Total
12603 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-1000199 | 4 Canonical, Debian, Linux and 1 more | 16 Ubuntu Linux, Debian Linux, Linux Kernel and 13 more | 2024-08-05 | N/A |
| The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears to have been fixed in git commit f67b15037a7a50c57f72e69a6d59941ad90a0f0f. | ||||
| CVE-2018-1000100 | 2 Canonical, Gpac Project | 2 Ubuntu Linux, Gpac | 2024-08-05 | N/A |
| GPAC MP4Box version 0.7.1 and earlier contains a Buffer Overflow vulnerability in src/isomedia/avc_ext.c lines 2417 to 2420 that can result in Heap chunks being modified, this could lead to RCE. This attack appear to be exploitable via an attacker supplied MP4 file that when run by the victim may result in RCE. | ||||
| CVE-2018-1000091 | 1 Kadnode Project | 1 Kadnode | 2024-08-05 | N/A |
| KadNode version version 2.2.0 contains a Buffer Overflow vulnerability in Arguments when starting up the binary that can result in Control of program execution flow, leading to remote code execution. | ||||
| CVE-2018-1000097 | 3 Canonical, Debian, Gnu | 3 Ubuntu Linux, Debian Linux, Sharutils | 2024-08-05 | N/A |
| Sharutils sharutils (unshar command) version 4.15.2 contains a Buffer Overflow vulnerability in Affected component on the file unshar.c at line 75, function looks_like_c_code. Failure to perform checking of the buffer containing input line. that can result in Could lead to code execution. This attack appear to be exploitable via Victim have to run unshar command on a specially crafted file.. | ||||
| CVE-2018-1000034 | 1 Info-zip | 1 Unzip | 2024-08-05 | N/A |
| An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory. | ||||
| CVE-2018-1000050 | 1 Stb Vorbis Project | 1 Stb Vorbis | 2024-08-05 | N/A |
| Sean Barrett stb_vorbis version 1.12 and earlier contains a Buffer Overflow vulnerability in All vorbis decoding paths. that can result in memory corruption, denial of service, comprised execution of host program. This attack appear to be exploitable via Victim must open a specially crafted Ogg Vorbis file. This vulnerability appears to have been fixed in 1.13. | ||||
| CVE-2018-25032 | 11 Apple, Azul, Debian and 8 more | 45 Mac Os X, Macos, Zulu and 42 more | 2024-08-05 | 7.5 High |
| zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches. | ||||
| CVE-2018-25042 | 1 Bittorrent | 1 Utorrent | 2024-08-05 | 5 Medium |
| A vulnerability classified as critical has been found in uTorrent. This affects an unknown part. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to upgrade the affected component. | ||||
| CVE-2018-21052 | 1 Google | 1 Android | 2024-08-05 | 9.8 Critical |
| An issue was discovered on Samsung mobile devices with N(7.x) and O(8.X) (Exynos chipsets) software. There is incorrect usage of shared memory in the vaultkeeper Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2018-12855 (October 2018). | ||||
| CVE-2018-21027 | 1 Boa | 1 Boa | 2024-08-05 | 9.8 Critical |
| Boa through 0.94.14rc21 allows remote attackers to trigger an out-of-memory (OOM) condition because malloc is mishandled. | ||||
| CVE-2018-20961 | 1 Linux | 1 Linux Kernel | 2024-08-05 | 9.8 Critical |
| In the Linux kernel before 4.16.4, a double free vulnerability in the f_midi_set_alt function of drivers/usb/gadget/function/f_midi.c in the f_midi driver may allow attackers to cause a denial of service or possibly have unspecified other impact. | ||||
| CVE-2018-20998 | 1 Arrayfire | 1 Arrayfire | 2024-08-05 | N/A |
| An issue was discovered in the arrayfire crate before 3.6.0 for Rust. Addition of the repr() attribute to an enum is mishandled, leading to memory corruption. | ||||
| CVE-2018-21000 | 1 Safe-transmute Project | 1 Safe-transmute | 2024-08-05 | N/A |
| An issue was discovered in the safe-transmute crate before 0.10.1 for Rust. A constructor's arguments are in the wrong order, causing heap memory corruption. | ||||
| CVE-2018-20995 | 1 Slice-deque Project | 1 Slice-deque | 2024-08-05 | N/A |
| An issue was discovered in the slice-deque crate before 0.1.16 for Rust. move_head_unchecked allows memory corruption because deque updates are mishandled. | ||||
| CVE-2018-20534 | 3 Canonical, Opensuse, Redhat | 3 Ubuntu Linux, Libsolv, Enterprise Linux | 2024-08-05 | N/A |
| There is an illegal address access at ext/testcase.c in libsolv.a in libsolv through 0.7.2 that will cause a denial of service. NOTE: third parties dispute this issue stating that the issue affects the test suite and not the underlying library. It cannot be exploited in any real-world application | ||||
| CVE-2018-19217 | 1 Gnu | 1 Ncurses | 2024-08-05 | N/A |
| In ncurses, possibly a 6.x version, there is a NULL pointer dereference at the function _nc_name_match that will lead to a denial of service attack. NOTE: the original report stated version 6.1, but the issue did not reproduce for that version according to the maintainer or a reliable third-party | ||||
| CVE-2018-19183 | 1 Ethereumjs-vm Project | 1 Ethereumjs-vm | 2024-08-05 | 7.5 High |
| ethereumjs-vm 2.4.0 allows attackers to cause a denial of service (vm.runCode failure and REVERT) via a "code: Buffer.from(my_code, 'hex')" attribute. NOTE: the vendor disputes this because REVERT is a normal bytecode that can be triggered from high-level source code, leading to a normal programmatic execution result. | ||||
| CVE-2018-19130 | 1 Libav | 1 Libav | 2024-08-05 | N/A |
| In Libav 12.3, there is an invalid memory access in vc1_decode_frame in libavcodec/vc1dec.c that allows attackers to cause a denial-of-service via a crafted aac file. NOTE: This may be a duplicate of CVE-2017-17127 | ||||
| CVE-2018-20856 | 2 Linux, Redhat | 8 Linux Kernel, Enterprise Linux, Enterprise Mrg and 5 more | 2024-08-05 | N/A |
| An issue was discovered in the Linux kernel before 4.18.7. In block/blk-core.c, there is an __blk_drain_queue() use-after-free because a certain error case is mishandled. | ||||
| CVE-2018-20854 | 1 Linux | 1 Linux Kernel | 2024-08-05 | N/A |
| An issue was discovered in the Linux kernel before 4.20. drivers/phy/mscc/phy-ocelot-serdes.c has an off-by-one error with a resultant ctrl->phys out-of-bounds read. | ||||