Total
2528 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-19093 | 1 Mz-automation | 1 Libiec61850 | 2024-11-21 | 7.5 High |
| An issue has been found in libIEC61850 v1.3. It is a SEGV in ControlObjectClient_setCommandTerminationHandler in client/client_control.c. NOTE: the software maintainer disputes this because it requires incorrect usage of the client_example_control program | ||||
| CVE-2018-18981 | 1 Rockwellautomation | 1 Factorytalk Services Platform | 2024-11-21 | N/A |
| In Rockwell Automation FactoryTalk Services Platform 2.90 and earlier, a remote unauthenticated attacker could send numerous crafted packets to service ports resulting in memory consumption that could lead to a partial or complete denial-of-service condition to the affected services. | ||||
| CVE-2018-18443 | 1 Ilm | 1 Openexr | 2024-11-21 | N/A |
| OpenEXR 2.3.0 has a memory leak in ThreadPool in IlmBase/IlmThread/IlmThreadPool.cpp, as demonstrated by exrmultiview. | ||||
| CVE-2018-18438 | 2 Qemu, Redhat | 3 Qemu, Enterprise Linux, Openstack | 2024-11-21 | N/A |
| Qemu has integer overflows because IOReadHandler and its associated functions use a signed integer data type for a size value. | ||||
| CVE-2018-18314 | 5 Canonical, Debian, Netapp and 2 more | 9 Ubuntu Linux, Debian Linux, E-series Santricity Os Controller and 6 more | 2024-11-21 | N/A |
| Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations. | ||||
| CVE-2018-18023 | 1 Imagemagick | 1 Imagemagick | 2024-11-21 | N/A |
| In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in the SVGStripString function of coders/svg.c, which allows attackers to cause a denial of service via a crafted SVG image file. | ||||
| CVE-2018-17942 | 1 Gnu | 1 Gnulib | 2024-11-21 | N/A |
| The convert_to_decimal function in vasnprintf.c in Gnulib before 2018-09-23 has a heap-based buffer overflow because memory is not allocated for a trailing '\0' character during %f processing. | ||||
| CVE-2018-17795 | 1 Libtiff | 1 Libtiff | 2024-11-21 | N/A |
| The function t2p_write_pdf in tiff2pdf.c in LibTIFF 4.0.9 and earlier allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, a similar issue to CVE-2017-9935. | ||||
| CVE-2018-17540 | 3 Canonical, Debian, Strongswan | 3 Ubuntu Linux, Debian Linux, Strongswan | 2024-11-21 | N/A |
| The gmp plugin in strongSwan before 5.7.1 has a Buffer Overflow via a crafted certificate. | ||||
| CVE-2018-17433 | 1 Hdfgroup | 1 Hdf5 | 2024-11-21 | N/A |
| A heap-based buffer overflow in ReadGifImageDesc() in gifread.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while converting a GIF file to an HDF file. | ||||
| CVE-2018-17229 | 2 Exiv2, Redhat | 2 Exiv2, Enterprise Linux | 2024-11-21 | N/A |
| Exiv2::d2Data in types.cpp in Exiv2 v0.26 allows remote attackers to cause a denial of service (heap-based buffer overflow) via a crafted image file. | ||||
| CVE-2018-16981 | 2 Debian, Nothings | 2 Debian Linux, Stb Image.h | 2024-11-21 | 8.8 High |
| stb stb_image.h 2.19, as used in catimg, Emscripten, and other products, has a heap-based buffer overflow in the stbi__out_gif_code function. | ||||
| CVE-2018-16839 | 4 Canonical, Debian, Haxx and 1 more | 4 Ubuntu Linux, Debian Linux, Curl and 1 more | 2024-11-21 | N/A |
| Curl versions 7.33.0 through 7.61.1 are vulnerable to a buffer overrun in the SASL authentication code that may lead to denial of service. | ||||
| CVE-2018-16435 | 4 Canonical, Debian, Littlecms and 1 more | 7 Ubuntu Linux, Debian Linux, Little Cms Color Engine and 4 more | 2024-11-21 | N/A |
| Little CMS (aka Little Color Management System) 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile. | ||||
| CVE-2018-16403 | 2 Elfutils Project, Redhat | 3 Elfutils, Ansible Tower, Enterprise Linux | 2024-11-21 | N/A |
| libdw in elfutils 0.173 checks the end of the attributes list incorrectly in dwarf_getabbrev in dwarf_getabbrev.c and dwarf_hasattr in dwarf_hasattr.c, leading to a heap-based buffer over-read and an application crash. | ||||
| CVE-2018-16376 | 1 Uclouvain | 1 Openjpeg | 2024-11-21 | N/A |
| An issue was discovered in OpenJPEG 2.3.0. A heap-based buffer overflow was discovered in the function t2_encode_packet in lib/openmj2/t2.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly unspecified other impact. | ||||
| CVE-2018-16375 | 1 Uclouvain | 1 Openjpeg | 2024-11-21 | N/A |
| An issue was discovered in OpenJPEG 2.3.0. Missing checks for header_info.height and header_info.width in the function pnmtoimage in bin/jpwl/convert.c can lead to a heap-based buffer overflow. | ||||
| CVE-2018-16335 | 2 Debian, Libtiff | 2 Debian Linux, Libtiff | 2024-11-21 | N/A |
| newoffsets handling in ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf. This is a different vulnerability than CVE-2018-15209. | ||||
| CVE-2018-15209 | 3 Debian, Libtiff, Redhat | 3 Debian Linux, Libtiff, Enterprise Linux | 2024-11-21 | N/A |
| ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf. | ||||
| CVE-2018-15127 | 4 Canonical, Debian, Libvnc Project and 1 more | 10 Ubuntu Linux, Debian Linux, Libvncserver and 7 more | 2024-11-21 | N/A |
| LibVNC before commit 502821828ed00b4a2c4bef90683d0fd88ce495de contains heap out-of-bound write vulnerability in server code of file transfer extension that can result remote code execution | ||||