CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Vulnerability Search

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2019-6498 119 Overflow 2019-01-21 2019-01-22
5.8
None Local Network Low Not required Partial Partial Partial
GattLib 0.2 has a stack-based buffer over-read in gattlib_connect in dbus/gattlib.c because strncpy is misused.
2 CVE-2019-6496 DoS Exec Code Overflow 2019-01-20 2019-01-20
0.0
None ??? ??? ??? ??? ??? ???
The ThreadX-based firmware on Marvell Avastar Wi-Fi devices allows remote attackers to execute arbitrary code or cause a denial of service (block pool overflow) via malformed Wi-Fi packets during identification of available Wi-Fi networks. Exploitation of the Wi-Fi device can lead to exploitation of the host application processor in some cases, but this depends on several factors including host OS hardening and the availability of DMA.
3 CVE-2019-6439 119 Overflow 2019-01-15 2019-01-22
7.5
None Remote Low Not required Partial Partial Partial
examples/benchmark/tls_bench.c in a benchmark tool in wolfSSL through 3.15.7 has a heap-based buffer overflow.
4 CVE-2019-6285 119 DoS Overflow 2019-01-14 2019-01-22
4.3
None Remote Medium Not required None None Partial
The SingleDocParser::HandleFlowSequence function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.
5 CVE-2019-6284 119 Overflow 2019-01-14 2019-01-23
4.3
None Remote Medium Not required None None Partial
In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::alternatives in prelexer.hpp.
6 CVE-2019-6283 119 Overflow 2019-01-14 2019-01-23
4.3
None Remote Medium Not required None None Partial
In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::parenthese_scope in prelexer.hpp.
7 CVE-2019-6250 190 Exec Code Overflow 2019-01-13 2019-01-24
9.0
None Remote Low Single system Complete Complete Complete
A pointer overflow, with code execution, was discovered in ZeroMQ libzmq (aka 0MQ) 4.2.x and 4.3.x before 4.3.1. A v2_decoder.cpp zmq::v2_decoder_t::size_ready integer overflow allows an authenticated attacker to overwrite an arbitrary amount of bytes beyond the bounds of a buffer, which can be leveraged to run arbitrary code on the target system. The memory layout allows the attacker to inject OS commands into a data structure located immediately after the problematic buffer (i.e., it is not necessary to use a typical buffer-overflow exploitation technique that changes the flow of control).
8 CVE-2019-6247 Exec Code Overflow 2019-01-12 2019-01-12
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used in SVG++ (aka svgpp) 1.2.3. A heap-based buffer overflow bug in svgpp_agg_render may lead to code execution. In the render_scanlines_aa_solid function, the blend_hline function is called repeatedly multiple times. blend_hline is equivalent to a loop containing write operations. Each call writes a piece of heap data, and multiple calls overwrite the data in the heap.
9 CVE-2019-6136 119 Overflow 2019-01-11 2019-01-23
5.0
None Remote Low Not required None None Partial
An issue has been found in libIEC61850 v1.3.1. Ethernet_setProtocolFilter in hal/ethernet/linux/ethernet_linux.c has a SEGV, as demonstrated by sv_subscriber_example.c and sv_subscriber.c.
10 CVE-2019-5005 119 DoS Overflow Mem. Corr. 2019-01-03 2019-01-15
4.3
None Remote Medium Not required None None Partial
An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on Windows. They allowed Denial of Service (application crash) via image data, because two bytes are written to the end of the allocated memory without judging whether this will cause corruption.
11 CVE-2019-3574 119 Overflow 2019-01-02 2019-01-10
6.8
None Remote Medium Not required Partial Partial Partial
In libsixel v1.8.2, there is a heap-based buffer over-read in the function load_jpeg() in the file loader.c, as demonstrated by img2sixel.
12 CVE-2019-1651 DoS Exec Code Overflow 2019-01-24 2019-01-24
0.0
None ??? ??? ??? ??? ??? ???
A vulnerability in the vContainer of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to cause a denial of service (DoS) condition and execute arbitrary code as the root user. The vulnerability is due to improper bounds checking by the vContainer. An attacker could exploit this vulnerability by sending a malicious file to an affected vContainer instance. A successful exploit could allow the attacker to cause a buffer overflow condition on the affected vContainer, which could result in a DoS condition that the attacker could use to execute arbitrary code as the root user.
13 CVE-2019-0586 119 Exec Code Overflow Mem. Corr. 2019-01-08 2019-01-15
10.0
None Remote Low Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka "Microsoft Exchange Memory Corruption Vulnerability." This affects Microsoft Exchange Server.
14 CVE-2019-0584 119 Exec Code Overflow 2019-01-08 2019-01-15
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2019-0538, CVE-2019-0575, CVE-2019-0576, CVE-2019-0577, CVE-2019-0578, CVE-2019-0579, CVE-2019-0580, CVE-2019-0581, CVE-2019-0582, CVE-2019-0583.
15 CVE-2019-0583 119 Exec Code Overflow 2019-01-08 2019-01-16
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2019-0538, CVE-2019-0575, CVE-2019-0576, CVE-2019-0577, CVE-2019-0578, CVE-2019-0579, CVE-2019-0580, CVE-2019-0581, CVE-2019-0582, CVE-2019-0584.
16 CVE-2019-0582 119 Exec Code Overflow 2019-01-08 2019-01-16
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2019-0538, CVE-2019-0575, CVE-2019-0576, CVE-2019-0577, CVE-2019-0578, CVE-2019-0579, CVE-2019-0580, CVE-2019-0581, CVE-2019-0583, CVE-2019-0584.
17 CVE-2019-0581 119 Exec Code Overflow 2019-01-08 2019-01-16
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2019-0538, CVE-2019-0575, CVE-2019-0576, CVE-2019-0577, CVE-2019-0578, CVE-2019-0579, CVE-2019-0580, CVE-2019-0582, CVE-2019-0583, CVE-2019-0584.
18 CVE-2019-0580 119 Exec Code Overflow 2019-01-08 2019-01-16
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2019-0538, CVE-2019-0575, CVE-2019-0576, CVE-2019-0577, CVE-2019-0578, CVE-2019-0579, CVE-2019-0581, CVE-2019-0582, CVE-2019-0583, CVE-2019-0584.
19 CVE-2019-0579 119 Exec Code Overflow 2019-01-08 2019-01-16
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2019-0538, CVE-2019-0575, CVE-2019-0576, CVE-2019-0577, CVE-2019-0578, CVE-2019-0580, CVE-2019-0581, CVE-2019-0582, CVE-2019-0583, CVE-2019-0584.
20 CVE-2019-0578 119 Exec Code Overflow 2019-01-08 2019-01-16
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2019-0538, CVE-2019-0575, CVE-2019-0576, CVE-2019-0577, CVE-2019-0579, CVE-2019-0580, CVE-2019-0581, CVE-2019-0582, CVE-2019-0583, CVE-2019-0584.
21 CVE-2019-0577 119 Exec Code Overflow 2019-01-08 2019-01-16
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2019-0538, CVE-2019-0575, CVE-2019-0576, CVE-2019-0578, CVE-2019-0579, CVE-2019-0580, CVE-2019-0581, CVE-2019-0582, CVE-2019-0583, CVE-2019-0584.
22 CVE-2019-0576 119 Exec Code Overflow 2019-01-08 2019-01-16
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2019-0538, CVE-2019-0575, CVE-2019-0577, CVE-2019-0578, CVE-2019-0579, CVE-2019-0580, CVE-2019-0581, CVE-2019-0582, CVE-2019-0583, CVE-2019-0584.
23 CVE-2019-0575 119 Exec Code Overflow 2019-01-08 2019-01-16
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2019-0538, CVE-2019-0576, CVE-2019-0577, CVE-2019-0578, CVE-2019-0579, CVE-2019-0580, CVE-2019-0581, CVE-2019-0582, CVE-2019-0583, CVE-2019-0584.
24 CVE-2019-0568 119 Exec Code Overflow Mem. Corr. 2019-01-08 2019-01-19
7.6
None Remote High Not required Complete Complete Complete
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2019-0539, CVE-2019-0567.
25 CVE-2019-0567 119 Exec Code Overflow Mem. Corr. 2019-01-08 2019-01-19
7.6
None Remote High Not required Complete Complete Complete
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2019-0539, CVE-2019-0568.
26 CVE-2019-0565 119 Exec Code Overflow Mem. Corr. 2019-01-08 2019-01-11
7.6
None Remote High Not required Complete Complete Complete
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge.
27 CVE-2019-0547 119 Exec Code Overflow Mem. Corr. 2019-01-08 2019-01-15
7.5
None Remote Low Not required Partial Partial Partial
A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client, aka "Windows DHCP Client Remote Code Execution Vulnerability." This affects Windows 10, Windows 10 Servers.
