Total
12667 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-5810 | 2 Canonical, Libraw | 2 Ubuntu Linux, Libraw | 2024-11-21 | N/A |
| An error within the "rollei_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash. | ||||
| CVE-2018-5809 | 1 Libraw | 1 Libraw | 2024-11-21 | N/A |
| An error within the "LibRaw::parse_exif()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause a stack-based buffer overflow and subsequently execute arbitrary code. | ||||
| CVE-2018-5808 | 2 Debian, Libraw | 2 Debian Linux, Libraw | 2024-11-21 | N/A |
| An error within the "find_green()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause a stack-based buffer overflow and subsequently execute arbitrary code. | ||||
| CVE-2018-5805 | 2 Libraw, Redhat | 5 Libraw, Enterprise Linux, Enterprise Linux Desktop and 2 more | 2024-11-21 | N/A |
| A boundary error within the "quicktake_100_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to cause a stack-based buffer overflow and subsequently cause a crash. | ||||
| CVE-2018-5800 | 4 Canonical, Debian, Libraw and 1 more | 7 Ubuntu Linux, Debian Linux, Libraw and 4 more | 2024-11-21 | 6.5 Medium |
| An off-by-one error within the "LibRaw::kodak_ycbcr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.7 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash. | ||||
| CVE-2018-5793 | 1 Extremewireless | 1 Wing | 2024-11-21 | N/A |
| An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is a Remote, Unauthenticated Heap Overflow in the HSD Process over the MINT (Media Independent Tunnel) Protocol on the WiNG Access Point via crafted packets. | ||||
| CVE-2018-5792 | 1 Extremewireless | 1 Wing | 2024-11-21 | N/A |
| An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is a Remote, Unauthenticated Heap Overflow in the HSD Process over the MINT (Media Independent Tunnel) Protocol on the WiNG Access Point via crafted packets. | ||||
| CVE-2018-5791 | 1 Extremewireless | 1 Wing | 2024-11-21 | N/A |
| An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is a Remote, Unauthenticated Heap Overflow in the HSD Process over the MINT (Media Independent Tunnel) Protocol on the WiNG Access Point via crafted packets. | ||||
| CVE-2018-5787 | 1 Extremenetworks | 1 Extremewireless Wing | 2024-11-21 | N/A |
| An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is a Remote, Unauthenticated Stack Overflow in the RIM (Radio Interface Module) process running on the WiNG Access Point via crafted packets. | ||||
| CVE-2018-5721 | 1 Asuswrt-merlin | 1 Asuswrt-merlin | 2024-11-21 | 8.8 High |
| Stack-based buffer overflow in the ej_update_variables function in router/httpd/web.c on ASUS routers (when using software from https://github.com/RMerl/asuswrt-merlin) allows web authenticated attackers to execute code via a request that updates a setting. In ej_update_variables, the length of the variable action_script is not checked, as long as it includes a "_wan_if" substring. | ||||
| CVE-2018-5717 | 1 Ncr | 2 S2 Dispenser Controller, S2 Dispenser Controller Firmware | 2024-11-21 | N/A |
| Memory write mechanism in NCR S2 Dispenser controller before firmware version 0x0108 allows an unauthenticated user to upgrade or downgrade the firmware of the device, including to older versions with known vulnerabilities. | ||||
| CVE-2018-5703 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 9.8 Critical |
| The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.14.11 allows attackers to cause a denial of service (slab out-of-bounds write) or possibly have unspecified other impact via vectors involving TLS. | ||||
| CVE-2018-5675 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2024-11-21 | N/A |
| This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader before 9.1 and PhantomPDF before 9.1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of specially crafted pdf files with embedded u3d images. Crafted data in the PDF file can trigger an out-of-bounds write on a buffer. An attacker can leverage this vulnerability to execute code under the context of the current process. | ||||
| CVE-2018-5476 | 1 Deltaww | 1 Delta Industrial Automation Dopsoft | 2024-11-21 | 7.8 High |
| A Stack-based Buffer Overflow issue was discovered in Delta Electronics Delta Industrial Automation DOPSoft, Version 4.00.01 or prior. Stack-based buffer overflow vulnerabilities caused by processing specially crafted .dop or .dpb files may allow an attacker to remotely execute arbitrary code. | ||||
| CVE-2018-5475 | 1 Ge | 2 D60 Line Distance Relay, D60 Line Distance Relay Firmware | 2024-11-21 | 9.8 Critical |
| A Stack-based Buffer Overflow issue was discovered in GE D60 Line Distance Relay devices running firmware Version 7.11 and prior. Multiple stack-based buffer overflow vulnerabilities have been identified, which may allow remote code execution. | ||||
| CVE-2018-5452 | 1 Emerson | 2 Controlwave Micro, Controlwave Micro Firmware | 2024-11-21 | 7.5 High |
| A Stack-based Buffer Overflow issue was discovered in Emerson Process Management ControlWave Micro Process Automation Controller: ControlWave Micro [ProConOS v.4.01.280] firmware: CWM v.05.78.00 and prior. A stack-based buffer overflow vulnerability caused by sending crafted packets on Port 20547 could force the PLC to change its state into halt mode. | ||||
| CVE-2018-5442 | 1 Fujielectric | 2 V-server Vpr, V-server Vpr Firmware | 2024-11-21 | 9.8 Critical |
| A Stack-based Buffer Overflow issue was discovered in Fuji Electric V-Server VPR 4.0.1.0 and prior. The stack-based buffer overflow vulnerability has been identified, which may allow remote code execution. | ||||
| CVE-2018-5440 | 1 3s-software | 2 Codesys Runtime System, Codesys Web Server | 2024-11-21 | 9.8 Critical |
| A Stack-based Buffer Overflow issue was discovered in 3S-Smart CODESYS Web Server. Specifically: all Microsoft Windows (also WinCE) based CODESYS web servers running stand-alone Version 2.3, or as part of the CODESYS runtime system running prior to Version V1.1.9.19. A crafted request may cause a buffer overflow and could therefore execute arbitrary code on the web server or lead to a denial-of-service condition due to a crash in the web server. | ||||
| CVE-2018-5410 | 1 Dokan Project | 1 Dokan | 2024-11-21 | 7.8 High |
| Dokan, versions between 1.0.0.5000 and 1.2.0.1000, are vulnerable to a stack-based buffer overflow in the dokan1.sys driver. An attacker can create a device handle to the system driver and send arbitrary input that will trigger the vulnerability. This vulnerability was introduced in the 1.0.0.5000 version update. | ||||
| CVE-2018-5388 | 3 Canonical, Debian, Strongswan | 3 Ubuntu Linux, Debian Linux, Strongswan | 2024-11-21 | N/A |
| In stroke_socket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket. | ||||