ReportizFlow
Filtered by vendor
Subscriptions
Total
12325 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-12601 | 2 Debian, Sam2p Project | 2 Debian Linux, Sam2p | 2024-11-21 | N/A |
| There is a heap-based buffer overflow in ReadImage in input-tga.ci in sam2p 0.49.4 that leads to a denial of service or possibly unspecified other impact. | ||||
| CVE-2018-12600 | 4 Canonical, Debian, Imagemagick and 1 more | 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more | 2024-11-21 | N/A |
| In ImageMagick 7.0.8-3 Q16, ReadDIBImage and WriteDIBImage in coders/dib.c allow attackers to cause an out of bounds write via a crafted file. | ||||
| CVE-2018-12599 | 4 Canonical, Debian, Imagemagick and 1 more | 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more | 2024-11-21 | N/A |
| In ImageMagick 7.0.8-3 Q16, ReadBMPImage and WriteBMPImage in coders/bmp.c allow attackers to cause an out of bounds write via a crafted file. | ||||
| CVE-2018-12578 | 1 Sam2p Project | 1 Sam2p | 2024-11-21 | N/A |
| There is a heap-based buffer overflow in bmp_compress1_row in appliers.cpp in sam2p 0.49.4 that leads to a denial of service or possibly unspecified other impact. | ||||
| CVE-2018-12447 | 1 Libbpg Project | 1 Libbpg | 2024-11-21 | N/A |
| The restore_tqb_pixels function in hevc_filter.c in libavcodec, as used in libbpg 0.9.8 and other products, has an integer overflow that leads to a heap-based buffer overflow and remote code execution. | ||||
| CVE-2018-12406 | 2 Canonical, Mozilla | 2 Ubuntu Linux, Firefox | 2024-11-21 | N/A |
| Mozilla developers and community members reported memory safety bugs present in Firefox 63. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 64. | ||||
| CVE-2018-12393 | 4 Canonical, Debian, Mozilla and 1 more | 12 Ubuntu Linux, Debian Linux, Firefox and 9 more | 2024-11-21 | N/A |
| A potential vulnerability was found in 32-bit builds where an integer overflow during the conversion of scripts to an internal UTF-16 representation could result in allocating a buffer too small for the conversion. This leads to a possible out-of-bounds write. *Note: 64-bit builds are not vulnerable to this issue.*. This vulnerability affects Firefox < 63, Firefox ESR < 60.3, and Thunderbird < 60.3. | ||||
| CVE-2018-12386 | 4 Canonical, Debian, Mozilla and 1 more | 11 Ubuntu Linux, Debian Linux, Firefox and 8 more | 2024-11-21 | N/A |
| A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process when triggered. This vulnerability affects Firefox ESR < 60.2.2 and Firefox < 62.0.3. | ||||
| CVE-2018-12379 | 3 Debian, Mozilla, Redhat | 11 Debian Linux, Firefox, Firefox Esr and 8 more | 2024-11-21 | N/A |
| When the Mozilla Updater opens a MAR format file which contains a very long item filename, an out-of-bounds write can be triggered, leading to a potentially exploitable crash. This requires running the Mozilla Updater manually on the local system with the malicious MAR file in order to occur. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1. | ||||
| CVE-2018-12327 | 2 Ntp, Redhat | 3 Ntp, Enterprise Linux, Rhel Eus | 2024-11-21 | N/A |
| Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 allows an attacker to achieve code execution or escalate to higher privileges via a long string as the argument for an IPv4 or IPv6 command-line parameter. NOTE: It is unclear whether there are any common situations in which ntpq or ntpdc is used with a command line from an untrusted source. | ||||
| CVE-2018-12293 | 3 Canonical, Webkitgtk, Wpewebkit | 3 Ubuntu Linux, Webkitgtk\+, Wpe Webkit | 2024-11-21 | N/A |
| The getImageData function in the ImageBufferCairo class in WebCore/platform/graphics/cairo/ImageBufferCairo.cpp in WebKit, as used in WebKitGTK+ prior to version 2.20.3 and WPE WebKit prior to version 2.20.1, is vulnerable to a heap-based buffer overflow triggered by an integer overflow, which could be abused by crafted HTML content. | ||||
| CVE-2018-12183 | 1 Tianocore | 1 Edk Ii | 2024-11-21 | N/A |
| Stack overflow in DxeCore for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access. | ||||
| CVE-2018-12181 | 2 Redhat, Tianocore | 2 Enterprise Linux, Edk Ii | 2024-11-21 | N/A |
| Stack overflow in corrupted bmp for EDK II may allow unprivileged user to potentially enable denial of service or elevation of privilege via local access. | ||||
| CVE-2018-12180 | 3 Opensuse, Redhat, Tianocore | 3 Leap, Enterprise Linux, Edk Ii | 2024-11-21 | N/A |
| Buffer overflow in BlockIo service for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via network access. | ||||
| CVE-2018-12178 | 1 Tianocore | 1 Edk Ii | 2024-11-21 | N/A |
| Buffer overflow in network stack for EDK II may allow unprivileged user to potentially enable escalation of privilege and/or denial of service via network. | ||||
| CVE-2018-12174 | 1 Intel | 1 Parallel Studio Xe | 2024-11-21 | N/A |
| Heap overflow in Intel Trace Analyzer 2018 in Intel Parallel Studio XE 2018 Update 3 may allow an authenticated user to potentially escalate privileges via local access. | ||||
| CVE-2018-12115 | 2 Nodejs, Redhat | 5 Node.js, Openshift, Openshift Application Runtimes and 2 more | 2024-11-21 | N/A |
| In all versions of Node.js prior to 6.14.4, 8.11.4 and 10.9.0 when used with UCS-2 encoding (recognized by Node.js under the names `'ucs2'`, `'ucs-2'`, `'utf16le'` and `'utf-16le'`), `Buffer#write()` can be abused to write outside of the bounds of a single `Buffer`. Writes that start from the second-to-last position of a buffer cause a miscalculation of the maximum length of the input bytes to be written. | ||||
| CVE-2018-12109 | 1 Flif | 1 Flif | 2024-11-21 | N/A |
| An issue was discovered in Free Lossless Image Format (FLIF) 0.3. The TransformPaletteC<FileIO>::process function in transform/palette_C.hpp allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PAM image file. | ||||
| CVE-2018-12086 | 2 Debian, Opcfoundation | 5 Debian Linux, Unified Architecture-.net-legacy, Unified Architecture-java and 2 more | 2024-11-21 | N/A |
| Buffer overflow in OPC UA applications allows remote attackers to trigger a stack overflow with carefully structured requests. | ||||
| CVE-2018-12085 | 4 Canonical, Liblouis, Opensuse and 1 more | 4 Ubuntu Linux, Liblouis, Leap and 1 more | 2024-11-21 | N/A |
| Liblouis 3.6.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c, a different vulnerability than CVE-2018-11440. | ||||