28 CVE-2019-0546 119 Exec Code Overflow 2019-01-08 2019-01-15
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Visual Studio when the C++ compiler improperly handles specific combinations of C++ constructs, aka "Visual Studio Remote Code Execution Vulnerability." This affects Microsoft Visual Studio.
29 CVE-2019-0539 119 Exec Code Overflow Mem. Corr. 2019-01-08 2019-01-19
7.6
None Remote High Not required Complete Complete Complete
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2019-0567, CVE-2019-0568.
30 CVE-2019-0538 119 Exec Code Overflow 2019-01-08 2019-01-14
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2019-0575, CVE-2019-0576, CVE-2019-0577, CVE-2019-0578, CVE-2019-0579, CVE-2019-0580, CVE-2019-0581, CVE-2019-0582, CVE-2019-0583, CVE-2019-0584.
31 CVE-2018-1999011 119 Exec Code Overflow 2018-07-23 2018-09-19
6.8
None Remote Medium Not required Partial Partial Partial
FFmpeg before commit 2b46ebdbff1d8dec7a3d8ea280a612b91a582869 contains a Buffer Overflow vulnerability in asf_o format demuxer that can result in heap-buffer-overflow that may result in remote code execution. This attack appears to be exploitable via specially crafted ASF file that has to be provided as input to FFmpeg. This vulnerability appears to have been fixed in 2b46ebdbff1d8dec7a3d8ea280a612b91a582869 and later.
32 CVE-2018-1000886 Overflow 2018-12-20 2018-12-20
0.0
None ??? ??? ??? ??? ??? ???
nasm version 2.14.01rc5, 2.15 contains a Buffer Overflow vulnerability in asm/stdscan.c:130 that can result in Stack-overflow caused by triggering endless macro generation, crash the program. This attack appear to be exploitable via a crafted nasm input file.
33 CVE-2018-1000876 190 Exec Code Overflow 2018-12-20 2019-01-10
4.6
None Local Low Not required Partial Partial Partial
binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_dynamic_reloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code.. This attack appear to be exploitable via Local. This vulnerability appears to have been fixed in after commit 3a551c7a1b80fca579461774860574eabfd7f18f.
34 CVE-2018-1000810 190 Overflow 2018-10-08 2019-01-04
7.5
None Remote Low Not required Partial Partial Partial
The Rust Programming Language Standard Library version 1.29.0, 1.28.0, 1.27.2, 1.27.1, 127.0, 126.2, 126.1, 126.0 contains a CWE-680: Integer Overflow to Buffer Overflow vulnerability in standard library that can result in buffer overflow. This attack appear to be exploitable via str::repeat, passed a large number, can overflow an internal buffer. This vulnerability appears to have been fixed in 1.29.1.
35 CVE-2018-1000804 119 Exec Code Overflow Sql 2018-10-08 2018-12-04
10.0
None Remote Low Not required Complete Complete Complete
contiki-ng version 4 contains a Buffer Overflow vulnerability in AQL (Antelope Query Language) database engine that can result in Attacker can perform Remote Code Execution on device using Contiki-NG operating system. This attack appear to be exploitable via Attacker must be able to run malicious AQL code (e.g. via SQL-like Injection attack).
36 CVE-2018-1000667 119 Overflow Mem. Corr. 2018-09-06 2018-11-01
4.3
None Remote Medium Not required None None Partial
NASM nasm-2.13.03 nasm- 2.14rc15 version 2.14rc15 and earlier contains a memory corruption (crashed) of nasm when handling a crafted file due to function assemble_file(inname, depend_ptr) at asm/nasm.c:482. vulnerability in function assemble_file(inname, depend_ptr) at asm/nasm.c:482. that can result in aborting/crash nasm program. This attack appear to be exploitable via a specially crafted asm file..
37 CVE-2018-1000663 119 Exec Code Overflow 2018-09-06 2018-10-25
4.3
None Remote Medium Not required None None Partial
jsish version 2.4.70 2.047 contains a Buffer Overflow vulnerability in function _jsi_evalcode from jsiEval.c that can result in Crash due to segmentation fault. This attack appear to be exploitable via The victim must execute crafted javascript code.
38 CVE-2018-1000657 119 Exec Code Overflow 2018-08-20 2018-10-18
4.6
None Local Low Not required Partial Partial Partial
Rust Programming Language Rust standard library version Commit bfa0e1f58acf1c28d500c34ed258f09ae021893e and later; stable release 1.3.0 and later contains a Buffer Overflow vulnerability in std::collections::vec_deque::VecDeque::reserve() function that can result in Arbitrary code execution, but no proof-of-concept exploit is currently published.. This vulnerability appears to have been fixed in after commit fdfafb510b1a38f727e920dccbeeb638d39a8e60; stable release 1.22.0 and later.
39 CVE-2018-1000637 119 DoS Exec Code Overflow 2018-08-20 2018-11-02
6.8
None Remote Medium Not required Partial Partial Partial
zutils version prior to version 1.8-pre2 contains a Buffer Overflow vulnerability in zcat that can result in Potential denial of service or arbitrary code execution. This attack appear to be exploitable via the victim openning a crafted compressed file. This vulnerability appears to have been fixed in 1.8-pre2.
40 CVE-2018-1000618 119 Overflow 2018-07-09 2018-09-12
7.5
None Remote Low Not required Partial Partial Partial
EOSIO/eos eos version after commit f1545dd0ae2b77580c2236fdb70ae7138d2c7168 contains a stack overflow vulnerability in abi_serializer that can result in attack eos network node. This attack appear to be exploitable via network request. This vulnerability appears to have been fixed in after commit cf7209e703e6d3f7a5413e0cb1fe88a4d8e4b38d .
41 CVE-2018-1000537 119 Exec Code Overflow 2018-06-26 2018-08-31
7.5
None Remote Low Not required Partial Partial Partial
Marlin Firmware Marlin version 1.1.x and earlier contains a Buffer Overflow vulnerability in cardreader.cpp (Depending on branch/version) that can result in Arbitrary code execution. This attack appear to be exploitable via Crafted G-Code instruction/file is sent to the printer.
42 CVE-2018-1000524 190 DoS Overflow 2018-06-26 2018-08-28
4.3
None Remote Medium Not required None None Partial
miniSphere version 5.2.9 and earlier contains a Integer Overflow vulnerability in layer_resize() function in map_engine.c that can result in remote denial of service. This attack appear to be exploitable via the victim must load a specially-crafted map which calls SetLayerSize in its entry script. This vulnerability appears to have been fixed in 5.0.3, 5.1.5, 5.2.10 and later.
43 CVE-2018-1000517 119 Overflow 2018-06-26 2018-08-30
7.5
None Remote Low Not required Partial Partial Partial
BusyBox project BusyBox wget version prior to commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e contains a Buffer Overflow vulnerability in Busybox wget that can result in heap buffer overflow. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in after commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e.
44 CVE-2018-1000301 119 DoS Overflow 2018-05-24 2019-01-16
6.4
None Remote Low Not required Partial None Partial
curl version curl 7.20.0 to and including curl 7.59.0 contains a CWE-126: Buffer Over-read vulnerability in denial of service that can result in curl can be tricked into reading data beyond the end of a heap based buffer used to store downloaded RTSP content.. This vulnerability appears to have been fixed in curl < 7.20.0 and curl >= 7.60.0.
45 CVE-2018-1000300 119 DoS Overflow 2018-05-24 2019-01-16
7.5
None Remote Low Not required Partial Partial Partial
curl version curl 7.54.1 to and including curl 7.59.0 contains a CWE-122: Heap-based Buffer Overflow vulnerability in denial of service and more that can result in curl might overflow a heap based memory buffer when closing down an FTP connection with very long server command replies.. This vulnerability appears to have been fixed in curl < 7.54.1 and curl >= 7.60.0.
46 CVE-2018-1000224 502 Overflow 2018-08-20 2018-10-31
5.0
None Remote Low Not required None None Partial
Godot Engine version All versions prior to 2.1.5, all 3.0 versions prior to 3.0.6. contains a Signed/unsigned comparison, wrong buffer size chackes, integer overflow, missing padding initialization vulnerability in (De)Serialization functions (core/io/marshalls.cpp) that can result in DoS (packet of death), possible leak of uninitialized memory. This attack appear to be exploitable via A malformed packet is received over the network by a Godot application that uses built-in serialization (e.g. game server, or game client). Could be triggered by multiplayer opponent. This vulnerability appears to have been fixed in 2.1.5, 3.0.6, master branch after commit feaf03421dda0213382b51aff07bd5a96b29487b.
