09-04 |
2022-04-22 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
A flaw was found in the way dic_unserialize function of glusterfs does not handle negative key length values. An attacker could use this flaw to read memory from other locations into the stored dict value. |
|
48 |
CVE-2018-10861 |
287 |
|
|
2018-07-10 |
2019-10-09 |
5.5 |
None |
Remote |
Low |
??? |
None |
Partial |
Partial |
|
A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete, create ceph storage pools and corrupt snapshot images. Ceph branches master, mimic, luminous and jewel are believed to be affected. |
|
49 |
CVE-2018-10852 |
200 |
|
+Info |
2018-06-26 |
2019-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD has too wide permissions, which means that anyone who can send a message using the same raw protocol that sudo and SSSD use can read the sudo rules available for any user. This affects versions of SSSD before 1.16.3. |
|
50 |
CVE-2018-10583 |
200 |
|
+Info |
2018-05-01 |
2020-10-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstrated by xlink:href=file://192.168.0.2/test.jpg within an office:document-content element in a .odt XML document. |
