Total
11965 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-11876 | 1 Qualcomm | 8 Sd 835, Sd 835 Firmware, Sd 845 and 5 more | 2019-04-03 | 7.2 HIGH | 7.8 HIGH |
| Lack of input validation while copying to buffer in WLAN will lead to a buffer overflow in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660. | |||||
| CVE-2018-11877 | 1 Qualcomm | 8 Sd 835, Sd 835 Firmware, Sd 845 and 5 more | 2019-04-03 | 7.2 HIGH | 7.8 HIGH |
| When the buffer length passed is very large in WLAN, bounds check could be bypassed leading to potential buffer overwrite in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660. | |||||
| CVE-2018-15840 | 1 Tp-link | 2 Tl-wr840n, Tl-wr840n Firmware | 2019-04-02 | 5.0 MEDIUM | 7.5 HIGH |
| TP-Link TL-WR840N devices allow remote attackers to cause a denial of service (networking outage) via fragmented packets, as demonstrated by an "nmap -f" command. | |||||
| CVE-2018-18501 | 4 Canonical, Debian, Mozilla and 1 more | 10 Ubuntu Linux, Debian Linux, Firefox and 7 more | 2019-04-02 | 7.5 HIGH | 9.8 CRITICAL |
| Mozilla developers and community members reported memory safety bugs present in Firefox 64 and Firefox ESR 60.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60.5, Firefox ESR < 60.5, and Firefox < 65. | |||||
| CVE-2018-14745 | 1 Samsung | 2 Galaxy S6, Galaxy S6 Firmware | 2019-04-01 | 5.8 MEDIUM | 8.8 HIGH |
| Buffer overflow in prot_get_ring_space in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attacker (who has obtained code execution on the Wi-Fi chip) to overwrite kernel memory due to improper validation of the ring buffer read pointer. The Samsung ID is SVE-2018-12029. | |||||
| CVE-2019-10060 | 1 Verifone | 1 Verix Multi-app Conductor | 2019-03-28 | 6.8 MEDIUM | 8.1 HIGH |
| The Verix Multi-app Conductor application 2.7 for Verifone Verix suffers from a buffer overflow vulnerability that allows attackers to execute arbitrary code via a long configuration key value. An attacker must be able to download files to the device in order to exploit this vulnerability. | |||||
| CVE-2017-11111 | 2 Canonical, Nasm | 2 Ubuntu Linux, Netwide Assembler | 2019-03-28 | 6.8 MEDIUM | 7.8 HIGH |
| In Netwide Assembler (NASM) 2.14rc0, preproc.c allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file. | |||||
| CVE-2018-15814 | 1 Faststone | 1 Image Viewer | 2019-03-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| FastStone Image Viewer 6.5 has a User Mode Write AV starting at image00400000+0x00000000001cb509 via a crafted image file. | |||||
| CVE-2018-15813 | 1 Faststone | 1 Image Viewer | 2019-03-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| FastStone Image Viewer 6.5 has a User Mode Write AV starting at image00400000+0x00000000000e1237 via a crafted image file. | |||||
| CVE-2018-15816 | 1 Faststone | 1 Image Viewer | 2019-03-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| FastStone Image Viewer 6.5 has a Read Access Violation on Block Data Move starting at image00400000+0x0000000000002d7d via a crafted image file. | |||||
| CVE-2018-20642 | 1 Entrepreneur Job Portal Script Project | 1 Entrepreneur Job Portal Script | 2019-03-27 | 4.0 MEDIUM | 6.5 MEDIUM |
| PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 allows remote attackers to cause a denial of service (outage of profile editing) via crafted JavaScript code in the KeySkills field. | |||||
| CVE-2018-15817 | 1 Faststone | 1 Image Viewer | 2019-03-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| FastStone Image Viewer 6.5 has a Read Access Violation on Block Data Move starting at image00400000+0x0000000000002d63 via a crafted image file. | |||||
| CVE-2017-8594 | 1 Microsoft | 4 Internet Explorer, Windows 8.1, Windows Rt 8.1 and 1 more | 2019-03-26 | 7.6 HIGH | 7.5 HIGH |
| Internet Explorer on Microsoft Windows 8.1 and Windows RT 8.1, and Windows Server 2012 R2 allows an attacker to execute arbitrary code in the context of the current user when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability". | |||||
| CVE-2016-1762 | 6 Apple, Canonical, Debian and 3 more | 15 Iphone Os, Mac Os X, Safari and 12 more | 2019-03-26 | 5.8 MEDIUM | 8.1 HIGH |
| The xmlNextChar function in libxml2 before 2.9.4 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document. | |||||
| CVE-2017-17811 | 2 Canonical, Nasm | 2 Ubuntu Linux, Netwide Assembler | 2019-03-26 | 4.3 MEDIUM | 5.5 MEDIUM |
| In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer overflow that will cause a remote denial of service attack, related to a strcpy in paste_tokens in asm/preproc.c, a similar issue to CVE-2017-11111. | |||||
| CVE-2019-9968 | 2 Microsoft, Xnview | 2 Windows, Xnview Classic | 2019-03-25 | 6.8 MEDIUM | 7.8 HIGH |
| XnView Classic 2.48 on Windows allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file, related to ntdll!RtlQueueWorkItem. | |||||
| CVE-2019-9969 | 2 Microsoft, Xnview | 2 Windows, Xnview Classic | 2019-03-25 | 6.8 MEDIUM | 7.8 HIGH |
| XnView Classic 2.48 on Windows allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file, related to xnview+0x385399. | |||||
| CVE-2019-9967 | 2 Microsoft, Xnview | 2 Windows, Xnview Classic | 2019-03-25 | 6.8 MEDIUM | 7.8 HIGH |
| XnView Classic 2.48 on Windows allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file, related to ntdll!RtlPrefixUnicodeString. | |||||
| CVE-2019-9966 | 2 Microsoft, Xnview | 2 Windows, Xnview Classic | 2019-03-25 | 6.8 MEDIUM | 7.8 HIGH |
| XnView Classic 2.48 on Windows allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file, related to xnview+0x38536c. | |||||
| CVE-2019-9964 | 2 Microsoft, Xnview | 2 Windows, Xnview Mp | 2019-03-25 | 6.8 MEDIUM | 7.8 HIGH |
| XnView MP 0.93.1 on Windows allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file, related to ntdll!RtlpNtMakeTemporaryKey. | |||||