47 CVE-2018-1000223 119 Exec Code Overflow 2018-08-20 2018-10-15
6.8
None Remote Medium Not required Partial Partial Partial
soundtouch version up to and including 2.0.0 contains a Buffer Overflow vulnerability in SoundStretch/WavFile.cpp:WavInFile::readHeaderBlock() that can result in arbitrary code execution. This attack appear to be exploitable via victim must open maliocius file in soundstretch utility.
48 CVE-2018-1000221 119 Overflow 2018-08-20 2018-10-15
7.5
None Remote Low Not required Partial Partial Partial
pkgconf version 1.5.0 to 1.5.2 contains a Buffer Overflow vulnerability in dequote() that can result in dequote() function returns 1-byte allocation if initial length is 0, leading to buffer overflow. This attack appear to be exploitable via specially crafted .pc file. This vulnerability appears to have been fixed in 1.5.3.
49 CVE-2018-1000199 388 Exec Code Mem. Corr. 2018-05-24 2018-06-27
4.9
None Local Low Not required None None Complete
The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears to have been fixed in git commit f67b15037a7a50c57f72e69a6d59941ad90a0f0f.
50 CVE-2018-1000178 119 Exec Code Overflow 2018-05-08 2018-10-21
7.5
None Remote Low Not required Partial Partial Partial
A heap corruption of type CWE-120 exists in quassel version 0.12.4 in quasselcore in void DataStreamPeer::processMessage(const QByteArray &msg) datastreampeer.cpp line 62 that allows an attacker to execute code remotely.
51 CVE-2018-1000140 119 Exec Code Overflow 2018-03-23 2018-10-21
7.5
None Remote Low Not required Partial Partial Partial
rsyslog librelp version 1.2.14 and earlier contains a Buffer Overflow vulnerability in the checking of x509 certificates from a peer that can result in Remote code execution. This attack appear to be exploitable a remote attacker that can connect to rsyslog and trigger a stack buffer overflow by sending a specially crafted x509 certificate.
52 CVE-2018-1000128 Exec Code Overflow 2018-03-13 2018-03-13
0.0
None ??? ??? ??? ??? ??? ???
GPAC MP4Box version prior to commit 90dc7f853d31b0a4e9441cba97feccf36d8b69a4 contains a Buffer Overflow vulnerability in src/media_tools/av_parsers.c, lines 2387-2388: https://github.com/gpac/gpac/blob/84c4e606a1f906cd4b07ad94d19cea2b668f64ad/src/media_tools/av_parsers.c#L2387-L2388 that can result in may allow an attacker to achieve remote code execution. This attack appear to be exploitable via The victim must open a specially crafted MP4 file. This vulnerability appears to have been fixed in after commit 90dc7f853d31b0a4e9441cba97feccf36d8b69a4.
53 CVE-2018-1000127 190 Overflow 2018-03-13 2018-07-31
5.0
None Remote Low Not required None None Partial
memcached version prior to 1.4.37 contains an Integer Overflow vulnerability in items.c:item_free() that can result in data corruption and deadlocks due to items existing in hash table being reused from free list. This attack appear to be exploitable via network connectivity to the memcached service. This vulnerability appears to have been fixed in 1.4.37 and later.
54 CVE-2018-1000122 119 DoS Overflow +Info 2018-03-14 2019-01-16
6.4
None Remote Low Not required Partial None Partial
A buffer over-read exists in curl 7.20.0 to and including curl 7.58.0 in the RTSP+RTP handling code that allows an attacker to cause a denial of service or information leakage
55 CVE-2018-1000120 787 DoS Overflow 2018-03-14 2019-01-16
7.5
None Remote Low Not required Partial Partial Partial
A buffer overflow exists in curl 7.12.3 to and including curl 7.58.0 in the FTP URL handling that allows an attacker to cause a denial of service or worse.
56 CVE-2018-1000117 119 Exec Code Overflow 2018-03-07 2018-03-29
7.2
None Local Low Not required Complete Complete Complete
Python Software Foundation CPython version From 3.2 until 3.6.4 on Windows contains a Buffer Overflow vulnerability in os.symlink() function on Windows that can result in Arbitrary code execution, likely escalation of privilege. This attack appears to be exploitable via a python script that creates a symlink with an attacker controlled name or location. This vulnerability appears to have been fixed in 3.7.0 and 3.6.5.
57 CVE-2018-1000116 119 Exec Code Overflow 2018-03-07 2018-03-29
7.5
None Remote Low Not required Partial Partial Partial
NET-SNMP version 5.7.2 contains a heap corruption vulnerability in the UDP protocol handler that can result in command execution.
58 CVE-2018-1000101 119 Overflow 2018-03-06 2018-03-29
7.5
None Remote Low Not required Partial Partial Partial
Mingw-w64 version 5.0.3 and earlier contains an Improper Null Termination (CWE-170) vulnerability in mingw-w64-crt (libc)->(v)snprintf that can result in The bug may be used to corrupt subsequent string functions. This attack appear to be exploitable via Depending on the usage, worst case: network.
59 CVE-2018-1000100 119 Overflow 2018-03-06 2018-03-26
6.8
None Remote Medium Not required Partial Partial Partial
GPAC MP4Box version 0.7.1 and earlier contains a Buffer Overflow vulnerability in src/isomedia/avc_ext.c lines 2417 to 2420 that can result in Heap chunks being modified, this could lead to RCE. This attack appear to be exploitable via an attacker supplied MP4 file that when run by the victim may result in RCE.
60 CVE-2018-1000098 190 Overflow 2018-03-12 2018-04-11
5.0
None Remote Low Not required None None Partial
Teluu PJSIP version 2.7.1 and earlier contains a Integer Overflow vulnerability in pjmedia SDP parsing that can result in Crash. This attack appear to be exploitable via Sending a specially crafted message. This vulnerability appears to have been fixed in 2.7.2.
61 CVE-2018-1000097 119 Exec Code Overflow 2018-03-12 2018-04-13
6.8
None Remote Medium Not required Partial Partial Partial
Sharutils sharutils (unshar command) version 4.15.2 contains a Buffer Overflow vulnerability in Affected component on the file unshar.c at line 75, function looks_like_c_code. Failure to perform checking of the buffer containing input line. that can result in Could lead to code execution. This attack appear to be exploitable via Victim have to run unshar command on a specially crafted file..
62 CVE-2018-1000091 119 Exec Code Overflow 2018-03-13 2018-04-10
6.5
None Remote Low Single system Partial Partial Partial
KadNode version version 2.2.0 contains a Buffer Overflow vulnerability in Arguments when starting up the binary that can result in Control of program execution flow, leading to remote code execution.
63 CVE-2018-1000052 119 DoS Overflow Mem. Corr. 2018-02-09 2018-03-08
5.0
None Remote Low Not required None None Partial
fmtlib version prior to version 4.1.0 (before commit 0555cea5fc0bf890afe0071a558e44625a34ba85) contains a Memory corruption (SIGSEGV), CWE-134 vulnerability in fmt::print() library function that can result in Denial of Service. This attack appear to be exploitable via Specifying an invalid format specifier in the fmt::print() function results in a SIGSEGV (memory corruption, invalid write). This vulnerability appears to have been fixed in after commit 8cf30aa2be256eba07bb1cefb998c52326e846e7.
64 CVE-2018-1000050 119 DoS Overflow Mem. Corr. 2018-02-09 2018-03-08
6.8
None Remote Medium Not required Partial Partial Partial
Sean Barrett stb_vorbis version 1.12 and earlier contains a Buffer Overflow vulnerability in All vorbis decoding paths. that can result in memory corruption, denial of service, comprised execution of host program. This attack appear to be exploitable via Victim must open a specially crafted Ogg Vorbis file. This vulnerability appears to have been fixed in 1.13.
65 CVE-2018-1000038 119 Exec Code Overflow 2018-05-24 2018-11-27
6.8
None Remote Medium Not required Partial Partial Partial
In MuPDF 1.12.0 and earlier, a stack buffer overflow in function pdf_lookup_cmap_full in pdf/pdf-cmap.c could allow an attacker to execute arbitrary code via a crafted file.
66 CVE-2018-1000035 119 DoS Exec Code Overflow 2018-02-09 2018-02-26
6.8
None Remote Medium Not required Partial Partial Partial
A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the processing of password-protected archives that allows an attacker to perform a denial of service or to possibly achieve code execution.
67 CVE-2018-1000032 119 DoS Exec Code Overflow 2018-02-09 2018-02-26
6.8
None Remote Medium Not required Partial Partial Partial
A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service or to possibly achieve code execution.
68 CVE-2018-1000031 119 DoS Exec Code Overflow 2018-02-09 2018-02-26
6.8
None Remote Medium Not required Partial Partial Partial
A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service or to possibly achieve code execution.
