Total
2855 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2018-11828 | 1 Qualcomm | 18 Sd 205, Sd 205 Firmware, Sd 210 and 15 more | 2024-08-05 | N/A |
When FW tries to get random mac address generated from new SW RNG and ADC values read are constant then DUT get struck in loop while trying to get random ADC samples in Snapdragon Mobile in version SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52 | ||||
CVE-2018-11813 | 2 Ijg, Redhat | 2 Libjpeg, Enterprise Linux | 2024-08-05 | N/A |
libjpeg 9c has a large loop because read_pixel in rdtarga.c mishandles EOF. | ||||
CVE-2018-11577 | 4 Canonical, Liblouis, Opensuse and 1 more | 4 Ubuntu Linux, Liblouis, Leap and 1 more | 2024-08-05 | N/A |
Liblouis 3.5.0 has a Segmentation fault in lou_logPrint in logging.c. | ||||
CVE-2018-11357 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2024-08-05 | N/A |
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LTP dissector and other dissectors could consume excessive memory. This was addressed in epan/tvbuff.c by rejecting negative lengths. | ||||
CVE-2018-11056 | 2 Dell, Oracle | 13 Bsafe, Bsafe Crypto-c, Application Testing Suite and 10 more | 2024-08-05 | 6.5 Medium |
RSA BSAFE Micro Edition Suite, prior to 4.1.6.1 (in 4.1.x), and RSA BSAFE Crypto-C Micro Edition versions prior to 4.0.5.3 (in 4.0.x) contain an Uncontrolled Resource Consumption ('Resource Exhaustion') vulnerability when parsing ASN.1 data. A remote attacker could use maliciously constructed ASN.1 data that would exhaust the stack, potentially causing a Denial Of Service. | ||||
CVE-2018-10998 | 4 Canonical, Debian, Exiv2 and 1 more | 7 Ubuntu Linux, Debian Linux, Exiv2 and 4 more | 2024-08-05 | 6.5 Medium |
An issue was discovered in Exiv2 0.26. readMetadata in jp2image.cpp allows remote attackers to cause a denial of service (SIGABRT) by triggering an incorrect Safe::add call. | ||||
CVE-2018-10958 | 4 Canonical, Debian, Exiv2 and 1 more | 4 Ubuntu Linux, Debian Linux, Exiv2 and 1 more | 2024-08-05 | N/A |
In types.cpp in Exiv2 0.26, a large size value may lead to a SIGABRT during an attempt at memory allocation for an Exiv2::Internal::PngChunk::zlibUncompress call. | ||||
CVE-2018-10935 | 1 Redhat | 2 389 Directory Server, Enterprise Linux | 2024-08-05 | 6.5 Medium |
A flaw was found in the 389 Directory Server that allows users to cause a crash in the LDAP server using ldapsearch with server side sort. | ||||
CVE-2018-10924 | 1 Gluster | 1 Glusterfs | 2024-08-05 | N/A |
It was discovered that fsync(2) system call in glusterfs client code leaks memory. An authenticated attacker could use this flaw to launch a denial of service attack by making gluster clients consume memory of the host machine. | ||||
CVE-2018-10938 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2024-08-05 | N/A |
A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipso_v4_optptr() function in net/ipv4/cipso_ipv4.c leading to a denial-of-service. A certain non-default configuration of LSM (Linux Security Module) and NetLabel should be set up on a system before an attacker could leverage this flaw. | ||||
CVE-2018-10772 | 2 Exiv2, Redhat | 2 Exiv2, Enterprise Linux | 2024-08-05 | N/A |
The tEXtToDataBuf function in pngimage.cpp in Exiv2 through 0.26 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file. | ||||
CVE-2018-10851 | 1 Powerdns | 2 Authoritative, Recursor | 2024-08-05 | N/A |
PowerDNS Authoritative Server 3.3.0 up to 4.1.4 excluding 4.1.5 and 4.0.6, and PowerDNS Recursor 3.2 up to 4.1.4 excluding 4.1.5 and 4.0.9, are vulnerable to a memory leak while parsing malformed records that can lead to remote denial of service. | ||||
CVE-2018-10827 | 1 Litecart | 1 Litecart | 2024-08-05 | N/A |
LiteCart before 2.1.2 allows remote attackers to cause a denial of service (memory consumption) via URIs that do not exist, because public_html/logs/not_found.log grows without bound, and is loaded into memory for each request. | ||||
CVE-2018-10868 | 1 Redhat | 1 Certification | 2024-08-05 | 7.5 High |
redhat-certification 7 does not properly restrict the number of recursive definitions of entities in XML documents, allowing an unauthenticated user to run a "Billion Laugh Attack" by replying to XMLRPC methods when getting the status of an host. | ||||
CVE-2018-10864 | 1 Redhat | 3 Certification, Certifications, Linux | 2024-08-05 | N/A |
An uncontrolled resource consumption flaw has been discovered in redhat-certification in the way documents are loaded. A remote attacker may provide an existing but invalid XML file which would be opened and never closed, possibly producing a Denial of Service. | ||||
CVE-2018-10585 | 1 Pexip | 1 Pexip Infinity | 2024-08-05 | 7.5 High |
Pexip Infinity before 18 allows remote Denial of Service (XML parsing). | ||||
CVE-2018-10432 | 1 Pexip | 1 Pexip Infinity | 2024-08-05 | 7.5 High |
Pexip Infinity before 18 allows Remote Denial of Service (TLS handshakes in RTMP). | ||||
CVE-2018-10193 | 1 Logmein | 1 Lastpass | 2024-08-05 | N/A |
LogMeIn LastPass through 4.15.0 allows remote attackers to cause a denial of service (browser hang) via an HTML document because the resource consumption of onloadwff.js grows with the number of INPUT elements. | ||||
CVE-2018-10070 | 1 Mikrotik | 2 Router, Router Firmware | 2024-08-05 | N/A |
A vulnerability in MikroTik Version 6.41.4 could allow an unauthenticated remote attacker to exhaust all available CPU and all available RAM by sending a crafted FTP request on port 21 that begins with many '\0' characters, preventing the affected router from accepting new FTP connections. The router will reboot after 10 minutes, logging a "router was rebooted without proper shutdown" message. | ||||
CVE-2018-9996 | 1 Gnu | 1 Binutils | 2024-08-05 | N/A |
An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_template_value_parm, demangle_integral_value, and demangle_expression. |