| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| FastStone Image Viewer 6.5 has a User Mode Write AV starting at image00400000+0x00000000000e1237 via a crafted image file. |
| Various Lexmark devices have a Buffer Overflow (issue 2 of 2). |
| Various Lexmark devices have a Buffer Overflow (issue 1 of 2). |
| The Mitel MiVoice 5330e VoIP device is affected by memory corruption flaws in the SIP/SDP packet handling functionality. An attacker can exploit this issue remotely, by sending a particular pattern of SIP/SDP packets, to cause a denial of service state in the affected devices and probably remote code execution. |
| A Buffer Overflow exploited through web interface by remote attacker can cause denial of service in Kraftway 24F2XG Router firmware 3.5.30.1118. |
| A Buffer Overflow exploited through web interface by remote attacker can cause remote code execution in Kraftway 24F2XG Router firmware 3.5.30.1118. |
| PHP Scripts Mall hotel-booking-script 2.0.4 allows remote attackers to cause a denial of service via crafted JavaScript code in the First Name, Last Name, or Address field. |
| PHP Scripts Mall advanced-real-estate-script 4.0.9 allows remote attackers to cause a denial of service (page structure loss) via crafted JavaScript code in the Name field of a profile. |
| XnView 2.45 allows remote attackers to cause a denial of service (User Mode Write AV starting at MSVCR120!memcpy+0x0000000000000074 and application crash) or possibly have unspecified other impact via a crafted RLE file. |
| XnView 2.45 allows remote attackers to cause a denial of service (User Mode Write AV starting at Qt5Core!QVariant::~QVariant+0x0000000000000014 and application crash) or possibly have unspecified other impact via a crafted RLE file. |
| XnView 2.45 allows remote attackers to cause a denial of service (Read Access Violation at the Instruction Pointer and application crash) or possibly have unspecified other impact via a crafted ICO file. |
| TP-Link WR840N devices have a buffer overflow via a long Authorization HTTP header. |
| An issue was discovered in Polycom Group Series 6.1.6.1 and earlier, HDX 3.1.12 and earlier, and Pano 1.1.1 and earlier. A remote code execution vulnerability exists in the content sharing functionality because of a Buffer Overflow via crafted packets. |
| libpango in Pango 1.40.8 through 1.42.3, as used in hexchat and other products, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted text with invalid Unicode sequences. |
| An issue has been found in dilawar sound through 2017-11-27. The end of openWavFile in wav-file.cc has Mismatched Memory Management Routines (operator new [] versus operator delete). |
| An issue has been found in PDF2JSON 0.69. XmlFontAccu::CSStyle in XmlFonts.cc has Mismatched Memory Management Routines (operator new [] versus operator delete). |
| An issue has been found in PDF2JSON 0.69. The HtmlString class in ImgOutputDev.cc has Mismatched Memory Management Routines (malloc versus operator delete). |
| The get_app_path function in desktop/unx/source/start.c in LibreOffice through 6.0.5 mishandles the realpath function in certain environments such as FreeBSD libc, which might allow attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact if LibreOffice is automatically launched during web browsing with pathnames controlled by a remote web site. |
| The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:get_next_file(). |
| Buffer overflow in dhd_bus_flow_ring_create_response in drivers/net/wireless/bcmdhd4358/dhd_pcie.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allow an attacker (who has obtained code execution on the Wi-Fi) chip to cause the device driver to perform invalid memory accesses. The Samsung ID is SVE-2018-11785. |