69 CVE-2018-1000030 119 Overflow Mem. Corr. 2018-02-08 2018-11-16
6.8
None Remote Medium Not required Partial Partial Partial
Python 2.7.14 is vulnerable to a Heap-Buffer-Overflow as well as a Heap-Use-After-Free. Python versions prior to 2.7.14 may also be vulnerable and it appears that Python 2.7.17 and prior may also be vulnerable however this has not been confirmed. The vulnerability lies when multiply threads are handling large amounts of data. In both cases there is essentially a race condition that occurs. For the Heap-Buffer-Overflow, Thread 2 is creating the size for a buffer, but Thread1 is already writing to the buffer without knowing how much to write. So when a large amount of data is being processed, it is very easy to cause memory corruption using a Heap-Buffer-Overflow. As for the Use-After-Free, Thread3->Malloc->Thread1->Free's->Thread2-Re-uses-Free'd Memory. The PSRT has stated that this is not a security vulnerability due to the fact that the attacker must be able to run code, however in some situations, such as function as a service, this vulnerability can potentially be used by an attacker to violate a trust boundary, as such the DWF feels this issue deserves a CVE.
70 CVE-2018-1000001 119 Exec Code Overflow 2018-01-31 2018-06-15
7.2
None Local Low Not required Complete Complete Complete
In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution.
71 CVE-2018-20712 119 Overflow 2019-01-14 2019-01-22
4.3
None Remote Medium Not required None None Partial
A heap-based buffer over-read exists in the function d_expression_1 in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.1. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by c++filt.
72 CVE-2018-20673 190 Overflow 2019-01-04 2019-01-15
4.3
None Remote Medium Not required None None Partial
The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow vulnerability (for "Create an array for saving the template argument values") that can trigger a heap-based buffer overflow, as demonstrated by nm.
73 CVE-2018-20671 190 Overflow 2019-01-04 2019-01-14
4.3
None Remote Medium Not required None None Partial
load_specific_debug_section in objdump.c in GNU Binutils through 2.31.1 contains an integer overflow vulnerability that can trigger a heap-based buffer overflow via a crafted section size.
74 CVE-2018-20618 119 Overflow 2018-12-31 2019-01-10
6.8
None Remote Medium Not required Partial Partial Partial
ok-file-formats through 2018-10-16 has a heap-based buffer over-read in the ok_mo_decode2 function in ok_mo.c.
75 CVE-2018-20617 119 Overflow 2018-12-31 2019-01-10
6.8
None Remote Medium Not required Partial Partial Partial
ok-file-formats through 2018-10-16 has a heap-based buffer overflow in the ok_csv_decode2 function in ok_csv.c.
76 CVE-2018-20616 119 Overflow 2018-12-31 2019-01-10
6.8
None Remote Medium Not required Partial Partial Partial
ok-file-formats through 2018-10-16 has a heap-based buffer overflow in the ok_wav_decode_ms_adpcm_data function in ok_wav.c.
77 CVE-2018-20593 119 Overflow 2018-12-30 2019-01-09
4.3
None Remote Medium Not required None None Partial
In Mini-XML (aka mxml) v2.12, there is stack-based buffer overflow in the scan_file function in mxmldoc.c.
78 CVE-2018-20584 119 DoS Overflow 2018-12-30 2019-01-11
4.3
None Remote Medium Not required None None Partial
JasPer 2.0.14 allows remote attackers to cause a denial of service (application hang) via an attempted conversion to the jp2 format, as demonstrated by 00 00 00 0c 6a 50 20 20 0d 0a 87 0a 00 00 00 14 66 74 79 70 6a 70 32 20 00 00 00 00 6a 70 32 20 00 00 00 2d 6a 70 32 68 00 00 00 16 69 68 64 72 00 00 00 20 00 00 00 20 00 03 07 07 00 00 00 00 00 0f 63 6f 6c 72 01 00 00 00 00 00 10 00 00 00 d8 6a 70 32 63 ff 4f ff 51 00 2f 00 00 00 08 00 20 00 00 00 20 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 20 00 00 00 00 00 00 00 00 00 03 07 01 01 07 01 01 07 01 01 ff 52 00 0c 00 00 00 01 01 00 04 04 00 01 ff 5c 00 04 40 40 ff 64 00 25 00 01 43 72 65 61 74 65 64 20 62 79 20 4f 70 65 6e 4a 50 45 47 20 76 65 72 73 69 6f 6e 20 32 2e 31 2e 30 ff 90 00 0a 00 00 00 00 00 60 00 01 ff 93 dc d7 00 18 80 0e 21 bf fc 2e ea b2 37 ce db f3 05 52 3f 43 2d 2b dd d7 64 c4 3d 67 ff 72 ab 35 2b f8 43 ca b3 5f ca d9 24 85 b4 59 5c 8d 25 fd 77 80 cb 78 1d 87 60 d6 f8 28 6e 8f 65 45 25 ea ff 5d bf 1a 71 13 10 a9 de e4 dd 6b 41 f7 38 dc 66 4f ff d9.
79 CVE-2018-20579 119 Overflow 2018-12-28 2019-01-14
3.6
None Local Low Not required None Partial Partial
Contiki-NG before 4.2 has a stack-based buffer overflow in the push function in os/lib/json/jsonparse.c that allows an out-of-bounds write of an '{' or '[' character.
80 CVE-2018-20574 119 DoS Overflow 2018-12-28 2019-01-10
4.3
None Remote Medium Not required None None Partial
The SingleDocParser::HandleFlowMap function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.
81 CVE-2018-20573 119 DoS Overflow 2018-12-28 2019-01-10
4.3
None Remote Medium Not required None None Partial
The Scanner::EnsureTokensInQueue function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.
82 CVE-2018-20542 119 Overflow 2018-12-28 2019-01-11
6.8
None Remote Medium Not required Partial Partial Partial
There is a heap-based buffer-overflow at generator_spgemm_csc_reader.c (function libxsmm_sparse_csc_reader) in LIBXSMM 1.10, a different vulnerability than CVE-2018-20541 (which is in a different part of the source code and is seen at a different address).
83 CVE-2018-20541 119 Overflow 2018-12-28 2019-01-11
6.8
None Remote Medium Not required Partial Partial Partial
There is a heap-based buffer overflow in libxsmm_sparse_csc_reader at generator_spgemm_csc_reader.c in LIBXSMM 1.10, a different vulnerability than CVE-2018-20542 (which is in a different part of the source code and is seen at different addresses).
84 CVE-2018-20460 119 Overflow 2018-12-25 2018-12-31
4.3
None Remote Medium Not required None None Partial
In radare2 prior to 3.1.2, the parseOperands function in libr/asm/arch/arm/armass64.c allows attackers to cause a denial-of-service (application crash caused by stack-based buffer overflow) by crafting an input file.
85 CVE-2018-20455 119 DoS Overflow 2018-12-25 2018-12-31
4.3
None Remote Medium Not required None None Partial
In radare2 prior to 3.1.1, the parseOperand function inside libr/asm/p/asm_x86_nz.c may allow attackers to cause a denial of service (application crash via a stack-based buffer overflow) by crafting an input file, a related issue to CVE-2018-20456.
86 CVE-2018-20452 119 DoS Overflow 2018-12-25 2019-01-11
6.8
None Remote Medium Not required Partial Partial Partial
The read_MSAT_body function in ole.c in libxls 1.4.0 has an invalid free that allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file, because of inconsistent memory management (new versus free) in ole2_read_header in ole.c.
87 CVE-2018-20451 119 DoS Overflow 2018-12-25 2019-01-08
4.3
None Remote Medium Not required None None Partial
The process_file function in reader.c in libdoc through 2017-10-23 has a heap-based buffer over-read that allows attackers to cause a denial of service (application crash) via a crafted file.
88 CVE-2018-20410 Overflow 2018-12-23 2018-12-23
0.0
None ??? ??? ??? ??? ??? ???
WellinTech KingSCADA before 3.7.0.0.1 contains a stack-based buffer overflow. The vulnerability is triggered when sending a specially crafted packet to the AlarmServer (AEserver.exe) service listening on TCP port 12401.
89 CVE-2018-20409 119 Overflow 2018-12-23 2019-01-04
4.3
None Remote Medium Not required None None Partial
An issue was discovered in Bento4 1.5.1-627. There is a heap-based buffer over-read in AP4_AvccAtom::Create in Core/Ap4AvccAtom.cpp, as demonstrated by mp42hls.
90 CVE-2018-20406 Overflow 2018-12-23 2018-12-23
0.0
None ??? ??? ??? ??? ??? ???
Modules/_pickle.c in Python before 3.7.1 has an integer overflow via a large LONG_BINPUT value that is mishandled during a "resize to twice the size" attempt. This issue might cause memory exhaustion, but is only relevant if the pickle format is used for serializing tens or hundreds of gigabytes of data.
