Total
2084 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-17963 | 4 Canonical, Debian, Qemu and 1 more | 8 Ubuntu Linux, Debian Linux, Qemu and 5 more | 2024-11-21 | 9.8 Critical |
| qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact. | ||||
| CVE-2018-17962 | 6 Canonical, Debian, Oracle and 3 more | 7 Ubuntu Linux, Debian Linux, Linux and 4 more | 2024-11-21 | N/A |
| Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used. | ||||
| CVE-2018-17958 | 4 Canonical, Debian, Qemu and 1 more | 8 Ubuntu Linux, Debian Linux, Qemu and 5 more | 2024-11-21 | 7.5 High |
| Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used. | ||||
| CVE-2018-17937 | 3 Debian, Gpsd Project, Microjson Project | 3 Debian Linux, Gpsd, Microjson | 2024-11-21 | 8.8 High |
| gpsd versions 2.90 to 3.17 and microjson versions 1.0 to 1.3, an open source project, allow a stack-based buffer overflow, which may allow remote attackers to execute arbitrary code on embedded platforms via traffic on Port 2947/TCP or crafted JSON inputs. | ||||
| CVE-2018-17930 | 1 Teledynedalsa | 1 Sherlock | 2024-11-21 | 9.8 Critical |
| A stack-based buffer overflow vulnerability has been identified in Teledyne DALSA Sherlock Version 7.2.7.4 and prior, which may allow remote code execution. | ||||
| CVE-2018-17929 | 1 Deltaww | 1 Tpeditor | 2024-11-21 | 7.8 High |
| In Delta Industrial Automation TPEditor, TPEditor Versions 1.90 and prior, multiple stack-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files lacking user input validation before copying data from project files onto the stack and may allow an attacker to remotely execute arbitrary code. | ||||
| CVE-2018-17916 | 1 Aveva | 3 Edge, Indusoft Web Studio, Intouch Machine Edition 2014 | 2024-11-21 | 9.8 Critical |
| InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI (formerly InTouch Machine Edition) versions prior to 2017 SP2. A remote attacker could send a carefully crafted packet to exploit a stack-based buffer overflow vulnerability during tag, alarm, or event related actions such as read and write, with potential for code to be executed. If InduSoft Web Studio remote communication security was not enabled, or a password was left blank, a remote user could send a carefully crafted packet to invoke an arbitrary process, with potential for code to be executed. The code would be executed under the privileges of the InduSoft Web Studio or InTouch Edge HMI runtime and could lead to a compromise of the InduSoft Web Studio or InTouch Edge HMI server machine. | ||||
| CVE-2018-17911 | 1 Lcds | 1 Laquis Scada | 2024-11-21 | 7.8 High |
| LAquis SCADA Versions 4.1.0.3870 and prior has several stack-based buffer overflow vulnerabilities, which may allow remote code execution. | ||||
| CVE-2018-17910 | 1 Advantech | 1 Webaccess | 2024-11-21 | N/A |
| WebAccess Versions 8.3.2 and prior. The application fails to properly validate the length of user-supplied data, causing a buffer overflow condition that allows for arbitrary remote code execution. | ||||
| CVE-2018-17614 | 1 Losant | 1 Arduino Mqtt Client | 2024-11-21 | N/A |
| This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Losant Arduino MQTT Client prior to V2.7. User interaction is not required to exploit this vulnerability. The specific flaw exists within the parsing of MQTT PUBLISH packets. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6436. | ||||
| CVE-2018-17439 | 1 Hdfgroup | 1 Hdf5 | 2024-11-21 | N/A |
| An issue was discovered in the HDF HDF5 1.10.3 library. There is a stack-based buffer overflow in the function H5S_extent_get_dims() in H5S.c. Specifically, this issue occurs while converting an HDF5 file to a GIF file. | ||||
| CVE-2018-17294 | 3 Canonical, Liblouis, Opensuse | 3 Ubuntu Linux, Liblouis, Leap | 2024-11-21 | N/A |
| The matchCurrentInput function inside lou_translateString.c of Liblouis prior to 3.7 does not check the input string's length, allowing attackers to cause a denial of service (application crash via out-of-bounds read) by crafting an input file with certain translation dictionaries. | ||||
| CVE-2018-16745 | 1 Mgetty Project | 1 Mgetty | 2024-11-21 | N/A |
| An issue was discovered in mgetty before 1.2.1. In fax_notify_mail() in faxrec.c, the mail_to parameter is not sanitized. It could allow a buffer overflow if long untrusted input can reach it. | ||||
| CVE-2018-16743 | 1 Mgetty Project | 1 Mgetty | 2024-11-21 | N/A |
| An issue was discovered in mgetty before 1.2.1. In contrib/next-login/login.c, the command-line parameter username is passed unsanitized to strcpy(), which can cause a stack-based buffer overflow. | ||||
| CVE-2018-16742 | 1 Mgetty Project | 1 Mgetty | 2024-11-21 | N/A |
| An issue was discovered in mgetty before 1.2.1. In contrib/scrts.c, a stack-based buffer overflow can be triggered via a command-line parameter. | ||||
| CVE-2018-14829 | 1 Rockwellautomation | 1 Rslinx | 2024-11-21 | N/A |
| Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. This vulnerability may allow a remote threat actor to intentionally send a malformed CIP packet to Port 44818, causing the software application to stop responding and crash. This vulnerability also has the potential to exploit a buffer overflow condition, which may allow the threat actor to remotely execute arbitrary code. | ||||
| CVE-2018-14823 | 1 Fujielectric | 2 V-server, V-server Firmware | 2024-11-21 | 9.8 Critical |
| Fuji Electric V-Server 4.0.3.0 and prior, A stack-based buffer overflow vulnerability has been identified, which may allow remote code execution. | ||||
| CVE-2018-14818 | 1 We-con | 2 Pi Studio, Pi Studio Hmi | 2024-11-21 | 9.8 Critical |
| WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior have a stack-based buffer overflow vulnerability which may allow remote code execution. | ||||
| CVE-2018-14816 | 1 Advantech | 1 Webaccess | 2024-11-21 | 9.8 Critical |
| Advantech WebAccess 8.3.1 and earlier has several stack-based buffer overflow vulnerabilities that have been identified, which may allow an attacker to execute arbitrary code. | ||||
| CVE-2018-14807 | 1 Opto22 | 1 Pac Control | 2024-11-21 | 9.8 Critical |
| A stack-based buffer overflow vulnerability in Opto 22 PAC Control Basic and PAC Control Professional versions R10.0a and prior may allow remote code execution. | ||||