Total
4055 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-17773 | 1 Ingenico | 2 Telium 2, Telium 2 Firmware | 2024-11-21 | 6.8 Medium |
| Ingenico Telium 2 POS terminals have a buffer overflow via SOCKET_TASK in the NTPT3 protocol. This is fixed in Telium 2 SDK v9.32.03 patch N. | ||||
| CVE-2018-17770 | 1 Ingenico | 2 Telium 2, Telium 2 Firmware | 2024-11-21 | 6.6 Medium |
| Ingenico Telium 2 POS terminals have a buffer overflow via the RemotePutFile command of the NTPT3 protocol. This is fixed in Telium 2 SDK v9.32.03 patch N. | ||||
| CVE-2018-17769 | 1 Ingenico | 2 Telium 2, Telium 2 Firmware | 2024-11-21 | 6.6 Medium |
| Ingenico Telium 2 POS terminals have a buffer overflow via the 0x26 command of the NTPT3 protocol. This is fixed in Telium 2 SDK v9.32.03 patch N. | ||||
| CVE-2018-16427 | 2 Opensc Project, Redhat | 2 Opensc, Enterprise Linux | 2024-11-21 | N/A |
| Various out of bounds reads when handling responses in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to potentially crash the opensc library using programs. | ||||
| CVE-2018-16426 | 2 Opensc Project, Redhat | 2 Opensc, Enterprise Linux | 2024-11-21 | N/A |
| Endless recursion when handling responses from an IAS-ECC card in iasecc_select_file in libopensc/card-iasecc.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to hang or crash the opensc library using programs. | ||||
| CVE-2018-16425 | 1 Opensc Project | 1 Opensc | 2024-11-21 | N/A |
| A double free when handling responses from an HSM Card in sc_pkcs15emu_sc_hsm_init in libopensc/pkcs15-sc-hsm.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact. | ||||
| CVE-2018-16424 | 1 Opensc Project | 1 Opensc | 2024-11-21 | N/A |
| A double free when handling responses in read_file in tools/egk-tool.c (aka the eGK card tool) in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact. | ||||
| CVE-2018-16423 | 2 Opensc Project, Redhat | 2 Opensc, Enterprise Linux | 2024-11-21 | N/A |
| A double free when handling responses from a smartcard in sc_file_set_sec_attr in libopensc/sc.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact. | ||||
| CVE-2018-16422 | 2 Opensc Project, Redhat | 2 Opensc, Enterprise Linux | 2024-11-21 | N/A |
| A single byte buffer overflow when handling responses from an esteid Card in sc_pkcs15emu_esteid_init in libopensc/pkcs15-esteid.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact. | ||||
| CVE-2018-16421 | 2 Opensc Project, Redhat | 2 Opensc, Enterprise Linux | 2024-11-21 | N/A |
| Several buffer overflows when handling responses from a CAC Card in cac_get_serial_nr_from_CUID in libopensc/card-cac.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact. | ||||
| CVE-2018-16420 | 2 Opensc Project, Redhat | 2 Opensc, Enterprise Linux | 2024-11-21 | N/A |
| Several buffer overflows when handling responses from an ePass 2003 Card in decrypt_response in libopensc/card-epass2003.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact. | ||||
| CVE-2018-16419 | 2 Opensc Project, Redhat | 2 Opensc, Enterprise Linux | 2024-11-21 | N/A |
| Several buffer overflows when handling responses from a Cryptoflex card in read_public_key in tools/cryptoflex-tool.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact. | ||||
| CVE-2018-16418 | 2 Opensc Project, Redhat | 2 Opensc, Enterprise Linux | 2024-11-21 | N/A |
| A buffer overflow when handling string concatenation in util_acl_to_str in tools/util.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact. | ||||
| CVE-2018-16393 | 2 Opensc Project, Redhat | 2 Opensc, Enterprise Linux | 2024-11-21 | N/A |
| Several buffer overflows when handling responses from a Gemsafe V1 Smartcard in gemsafe_get_cert_len in libopensc/pkcs15-gemsafeV1.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact. | ||||
| CVE-2018-16392 | 2 Opensc Project, Redhat | 2 Opensc, Enterprise Linux | 2024-11-21 | N/A |
| Several buffer overflows when handling responses from a TCOS Card in tcos_select_file in libopensc/card-tcos.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact. | ||||
| CVE-2018-16391 | 2 Opensc Project, Redhat | 2 Opensc, Enterprise Linux | 2024-11-21 | N/A |
| Several buffer overflows when handling responses from a Muscle Card in muscle_list_files in libopensc/card-muscle.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact. | ||||
| CVE-2018-16301 | 1 Tcpdump | 1 Tcpdump | 2024-11-21 | 7.8 High |
| The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile(). To trigger this vulnerability the attacker needs to create a 4GB file on the local filesystem and to specify the file name as the value of the -F command-line argument of tcpdump. | ||||
| CVE-2018-14788 | 1 Fujielectric | 2 Alpha5 Smart Loader, Alpha5 Smart Loader Firmware | 2024-11-21 | N/A |
| Fuji Electric Alpha5 Smart Loader Versions 3.7 and prior. A buffer overflow information disclosure vulnerability occurs when parsing certain file types. | ||||
| CVE-2018-14652 | 2 Debian, Redhat | 7 Debian Linux, Enterprise Linux, Enterprise Linux Server and 4 more | 2024-11-21 | 6.5 Medium |
| The Gluster file system through versions 3.12 and 4.1.4 is vulnerable to a buffer overflow in the 'features/index' translator via the code handling the 'GF_XATTR_CLRLK_CMD' xattr in the 'pl_getxattr' function. A remote authenticated attacker could exploit this on a mounted volume to cause a denial of service. | ||||
| CVE-2018-14359 | 4 Canonical, Debian, Mutt and 1 more | 4 Ubuntu Linux, Debian Linux, Mutt and 1 more | 2024-11-21 | 9.8 Critical |
| An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They have a buffer overflow via base64 data. | ||||