91 CVE-2018-20365 119 Overflow 2018-12-22 2019-01-04
4.3
None Remote Medium Not required None None Partial
LibRaw::raw2image() in libraw_cxx.cpp has a heap-based buffer overflow.
92 CVE-2018-20361 119 DoS Overflow 2018-12-22 2018-12-27
4.3
None Remote Medium Not required None None Partial
An invalid memory address dereference was discovered in the hf_assembly function of libfaad/sbr_hfadj.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.
93 CVE-2018-20360 119 DoS Overflow 2018-12-22 2018-12-27
4.3
None Remote Medium Not required None None Partial
An invalid memory address dereference was discovered in the sbr_process_channel function of libfaad/sbr_dec.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.
94 CVE-2018-20359 119 DoS Overflow 2018-12-22 2018-12-27
4.3
None Remote Medium Not required None None Partial
An invalid memory address dereference was discovered in the sbrDecodeSingleFramePS function of libfaad/sbr_dec.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.
95 CVE-2018-20358 119 DoS Overflow 2018-12-22 2018-12-27
4.3
None Remote Medium Not required None None Partial
An invalid memory address dereference was discovered in the lt_prediction function of libfaad/lt_predict.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.
96 CVE-2018-20348 119 DoS Overflow 2018-12-21 2019-01-14
1.9
None Local Medium Not required None None Partial
libpff_item_tree_create_node in libpff_item_tree.c in libpff before experimental-20180714 allows attackers to cause a denial of service (infinite recursion) via a crafted file, related to libfdata_tree_get_node_value in libfdata_tree.c.
97 CVE-2018-20346 Exec Code Overflow 2018-12-21 2018-12-27
0.0
None ??? ??? ??? ??? ??? ???
SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases), aka Magellan.
98 CVE-2018-20337 119 DoS Overflow 2018-12-21 2019-01-08
6.8
None Remote Medium Not required Partial Partial Partial
There is a stack-based buffer overflow in the parse_makernote function of dcraw_common.cpp in LibRaw 0.19.1. Crafted input will lead to a denial of service or possibly unspecified other impact.
99 CVE-2018-20331 119 DoS Exec Code Overflow 2018-12-22 2018-12-31
7.2
None Local Low Not required Complete Complete Complete
Local attackers can trigger a Kernel Pool Buffer Overflow in Antiy AVL ATool v1.0.0.22. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of IOCTL 0x80002004 by the ssdt.sys kernel driver. The bug is caused by failure to properly validate the length of the user-supplied data. An attacker can leverage this vulnerability to execute arbitrary code in the context of the kernel, which could lead to privilege escalation. A failed exploit could lead to denial of service.
100 CVE-2018-20330 190 Overflow 2018-12-21 2019-01-08
6.8
None Remote Medium Not required Partial Partial Partial
The tjLoadImage function in libjpeg-turbo 2.0.1 has an integer overflow with a resultant heap-based buffer overflow via a BMP image because multiplication of pitch and height is mishandled, as demonstrated by tjbench.
101 CVE-2018-20305 119 Exec Code Overflow 2018-12-19 2019-01-07
7.5
None Remote Low Not required Partial Partial Partial
D-Link DIR-816 A2 1.10 B05 devices allow arbitrary remote code execution without authentication via the newpass parameter. In the /goform/form2userconfig.cgi handler function, a long password may lead to a stack-based buffer overflow and overwrite a return address.
102 CVE-2018-20299 Exec Code Overflow 2018-12-19 2018-12-19
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in several Bosch Smart Home cameras (360 degree indoor camera and Eyes outdoor camera) with firmware before 6.52.4. A malicious client could potentially succeed in the unauthorized execution of code on the device via the network interface, because there is a buffer overflow in the RCP+ parser of the web server.
103 CVE-2018-20247 119 Overflow 2018-12-24 2019-01-10
6.8
None Remote Medium Not required Partial Partial Partial
In Foxit Quick PDF Library (all versions prior to 16.12), issue where loading a malformed or malicious PDF containing a recursive page tree structure using the LoadFromFile, LoadFromString or LoadFromStream functions results in a stack overflow.
104 CVE-2018-20230 119 DoS Overflow 2018-12-19 2019-01-03
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in PSPP 1.2.0. There is a heap-based buffer overflow at the function read_bytes_internal in utilities/pspp-dump-sav.c, which allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
105 CVE-2018-20213 119 DoS Overflow 2018-12-18 2019-01-10
5.0
None Remote Low Not required None None Partial
wbook_addworksheet in workbook.c in libexcel.a in libexcel 0.01 allows attackers to cause a denial of service (SEGV) via a long name. NOTE: this is not a Microsoft product.
106 CVE-2018-20201 119 DoS Overflow 2018-12-18 2019-01-07
6.8
None Remote Medium Not required Partial Partial Partial
There is a stack-based buffer over-read in the jsfNameFromString function of jsflash.c in Espruino 2V00, leading to a denial of service or possibly unspecified other impact via a crafted js file.
107 CVE-2018-20197 119 DoS Overflow 2018-12-17 2019-01-09
6.8
None Remote Medium Not required Partial Partial Partial
There is a stack-based buffer underflow in the third instance of the calculate_gain function in libfaad/sbr_hfadj.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. A crafted input will lead to a denial of service or possibly unspecified other impact because limiting the additional noise energy level is mishandled for the G_max > G case.
108 CVE-2018-20196 119 DoS Overflow 2018-12-17 2019-01-09
6.8
None Remote Medium Not required Partial Partial Partial
There is a stack-based buffer overflow in the third instance of the calculate_gain function in libfaad/sbr_hfadj.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. A crafted input will lead to a denial of service or possibly unspecified other impact because the S_M array is mishandled.
109 CVE-2018-20194 119 DoS Overflow 2018-12-17 2019-01-09
6.8
None Remote Medium Not required Partial Partial Partial
There is a stack-based buffer underflow in the third instance of the calculate_gain function in libfaad/sbr_hfadj.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. A crafted input will lead to a denial of service or possibly unspecified other impact because limiting the additional noise energy level is mishandled for the G_max <= G case.
110 CVE-2018-20184 119 DoS Overflow 2018-12-17 2019-01-08
4.3
None Remote Medium Not required None None Partial
In GraphicsMagick 1.4 snapshot-20181209 Q8, there is a heap-based buffer overflow in the WriteTGAImage function of tga.c, which allows attackers to cause a denial of service via a crafted image file, because the number of rows or columns can exceed the pixel-dimension restrictions of the TGA specification.
111 CVE-2018-20098 119 DoS Overflow 2018-12-12 2018-12-26
4.3
None Remote Medium Not required None None Partial
There is a heap-based buffer over-read in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.
112 CVE-2018-20097 119 DoS Overflow 2018-12-12 2018-12-26
4.3
None Remote Medium Not required None None Partial
There is a SEGV in Exiv2::Internal::TiffParserWorker::findPrimaryGroups of tiffimage_int.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.
113 CVE-2018-20096 119 DoS Overflow 2018-12-12 2018-12-26
4.3
None Remote Medium Not required None None Partial
There is a heap-based buffer over-read in the Exiv2::tEXtToDataBuf function of pngimage.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.
114 CVE-2018-20056 119 Exec Code Overflow 2018-12-11 2018-12-31
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 and DIR-605L Rev.B 2.12B1 devices. There is a stack-based buffer overflow allowing remote attackers to execute arbitrary code without authentication via the goform/formLanguageChange currTime parameter.
115 CVE-2018-20029 119 DoS Overflow 2018-12-10 2019-01-07
4.9
None Local Low Not required None None Complete
The nxfs.sys driver in the DokanFS library 0.6.0 in NoMachine before 6.4.6 on Windows 10 allows local users to cause a denial of service (BSOD) because uninitialized memory can be read.
116 CVE-2018-20004 Overflow 2018-12-10 2018-12-10
0.0
None ??? ??? ??? ??? ??? ???
An issue has been found in Mini-XML (aka mxml) 2.12. It is a stack-based buffer overflow in mxml_write_node in mxml-file.c via vectors involving a double-precision floating point number and the '<order type="real">' substring, as demonstrated by testmxml.
117 CVE-2018-19932 190 Overflow 2018-12-07 2018-12-31
4.3
None Remote Medium Not required None None Partial
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is an integer overflow and infinite loop caused by the IS_CONTAINED_BY_LMA macro in elf.c.
118 CVE-2018-19931 119 Overflow 2018-12-07 2018-12-31
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is a heap-based buffer overflow in bfd_elf32_swap_phdr_in in elfcode.h because the number of program headers is not restricted.
