ReportizFlow
Filtered by vendor
Subscriptions
Total
211 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-14680 | 5 Cabextract, Cabextract Project, Canonical and 2 more | 9 Libmspack, Cabextract, Ubuntu Linux and 6 more | 2024-11-21 | N/A |
| An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. It does not reject blank CHM filenames. | ||||
| CVE-2018-14679 | 5 Cabextract, Cabextract Project, Canonical and 2 more | 9 Libmspack, Cabextract, Ubuntu Linux and 6 more | 2024-11-21 | N/A |
| An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the CHM PMGI/PMGL chunk number validity checks, which could lead to denial of service (uninitialized data dereference and application crash). | ||||
| CVE-2018-14599 | 5 Canonical, Debian, Fedoraproject and 2 more | 8 Ubuntu Linux, Debian Linux, Fedora and 5 more | 2024-11-21 | 9.8 Critical |
| An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c is vulnerable to an off-by-one error caused by malicious server responses, leading to DoS or possibly unspecified other impact. | ||||
| CVE-2017-2618 | 3 Debian, Linux, Redhat | 10 Debian Linux, Linux Kernel, Enterprise Linux and 7 more | 2024-11-21 | N/A |
| A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files before 4.9.10. An empty (null) write to this file can crash the system by causing the system to attempt to access unmapped kernel memory. | ||||
| CVE-2017-1000416 | 1 Axtls Project | 1 Axtls | 2024-11-21 | N/A |
| axTLS version 1.5.3 has a coding error in the ASN.1 parser resulting in the year (19)50 of UTCTime being misinterpreted as 2050. | ||||
| CVE-2015-0841 | 1 Monopd Project | 1 Monopd | 2024-11-21 | 7.5 High |
| Off-by-one error in the readBuf function in listener.cpp in libcapsinetwork and monopd before 0.9.8, allows remote attackers to cause a denial of service (crash) via a long line. | ||||
| CVE-2014-8182 | 3 Debian, Openldap, Redhat | 3 Debian Linux, Openldap, Enterprise Linux | 2024-11-21 | 7.5 High |
| An off-by-one error leading to a crash was discovered in openldap 2.4 when processing DNS SRV messages. If slapd was configured to use the dnssrv backend, an attacker could crash the service with crafted DNS responses. | ||||
| CVE-2010-5331 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 7.8 High |
| In the Linux kernel before 2.6.34, a range check issue in drivers/gpu/drm/radeon/atombios.c could cause an off by one (buffer overflow) problem. NOTE: At least one Linux maintainer believes that this CVE is incorrectly assigned and should be rejected because the value is hard coded and are not user-controllable where it is used | ||||
| CVE-2024-45796 | 1 Oisf | 1 Suricata | 2024-10-22 | 5.3 Medium |
| Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, a logic error during fragment reassembly can lead to failed reassembly for valid traffic. An attacker could craft packets to trigger this behavior.This issue has been addressed in 7.0.7. | ||||
| CVE-2024-36136 | 1 Ivanti | 1 Avalanche | 2024-08-15 | 7.5 High |
| An off-by-one error in WLInfoRailService in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to crash the service, resulting in a DoS. | ||||
| CVE-2020-26159 | 2023-11-07 | 8.6 High | ||
| DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Further investigation showed that it was not a security issue. Notes: none | ||||