Total
11965 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-5889 | 1 Google | 1 Android | 2018-08-27 | 4.6 MEDIUM | 7.8 HIGH |
| While processing a compressed kernel image, a buffer overflow can occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05. | |||||
| CVE-2018-5872 | 1 Google | 1 Android | 2018-08-27 | 8.3 HIGH | 8.0 HIGH |
| While parsing over-the-air information elements in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, the use of an out-of-range pointer offset can occur. | |||||
| CVE-2017-18158 | 1 Google | 1 Android | 2018-08-27 | 7.2 HIGH | 7.8 HIGH |
| Possible buffer overflows and array out of bounds accesses in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05 while flashing images. | |||||
| CVE-2017-17317 | 1 Huawei | 12 Dp300, Dp300 Firmware, Rp200 and 9 more | 2018-08-24 | 4.3 MEDIUM | 3.7 LOW |
| Common Open Policy Service Protocol (COPS) module in Huawei USG6300 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6500 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6600 V100R001C00; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00 has a buffer overflow vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted message to the affected products. Due to insufficient input validation, successful exploit may cause some services abnormal. | |||||
| CVE-2017-16913 | 1 Linux | 1 Linux Kernel | 2018-08-24 | 7.1 HIGH | 5.9 MEDIUM |
| The "stub_recv_cmd_submit()" function (drivers/usb/usbip/stub_rx.c) in the Linux Kernel before version 4.14.8, 4.9.71, and 4.4.114 when handling CMD_SUBMIT packets allows attackers to cause a denial of service (arbitrary memory allocation) via a specially crafted USB over IP packet. | |||||
| CVE-2018-14443 | 1 Gnu | 1 Libredwg | 2018-08-23 | 4.3 MEDIUM | 6.5 MEDIUM |
| get_first_owned_object in dwg.c in GNU LibreDWG 0.5.1036 allows remote attackers to cause a denial of service (SEGV). | |||||
| CVE-2013-0657 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2018-08-21 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in Schneider Electric Interactive Graphical SCADA System (IGSS) 10 and earlier allows remote attackers to execute arbitrary code by sending TCP port-12397 data that does not comply with a protocol. | |||||
| CVE-2018-10658 | 1 Axis | 780 A1001, A1001 Firmware, A8004-v and 777 more | 2018-08-20 | 5.0 MEDIUM | 7.5 HIGH |
| There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which causes a denial of service (crash). The crash arises from code inside libdbus-send.so shared object or similar. | |||||
| CVE-2018-10664 | 1 Axis | 780 A1001, A1001 Firmware, A8004-v and 777 more | 2018-08-20 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the httpd process in multiple models of Axis IP Cameras. There is Memory Corruption. | |||||
| CVE-2018-10659 | 1 Axis | 780 A1001, A1001 Firmware, A8004-v and 777 more | 2018-08-20 | 5.0 MEDIUM | 7.5 HIGH |
| There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which allows remote attackers to cause a denial of service (crash) by sending a crafted command which will result in a code path that calls the UND undefined ARM instruction. | |||||
| CVE-2018-12982 | 1 Podofo Project | 1 Podofo | 2018-08-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| Invalid memory read in the PoDoFo::PdfVariant::DelayedLoad() function in PdfVariant.h in PoDoFo 0.9.6-rc1 allows remote attackers to have denial-of-service impact via a crafted file. | |||||
| CVE-2018-12916 | 1 Pbc Project | 1 Pbc | 2018-08-17 | 7.5 HIGH | 9.8 CRITICAL |
| In libpbc.a in PBC through 2017-03-02, there is a Segmentation fault in _pbcP_message_default in proto.c. | |||||
| CVE-2017-7186 | 1 Pcre | 2 Pcre, Pcre2 | 2018-08-17 | 5.0 MEDIUM | 7.5 HIGH |
| libpcre1 in PCRE 8.40 and libpcre2 in PCRE2 10.23 allow remote attackers to cause a denial of service (segmentation violation for read access, and application crash) by triggering an invalid Unicode property lookup. | |||||
| CVE-2017-7245 | 1 Pcre | 1 Pcre | 2018-08-17 | 6.8 MEDIUM | 7.8 HIGH |
| Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 4) or possibly have unspecified other impact via a crafted file. | |||||
| CVE-2017-7246 | 1 Pcre | 1 Pcre | 2018-08-17 | 6.8 MEDIUM | 7.8 HIGH |
| Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 268) or possibly have unspecified other impact via a crafted file. | |||||
| CVE-2017-16740 | 1 Rockwellautomation | 12 1766-l32awa, 1766-l32awa Firmware, 1766-l32awaa and 9 more | 2018-08-16 | 7.5 HIGH | 10.0 CRITICAL |
| A Buffer Overflow issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1400 Controllers, Series B and C Versions 21.002 and earlier. The stack-based buffer overflow vulnerability has been identified, which may allow remote code execution. | |||||
| CVE-2018-5718 | 1 Safensoft | 3 Softcontrol Enterprise Suite, Softcontrol Syswatch, Softcontrol Tpsecure | 2018-08-14 | 5.6 MEDIUM | 7.1 HIGH |
| Improper restriction of write operations within the bounds of a memory buffer in snscore.sys in SoftControl/SafenSoft SysWatch, SoftControl/SafenSoft TPSecure, SoftControl/SafenSoft Enterprise Suite before version 4.4.1 allows local users to cause a denial of service (BSOD) or modify kernel-mode memory via loading of a forged DLL into an user-mode process. | |||||
| CVE-2017-7778 | 3 Debian, Mozilla, Sil | 5 Debian Linux, Firefox, Firefox Esr and 2 more | 2018-08-13 | 7.5 HIGH | 9.8 CRITICAL |
| A number of security vulnerabilities in the Graphite 2 library including out-of-bounds reads, buffer overflow reads and writes, and the use of uninitialized memory. These issues were addressed in Graphite 2 version 1.3.10. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2. | |||||
| CVE-2017-7845 | 2 Microsoft, Mozilla | 4 Windows, Firefox, Firefox Esr and 1 more | 2018-08-09 | 9.3 HIGH | 8.8 HIGH |
| A buffer overflow occurs when drawing and validating elements using Direct 3D 9 with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash. Note: This attack only affects Windows operating systems. Other operating systems are unaffected. This vulnerability affects Thunderbird < 52.5.2, Firefox ESR < 52.5.2, and Firefox < 57.0.2. | |||||
| CVE-2017-7824 | 3 Debian, Mozilla, Redhat | 9 Debian Linux, Firefox, Firefox Esr and 6 more | 2018-08-09 | 7.5 HIGH | 9.8 CRITICAL |
| A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4. | |||||