119 CVE-2018-19891 119 DoS Overflow 2018-12-05 2018-12-28
4.3
None Remote Medium Not required None None Partial
An invalid memory address dereference was discovered in the huffcode function (libfaac/huff2.c) in Freeware Advanced Audio Coder (FAAC) 1.29.9.2. The vulnerability causes a segmentation fault and application crash, which leads to denial of service in the book 10 case.
120 CVE-2018-19890 119 DoS Overflow 2018-12-05 2018-12-28
4.3
None Remote Medium Not required None None Partial
An invalid memory address dereference was discovered in the huffcode function (libfaac/huff2.c) in Freeware Advanced Audio Coder (FAAC) 1.29.9.2. The vulnerability causes a segmentation fault and application crash, which leads to denial of service in the book 2 case.
121 CVE-2018-19889 119 DoS Overflow 2018-12-05 2018-12-28
4.3
None Remote Medium Not required None None Partial
An invalid memory address dereference was discovered in the huffcode function (libfaac/huff2.c) in Freeware Advanced Audio Coder (FAAC) 1.29.9.2. The vulnerability causes a segmentation fault and application crash, which leads to denial of service in the book 6 case.
122 CVE-2018-19888 119 DoS Overflow 2018-12-05 2018-12-28
4.3
None Remote Medium Not required None None Partial
An invalid memory address dereference was discovered in the huffcode function (libfaac/huff2.c) in Freeware Advanced Audio Coder (FAAC) 1.29.9.2. The vulnerability causes a segmentation fault and application crash, which leads to denial of service in the HCB_ESC case.
123 CVE-2018-19887 119 DoS Overflow 2018-12-05 2018-12-28
4.3
None Remote Medium Not required None None Partial
An invalid memory address dereference was discovered in the huffcode function (libfaac/huff2.c) in Freeware Advanced Audio Coder (FAAC) 1.29.9.2. The vulnerability causes a segmentation fault and application crash, which leads to denial of service in the book 4 case.
124 CVE-2018-19886 119 DoS Overflow 2018-12-05 2018-12-28
4.3
None Remote Medium Not required None None Partial
An invalid memory address dereference was discovered in the huffcode function (libfaac/huff2.c) in Freeware Advanced Audio Coder (FAAC) 1.29.9.2. The vulnerability causes a segmentation fault and application crash, which leads to denial of service in the book 8 case.
125 CVE-2018-19873 119 Overflow 2018-12-26 2019-01-08
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data.
126 CVE-2018-19864 20 DoS Exec Code Overflow 2018-12-05 2018-12-26
10.0
None Remote Low Not required Complete Complete Complete
NUUO NVRmini2 Network Video Recorder firmware through 3.9.1 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow), resulting in ability to read camera feeds or reconfigure the device.
127 CVE-2018-19862 119 Exec Code Overflow 2019-01-03 2019-01-09
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP POST request. NOTE: this product is discontinued.
128 CVE-2018-19861 119 Exec Code Overflow 2019-01-03 2019-01-09
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP HEAD request. NOTE: this product is discontinued.
129 CVE-2018-19792 DoS Overflow 2018-12-03 2018-12-03
0.0
None ??? ??? ??? ??? ??? ???
The server in LiteSpeed OpenLiteSpeed before 1.5.0 RC6 allows local users to cause a denial of service (buffer overflow) or possibly have unspecified other impact by creating a symlink through which the openlitespeed program can be invoked with a long command name (involving ../ characters), which is mishandled in the LshttpdMain::getServerRootFromExecutablePath function.
130 CVE-2018-19762 119 DoS Overflow 2018-11-29 2018-12-26
6.8
None Remote Medium Not required Partial Partial Partial
There is a heap-based buffer overflow at fromsixel.c (function: image_buffer_resize) in libsixel 1.8.2 that will cause a denial of service or possibly unspecified other impact.
131 CVE-2018-19716 119 Exec Code Overflow 2019-01-18 2019-01-23
7.5
None Remote Low Not required Partial Partial Partial
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.
132 CVE-2018-19665 Mem. Corr. 2018-12-06 2018-12-06
0.0
None ??? ??? ??? ??? ??? ???
The Bluetooth subsystem in QEMU mishandles negative values for length variables, leading to memory corruption.
133 CVE-2018-19664 119 Overflow 2018-11-29 2018-12-21
4.3
None Remote Medium Not required None None Partial
libjpeg-turbo 2.0.1 has a heap-based buffer over-read in the put_pixel_rows function in wrbmp.c, as demonstrated by djpeg.
134 CVE-2018-19662 119 DoS Overflow 2018-11-29 2018-12-26
4.3
None Remote Medium Not required None None Partial
An issue was discovered in libsndfile 1.0.28. There is a buffer over-read in the function i2alaw_array in alaw.c that will lead to a denial of service.
135 CVE-2018-19661 119 DoS Overflow 2018-11-29 2018-12-26
4.3
None Remote Medium Not required None None Partial
An issue was discovered in libsndfile 1.0.28. There is a buffer over-read in the function i2ulaw_array in ulaw.c that will lead to a denial of service.
136 CVE-2018-19655 Overflow 2018-11-29 2018-11-29
0.0
None ??? ??? ??? ??? ??? ???
A stack-based buffer overflow in the find_green() function of dcraw through 9.28, as used in ufraw-batch and many other products, may allow a remote attacker to cause a control-flow hijack, denial-of-service, or unspecified other impact via a maliciously crafted raw photo file.
137 CVE-2018-19650 119 DoS Exec Code Overflow 2018-12-05 2019-01-04
7.2
None Local Low Not required Complete Complete Complete
Local attackers can trigger a stack-based buffer overflow on vulnerable installations of Antiy-AVL ATool security management v1.0.0.22. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of IOCTL 0x80002000 by the IRPFile.sys Antiy-AVL ATool kernel driver. The bug is caused by failure to properly validate the length of the user-supplied data, which results in a kernel stack buffer overflow. An attacker can leverage this vulnerability to execute arbitrary code in the context of the kernel, which could lead to privilege escalation and a failed exploit could lead to denial of service.
138 CVE-2018-19626 119 Overflow 2018-11-28 2019-01-16
4.3
None Remote Medium Not required None None Partial
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the DCOM dissector could crash. This was addressed in epan/dissectors/packet-dcom.c by adding '\0' termination.
139 CVE-2018-19622 400 Overflow 2018-11-28 2019-01-16
4.3
None Remote Medium Not required None None Partial
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the MMSE dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-mmse.c by preventing length overflows.
140 CVE-2018-19568 119 Overflow 2018-11-26 2018-12-19
4.3
None Remote Medium Not required None None Partial
A floating point exception in kodak_radc_load_raw in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code.
141 CVE-2018-19567 119 Overflow 2018-11-26 2018-12-19
4.3
None Remote Medium Not required None None Partial
A floating point exception in parse_tiff_ifd in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code.
142 CVE-2018-19543 119 Overflow 2018-11-25 2018-12-07
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in JasPer 2.0.14. There is a heap-based buffer over-read of size 8 in the function jp2_decode in libjasper/jp2/jp2_dec.c.
143 CVE-2018-19540 119 Overflow 2018-11-25 2019-01-03
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in JasPer 2.0.14. There is a heap-based buffer overflow of size 1 in the function jas_icctxtdesc_input in libjasper/base/jas_icc.c.
144 CVE-2018-19535 119 DoS Overflow 2018-11-25 2018-12-19
4.3
None Remote Medium Not required None None Partial
In Exiv2 0.26 and previous versions, PngChunk::readRawProfile in pngchunk_int.cpp may cause a denial of service (application crash due to a heap-based buffer over-read) via a crafted PNG file.
145 CVE-2018-19528 119 DoS Overflow 2018-11-25 2018-12-19
10.0
None Remote Low Not required Complete Complete Complete
TP-Link TL-WR886N 7.0 1.1.0 devices allow remote attackers to cause a denial of service (Tlb Load Exception) via crafted DNS packets to port 53/udp.
146 CVE-2018-19503 119 Overflow 2018-11-23 2018-12-18
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.1. There was a stack-based buffer overflow in the function calculate_gain() in libfaad/sbr_hfadj.c.
147 CVE-2018-19502 119 Overflow 2018-11-23 2018-12-18
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.1. There was a heap-based buffer overflow in the function excluded_channels() in libfaad/syntax.c.
148 CVE-2018-19492 119 Overflow 2018-11-23 2018-12-18
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in cairo.trm in Gnuplot 5.2.5. This issue allows an attacker to conduct a buffer overflow with an arbitrary amount of data in the cairotrm_options function. This flaw is caused by a missing size check of an argument passed to the "set font" function. This issue occurs when the Gnuplot pngcairo terminal is used as a backend.
