Export limit exceeded: 42669 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (42669 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-11135 | 1 Quest | 1 Kace System Management Appliance | 2024-11-21 | 8.8 High |
| The script '/adminui/error_details.php' in the Quest KACE System Management Appliance 8.0.318 allows authenticated users to conduct PHP object injection attacks. | ||||
| CVE-2018-11102 | 1 Libav | 1 Libav | 2024-11-21 | N/A |
| An issue was discovered in Libav 12.3. A read access violation in the mov_probe function in libavformat/mov.c allows remote attackers to cause a denial of service (application crash), as demonstrated by avconv. | ||||
| CVE-2018-11100 | 1 Libming | 1 Libming | 2024-11-21 | N/A |
| The decompileSETTARGET function in decompile.c in libming through 0.4.8 mishandles cases where the header indicates a file size greater than the actual size, which allows remote attackers to cause a denial of service (Segmentation fault and application crash) or possibly have unspecified other impact. | ||||
| CVE-2018-11099 | 1 Vcftools Project | 1 Vcftools | 2024-11-21 | N/A |
| The header::add_INFO_descriptor function in header.cpp in VCFtools 0.1.15 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted vcf file. | ||||
| CVE-2018-11095 | 1 Libming | 1 Libming | 2024-11-21 | N/A |
| The decompileJUMP function in decompile.c in libming through 0.4.8 mishandles cases where the header indicates a file size greater than the actual size, which allows remote attackers to cause a denial of service (Segmentation fault and application crash) or possibly have unspecified other impact. | ||||
| CVE-2018-11058 | 2 Dell, Oracle | 13 Bsafe, Bsafe Crypto-c, Application Testing Suite and 10 more | 2024-11-21 | 9.8 Critical |
| RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6 (in 4.1.x), and RSA BSAFE Crypto-C Micro Edition, version prior to 4.0.5.3 (in 4.0.x) contain a Buffer Over-Read vulnerability when parsing ASN.1 data. A remote attacker could use maliciously constructed ASN.1 data that would result in such issue. | ||||
| CVE-2018-11054 | 2 Dell, Oracle | 12 Bsafe, Application Testing Suite, Communications Analytics and 9 more | 2024-11-21 | 7.5 High |
| RSA BSAFE Micro Edition Suite, version 4.1.6, contains an integer overflow vulnerability. A remote attacker could use maliciously constructed ASN.1 data to potentially cause a Denial Of Service. | ||||
| CVE-2018-11033 | 1 Xpdfreader | 1 Xpdf | 2024-11-21 | N/A |
| The DCTStream::readHuffSym function in Stream.cc in the DCT decoder in xpdf before 4.00 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JPEG data. | ||||
| CVE-2018-11017 | 1 Libming | 1 Libming | 2024-11-21 | N/A |
| The newVar_N function in decompile.c in libming through 0.4.8 mishandles cases where the header indicates a file size greater than the actual size, which allows remote attackers to cause a denial of service (Segmentation fault and application crash) or possibly have unspecified other impact. | ||||
| CVE-2018-11005 | 1 K7computing | 4 Antivrius, Enterprise Security, Total Security and 1 more | 2024-11-21 | 5.5 Medium |
| A Memory Leak issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53. | ||||
| CVE-2018-10999 | 4 Canonical, Debian, Exiv2 and 1 more | 4 Ubuntu Linux, Debian Linux, Exiv2 and 1 more | 2024-11-21 | N/A |
| An issue was discovered in Exiv2 0.26. The Exiv2::Internal::PngChunk::parseTXTChunk function has a heap-based buffer over-read. | ||||
| CVE-2018-10996 | 1 D-link | 2 Dir-629-b, Dir-629-b Firmware | 2024-11-21 | N/A |
| The weblogin_log function in /htdocs/cgibin on D-Link DIR-629-B1 devices allows attackers to execute arbitrary code or cause a denial of service (buffer overflow) via a session.cgi?ACTION=logout request involving a long REMOTE_ADDR environment variable. | ||||
| CVE-2018-10989 | 1 Commscope | 2 Arris Tg1682g, Arris Tg1682g Firmware | 2024-11-21 | 6.6 Medium |
| Arris Touchstone Telephony Gateway TG1682G 9.1.103J6 devices are distributed by some ISPs with a default password of "password" for the admin account that is used over an unencrypted http://192.168.0.1 connection, which might allow remote attackers to bypass intended access restrictions by leveraging access to the local network. NOTE: one or more user's guides distributed by ISPs state "At a minimum, you should set a login password." | ||||
| CVE-2018-10973 | 1 Koreashow Project | 1 Koreashow | 2024-11-21 | N/A |
| An integer overflow in the transferMulti function of a smart contract implementation for KoreaShow, an Ethereum ERC20 token, allows attackers to accomplish an unauthorized increase of digital assets via crafted _value parameters. | ||||
| CVE-2018-10968 | 2 D-link, Dlink | 4 Dir-550a Firmware, Dir-604m Firmware, Dir-550a and 1 more | 2024-11-21 | N/A |
| On D-Link DIR-550A and DIR-604M devices through v2.10KR, a malicious user can use a default TELNET account to get unauthorized access to vulnerable devices, aka a backdoor access vulnerability. | ||||
| CVE-2018-10958 | 4 Canonical, Debian, Exiv2 and 1 more | 4 Ubuntu Linux, Debian Linux, Exiv2 and 1 more | 2024-11-21 | N/A |
| In types.cpp in Exiv2 0.26, a large size value may lead to a SIGABRT during an attempt at memory allocation for an Exiv2::Internal::PngChunk::zlibUncompress call. | ||||
| CVE-2018-10945 | 1 Cesanta | 1 Mongoose | 2024-11-21 | N/A |
| The mg_handle_cgi function in mongoose.c in Mongoose 6.11 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash, or NULL pointer dereference) via an HTTP request, related to the mbuf_insert function. | ||||
| CVE-2018-10940 | 3 Debian, Linux, Redhat | 4 Debian Linux, Linux Kernel, Enterprise Linux and 1 more | 2024-11-21 | N/A |
| The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c in the Linux kernel before 4.16.6 allows local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory. | ||||
| CVE-2018-10932 | 2 Intel, Redhat | 2 Lldptool, Enterprise Linux | 2024-11-21 | N/A |
| lldptool version 1.0.1 and older can print a raw, unsanitized attacker controlled buffer when mngAddr information is displayed. This may allow an attacker to inject shell control characters into the buffer and impact the behavior of the terminal. | ||||
| CVE-2018-10921 | 1 Ttembed Project | 1 Ttembed | 2024-11-21 | N/A |
| Certain input files may trigger an integer overflow in ttembed input file processing. This overflow could potentially lead to corruption of the input file due to a lack of checking return codes of fgetc/fputc function calls. | ||||