149 CVE-2018-19491 119 Overflow 2018-11-23 2018-12-18
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in post.trm in Gnuplot 5.2.5. This issue allows an attacker to conduct a buffer overflow with an arbitrary amount of data in the PS_options function. This flaw is caused by a missing size check of an argument passed to the "set font" function. This issue occurs when the Gnuplot postscript terminal is used as a backend.
150 CVE-2018-19490 119 Overflow 2018-11-23 2018-12-18
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in datafile.c in Gnuplot 5.2.5. This issue allows an attacker to conduct a heap-based buffer overflow with an arbitrary amount of data in df_generate_ascii_array_entry. To exploit this vulnerability, an attacker must pass an overlong string as the right bound of the range argument that is passed to the plot function.
151 CVE-2018-19459 119 Overflow 2018-11-22 2018-12-18
6.8
None Remote Medium Not required Partial Partial Partial
Adult Filter 1.0 has a Buffer Overflow via a crafted Black Domain List file.
152 CVE-2018-19357 119 DoS Exec Code Overflow 2018-12-24 2019-01-09
6.8
None Remote Medium Not required Partial Partial Partial
XMPlay 3.8.3 allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted http:// URL in a .m3u file.
153 CVE-2018-19278 119 Overflow 2018-11-14 2018-12-29
5.0
None Remote Low Not required None None Partial
Buffer overflow in DNS SRV and NAPTR lookups in Digium Asterisk 15.x before 15.6.2 and 16.x before 16.0.1 allows remote attackers to crash Asterisk via a specially crafted DNS SRV or NAPTR response, because a buffer size is supposed to match an expanded length but actually matches a compressed length.
154 CVE-2018-19242 119 Overflow 2018-12-20 2019-01-14
6.5
None Remote Low Single system Partial Partial Partial
Buffer overflow in apply.cgi on TRENDnet TEW-632BRP 1.010B32 and TEW-673GRU devices allows attackers to hijack the control flow to any attacker-specified location by crafting a POST request payload (with authentication).
155 CVE-2018-19241 119 Overflow 2018-12-20 2019-01-14
5.0
None Remote Low Not required None Partial None
Buffer overflow in video.cgi on TRENDnet TV-IP110WN V1.2.2 build 68, V1.2.2.65, and V1.2.2 build 64 and TV-IP121WN V1.2.2 build 28 devices allows attackers to hijack the control flow to any attacker-specified location by crafting a POST request payload (without authentication).
156 CVE-2018-19240 119 Overflow 2018-12-20 2019-01-14
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in network.cgi on TRENDnet TV-IP110WN V1.2.2 build 68, V1.2.2.65, and V1.2.2 build 64 and TV-IP121WN V1.2.2 build 28 devices allows attackers to hijack the control flow to any attacker-specified location by crafting a POST request payload (without authentication).
157 CVE-2018-19199 190 Overflow 2018-11-12 2018-12-12
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an integer overflow via a uriComposeQuery* or uriComposeQueryEx* function because of an unchecked multiplication.
158 CVE-2018-19185 119 Overflow 2018-11-12 2018-12-14
7.5
None Remote Low Not required Partial Partial Partial
An issue has been found in libIEC61850 v1.3. It is a heap-based buffer overflow in BerEncoder_encodeOctetString in mms/asn1/ber_encoder.c. This is exploitable even after CVE-2018-18834 has been patched, with a different dataSetValue sequence than the CVE-2018-18834 attack vector.
159 CVE-2018-19183 119 DoS Overflow 2018-11-11 2018-12-13
5.0
None Remote Low Not required None None Partial
ethereumjs-vm 2.4.0 allows attackers to cause a denial of service (vm.runCode failure and REVERT) via a "code: Buffer.from(my_code, 'hex')" attribute.
160 CVE-2018-19150 119 DoS Overflow Mem. Corr. 2018-11-10 2019-01-16
6.8
None Remote Medium Not required Partial Partial Partial
Memory corruption in PDMODELProvidePDModelHFT in pdmodel.dll in pdfforge PDF Architect 6 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact because of a "Data from Faulting Address controls Code Flow" issue.
161 CVE-2018-19130 119 Overflow 2018-11-09 2018-12-12
4.3
None Remote Medium Not required None None Partial
In Libav 12.3, there is an invalid memory access in vc1_decode_frame in libavcodec/vc1dec.c that allows attackers to cause a denial-of-service via a crafted aac file.
162 CVE-2018-19128 119 Overflow 2018-11-09 2018-12-12
4.3
None Remote Medium Not required None None Partial
In Libav 12.3, there is a heap-based buffer over-read in decode_frame in libavcodec/lcldec.c that allows an attacker to cause denial-of-service via a crafted avi file.
163 CVE-2018-19118 119 DoS Overflow 2018-12-13 2019-01-06
5.0
None Remote Low Not required None None Partial
Zoho ManageEngine ADAudit before 5.1 build 5120 allows remote attackers to cause a denial of service (stack-based buffer overflow) via the 'Domain Name' field when adding a new domain.
164 CVE-2018-19115 119 Overflow 2018-11-08 2019-01-08
7.5
None Remote Low Not required Partial Partial Partial
keepalived before 2.0.7 has a heap-based buffer overflow when parsing HTTP status codes resulting in DoS or possibly unspecified other impact, because extract_status_code in lib/html.c has no validation of the status code and instead writes an unlimited amount of data to the heap.
165 CVE-2018-19108 190 DoS Overflow 2018-11-08 2018-12-13
4.3
None Remote Medium Not required None None Partial
In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD image reader may suffer from a denial of service (infinite loop) caused by an integer overflow via a crafted PSD image file.
166 CVE-2018-19107 190 DoS Overflow 2018-11-08 2018-12-13
4.3
None Remote Medium Not required None None Partial
In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called from psdimage.cpp in the PSD image reader) may suffer from a denial of service (heap-based buffer over-read) caused by an integer overflow via a crafted PSD image file.
167 CVE-2018-19087 119 DoS Exec Code Overflow 2018-11-09 2018-12-12
7.2
None Local Low Not required Complete Complete Complete
RegFilter.sys in IOBit Malware Fighter 6.2 is susceptible to a stack-based buffer overflow when an attacker uses IOCTL 0x8006E044 with a size larger than 8 bytes. This can lead to denial of service or code execution with root privileges.
168 CVE-2018-19086 119 DoS Exec Code Overflow 2018-11-09 2018-12-12
7.2
None Local Low Not required Complete Complete Complete
RegFilter.sys in IOBit Malware Fighter 6.2 is susceptible to a stack-based buffer overflow when an attacker uses IOCTL 0x8006E040 with a size larger than 8 bytes. This can lead to denial of service or code execution with root privileges.
169 CVE-2018-19085 119 DoS Exec Code Overflow 2018-11-09 2018-12-10
7.2
None Local Low Not required Complete Complete Complete
RegFilter.sys in IOBit Malware Fighter 6.2 is susceptible to a stack-based buffer overflow when an attacker uses IOCTL 0x8006E048 with a size larger than 8 bytes. This can lead to denial of service or code execution with root privileges.
170 CVE-2018-19084 119 DoS Exec Code Overflow 2018-11-09 2018-12-12
7.2
None Local Low Not required Complete Complete Complete
RegFilter.sys in IOBit Malware Fighter 6.2 is susceptible to a stack-based buffer overflow when an attacker uses IOCTL 0x8006E05C with a size larger than 8 bytes. This can lead to denial of service or code execution with root privileges.
171 CVE-2018-19082 119 Overflow 2018-11-07 2018-12-13
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ONVIF devicemgmt SetDNS method allows remote attackers to conduct stack-based buffer overflow attacks via the IPv4Address field.
172 CVE-2018-18999 20 Overflow 2018-12-19 2019-01-11
7.5
None Remote Low Not required Partial Partial Partial
WebAccess/SCADA, WebAccess/SCADA Version 8.3.2 installed on Windows 2008 R2 SP1. Lack of proper validation of user supplied input may allow an attacker to cause the overflow of a buffer on the stack.
173 CVE-2018-18993 119 Exec Code Overflow 2018-12-04 2019-01-03
6.8
None Remote Medium Not required Partial Partial Partial
Two stack-based buffer overflow vulnerabilities have been discovered in CX-One Versions 4.42 and prior (CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior). When processing project files, the application allows input data to exceed the buffer. An attacker could use a specially crafted project file to overflow the buffer and execute code under the privileges of the application.
174 CVE-2018-18983 119 Exec Code Overflow 2018-11-30 2018-12-27
6.8
None Remote Medium Not required Partial Partial Partial
VT-Designer Version 2.1.7.31 is vulnerable by the program reading the contents of a file (which is already in memory) into another heap-based buffer, which may cause the program to crash or allow remote code execution.
175 CVE-2018-18957 119 Overflow 2018-11-05 2018-12-07
7.5
None Remote Low Not required Partial Partial Partial
An issue has been found in libIEC61850 v1.3. It is a stack-based buffer overflow in prepareGooseBuffer in goose/goose_publisher.c.
176 CVE-2018-18928 190 Overflow 2018-11-04 2019-01-16
7.5
None Remote Low Not required Partial Partial Partial
International Components for Unicode (ICU) for C/C++ 63.1 has an integer overflow in number::impl::DecimalQuantity::toScientificString() in i18n/number_decimalquantity.cpp.
177 CVE-2018-18861 119 Exec Code Overflow 2018-11-20 2018-12-18
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in PCMan FTP Server 2.0.7 allows for remote code execution via the APPE command.
178 CVE-2018-18834 119 Overflow 2018-10-30 2018-12-07
7.5
None Remote Low Not required Partial Partial Partial
An issue has been found in libIEC61850 v1.3. It is a heap-based buffer overflow in BerEncoder_encodeOctetString in mms/asn1/ber_encoder.c.
179 CVE-2018-18828 119 Overflow 2018-10-30 2018-12-06
4.3
None Remote Medium Not required None None Partial
There exists a heap-based buffer overflow in vc1_decode_i_block_adv in vc1_block.c in Libav 12.3, which allows attackers to cause a denial-of-service via a crafted aac file.
180 CVE-2018-18826 119 Overflow 2018-10-30 2018-12-06
4.3
None Remote Medium Not required None None Partial
There exists a heap-based buffer overflow in vc1_decode_p_mb_intfi in vc1_block.c in Libav 12.3, which allows attackers to cause a denial-of-service via a crafted aac file.
181 CVE-2018-18820 119 DoS Exec Code Overflow 2018-11-05 2019-01-23
6.8
None Remote Medium Not required Partial Partial Partial
A buffer overflow was discovered in the URL-authentication backend of the Icecast before 2.4.4. If the backend is enabled, then any malicious HTTP client can send a request for that specific resource including a crafted header, leading to denial of service and potentially remote code execution.
182 CVE-2018-18759 119 Overflow 2018-11-16 2019-01-14
5.0
None Remote Low Not required None None Partial
Modbus Slave 7.0.0 in modbus tools has a Buffer Overflow.
183 CVE-2018-18756 119 Overflow 2018-11-16 2018-12-31
5.0
None Remote Low Not required None None Partial
Local Server 1.0.9 has a Buffer Overflow via crafted data on Port 4008.
184 CVE-2018-18749 190 Overflow 2018-10-29 2018-12-17
4.3
None Remote Medium Not required None None Partial
data-tools through 2017-07-26 has an Integer Overflow leading to an incorrect end value for the write_wchars function.
185 CVE-2018-18732 Overflow 2018-10-29 2018-10-29
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the 'ntpServer' parameter for a post request, the value is directly used in a strcpy to a local variable placed on the stack, which overrides the return address of the function.
186 CVE-2018-18731 Overflow 2018-10-29 2018-10-29
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the 'deviceMac' parameter for a post request, the value is directly used in a sprintf to a local variable placed on the stack, which overrides the return address of the function.
187 CVE-2018-18730 119 Overflow 2018-10-29 2018-12-14
7.8
None Remote Low Not required None None Complete
An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the 'startIp' and 'endIp' parameters for a post request, each value is directly used in a sprintf to a local variable placed on the stack, which overrides the return address of the function.
188 CVE-2018-18729 119 Overflow +Info 2018-10-29 2018-12-14
9.0
None Remote Low Not required Partial Partial Complete
An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a heap-based buffer overflow vulnerability in the router's web server -- httpd. While processing the 'mac' parameter for a post request, the value is directly used in a strcpy to a variable placed on the heap, which can leak sensitive information or even hijack program control flow.
189 CVE-2018-18727 119 Overflow 2018-10-29 2018-12-14
7.8
None Remote Low Not required None None Complete
An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the 'deviceList' parameter for a post request, the value is directly used in a strcpy to a local variable placed on the stack, which overrides the return address of the function.
190 CVE-2018-18714 119 DoS Exec Code Overflow 2018-11-01 2018-12-10
7.2
None Local Low Not required Complete Complete Complete
RegFilter.sys in IOBit Malware Fighter 6.2 and earlier is susceptible to a stack-based buffer overflow when an attacker uses IOCTL 0x8006E010. This can lead to denial of service (DoS) or code execution with root privileges.
191 CVE-2018-18709 119 Overflow 2018-10-29 2018-12-14
7.8
None Remote Low Not required None None Complete
An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. It is a buffer overflow vulnerability in the router's web server -- httpd. When processing the "firewallEn" parameter for a post request, the value is directly used in a strcpy to a local variable placed on the stack, which overrides the return address of the function.
192 CVE-2018-18708 119 Overflow 2018-10-29 2018-12-14
7.8
None Remote Low Not required None None Complete
An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. It is a buffer overflow vulnerability in the router's web server -- httpd. When processing the "page" parameter of the function "fromAddressNat" for a post request, the value is directly used in a sprintf to a local variable placed on the stack, which overrides the return address of the function.
193 CVE-2018-18707 119 Overflow 2018-10-29 2018-12-14
7.8
None Remote Low Not required None None Complete
An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. It is a buffer overflow vulnerability in the router's web server -- httpd. When processing the "ssid" parameter for a post request, the value is directly used in a strcpy to a local variable placed on the stack, which overrides the return address of the function.
194 CVE-2018-18706 119 Overflow 2018-10-29 2018-12-14
7.8
None Remote Low Not required None None Complete
An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. It is a buffer overflow vulnerability in the router's web server -- httpd. When processing the "page" parameter of the function "fromDhcpListClient" for a request, it is directly used in a sprintf to a local variable placed on the stack, which overrides the return address of the function.
195 CVE-2018-18695 119 Overflow 2018-11-01 2018-12-12
4.6
None Local Low Not required Partial Partial Partial
M2SOFT Report Designer Viewer 5.0 allows a Buffer Overflow with Extended Instruction Pointer (EIP) control via a crafted MRD file.
196 CVE-2018-18667 190 Overflow 2018-12-28 2019-01-11
5.0
None Remote Low Not required None Partial None
The mintToken function of Pylon (PYLNT) aka PylonToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value, a related issue to CVE-2018-11812.
197 CVE-2018-18666 190 Overflow 2018-12-28 2019-01-11
5.0
None Remote Low Not required None Partial None
The mintToken function of SwftCoin (SWFTC) aka SwftCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
198 CVE-2018-18665 190 Overflow 2018-12-28 2019-01-11
5.0
None Remote Low Not required None Partial None
The mintToken function of Nexxus (NXX) aka NexxusToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
199 CVE-2018-18650 190 DoS Overflow 2018-10-25 2018-12-06
4.3
None Remote Medium Not required None None Partial
An issue was discovered in Xpdf 4.00. XRef::readXRefStream in XRef.cc allows attackers to launch a denial of service (Integer Overflow) via a crafted /Size value in a pdf file, as demonstrated by pdftohtml. This is mainly caused by the program attempting a malloc operation for a large amount of memory.
200 CVE-2018-18605 119 DoS Overflow 2018-10-23 2018-12-06
4.3
None Remote Medium Not required None None Partial
A heap-based buffer over-read issue was discovered in the function sec_merge_hash_lookup in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, because _bfd_add_merge_section mishandles section merges when size is not a multiple of entsize. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.
Maximum 200 results per search are displayed, please narrow down your search criteria

Vendor
Add %'s for "like" queries( e.g:php% will match vendors starting with the string php. But you are not allowed to use %'s at the beginning of search phrase, or use more than one % due to performance problems)
You can enter multiple vendor names separated by ',' characters (without the quotes), vendor names will be OR'ed. You can also use % characters when entering multiple vendors.
Product
Add %'s for "like" queries( e.g:php% will match products starting with the string php. But you are not allowed to use %'s at the beginning of search phrase, or use more than one % due to performance problems)
You can enter multiple product names separated by ',' characters (without the quotes), product names will be OR'ed. You can also use % characters when entering multiple products.
CVE ID
Exact match
Microsoft Bulletin
Exact match
Bugtraq Id (BID)
Exact match
CWE ID
Exact match
Public Exploit
CVSS Score Minimum : Maximum: (Both values are used as "equals or greater than")
Vulnerability Publish Date Between : Year: Month: And : Year : Month :
Vulnerability Update Date Between : Year: Month: And : Year : Month :
Vulnerability Type












Access Vector


Complexity


Authentication


Confidentiality


Integrity


Availability


Gained Access
(Security Protection)




CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.