Total
11965 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-9092 | 3 Canonical, Fedoraproject, Libjpeg-turbo | 3 Ubuntu Linux, Fedora, Libjpeg-turbo | 2018-07-12 | 4.3 MEDIUM | 6.5 MEDIUM |
| libjpeg-turbo before 1.3.1 allows remote attackers to cause a denial of service (crash) via a crafted JPEG file, related to the Exif marker. | |||||
| CVE-2017-10602 | 1 Juniper | 1 Junos | 2018-07-12 | 7.2 HIGH | 7.8 HIGH |
| A buffer overflow vulnerability in Junos OS CLI may allow a local authenticated user with read only privileges and access to Junos CLI, to execute code with root privileges. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D46 on EX2200/VC, EX3200, EX3300/VC, EX4200, EX4300, EX4550/VC, EX4600, EX6200, EX8200/VC (XRE), QFX3500, QFX3600, QFX5100; 14.1X53 versions prior to 14.1X53-D130 on QFabric System; 14.2 versions prior to 14.2R4-S9, 14.2R6; 15.1 versions prior to 15.1F5, 15.1R3; 15.1X49 versions prior to 15.1X49-D40 on SRX Series; 15.1X53 versions prior to 15.1X53-D47 on NFX150, NFX250; 15.1X53 versions prior to 15.1X53-D65 on QFX10000 Series; 15.1X53 versions prior to 15.1X53-D233 on QFX5110, QFX5200. | |||||
| CVE-2016-10253 | 1 Erlang | 1 Erlang\/otp | 2018-07-11 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Erlang/OTP 18.x. Erlang's generation of compiled regular expressions is vulnerable to a heap overflow. Regular expressions using a malformed extpattern can indirectly specify an offset that is used as an array index. This ordinal permits arbitrary regions within the erts_alloc arena to be both read and written to. | |||||
| CVE-2015-7243 | 1 Boxoft | 1 Boxoft Wav To Mp3 Converter | 2018-07-06 | 7.5 HIGH | N/A |
| Buffer overflow in Boxoft WAV to MP3 Converter allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted WAV file. | |||||
| CVE-2018-11498 | 1 Lizard Project | 2 Lizard, Lz5 | 2018-07-05 | 6.8 MEDIUM | 7.8 HIGH |
| In Lizard v1.0 and LZ5 v2.0 (the prior release, before the product was renamed), there is an unchecked buffer size during a memcpy in the Lizard_decompress_LIZv1 function (lib/lizard_decompress_liz.h). Remote attackers can leverage this vulnerability to cause a denial of service via a crafted input file, as well as achieve remote code execution. | |||||
| CVE-2018-11707 | 1 Faststone | 1 Image Viewer | 2018-07-02 | 6.8 MEDIUM | 7.8 HIGH |
| FastStone Image Viewer 6.2 has a User Mode Read and Execute AV at 0x0057898e, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other impact. | |||||
| CVE-2018-11706 | 1 Faststone | 1 Image Viewer | 2018-07-02 | 6.8 MEDIUM | 7.8 HIGH |
| FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00578dd8, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other impact. | |||||
| CVE-2018-11705 | 1 Faststone | 1 Image Viewer | 2018-07-02 | 6.8 MEDIUM | 7.8 HIGH |
| FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00578cc4, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other impact. | |||||
| CVE-2018-11703 | 1 Faststone | 1 Image Viewer | 2018-07-02 | 6.8 MEDIUM | 7.8 HIGH |
| FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00402d6a, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other impact. | |||||
| CVE-2018-11704 | 1 Faststone | 1 Image Viewer | 2018-07-02 | 6.8 MEDIUM | 7.8 HIGH |
| FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00402d7d, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other impact. | |||||
| CVE-2018-11702 | 1 Faststone | 1 Image Viewer | 2018-07-02 | 6.8 MEDIUM | 7.8 HIGH |
| FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00578cb3, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other impact. | |||||
| CVE-2018-11701 | 1 Faststone | 1 Image Viewer | 2018-07-02 | 6.8 MEDIUM | 7.8 HIGH |
| FastStone Image Viewer 6.2 has a User Mode Write AV at 0x005cb509, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other impact. | |||||
| CVE-2017-12824 | 1 Inpage | 1 Inpage | 2018-06-29 | 6.8 MEDIUM | 7.8 HIGH |
| Special crafted InPage document leads to arbitrary code execution in InPage reader. | |||||
| CVE-2018-11378 | 1 Radare | 1 Radare2 | 2018-06-28 | 6.8 MEDIUM | 7.8 HIGH |
| The wasm_dis() function in libr/asm/arch/wasm/wasm.c in or possibly have unspecified other impact via a crafted WASM file. | |||||
| CVE-2017-7827 | 1 Mozilla | 1 Firefox | 2018-06-25 | 10.0 HIGH | 9.8 CRITICAL |
| Memory safety bugs were reported in Firefox 56. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 57. | |||||
| CVE-2018-5094 | 2 Canonical, Mozilla | 2 Ubuntu Linux, Firefox | 2018-06-25 | 5.0 MEDIUM | 7.5 HIGH |
| A heap buffer overflow vulnerability may occur in WebAssembly when "shrinkElements" is called followed by garbage collection on memory that is now uninitialized. This results in a potentially exploitable crash. This vulnerability affects Firefox < 58. | |||||
| CVE-2018-5093 | 2 Canonical, Mozilla | 2 Ubuntu Linux, Firefox | 2018-06-25 | 5.0 MEDIUM | 7.5 HIGH |
| A heap buffer overflow vulnerability may occur in WebAssembly during Memory/Table resizing, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 58. | |||||
| CVE-2018-5090 | 2 Canonical, Mozilla | 2 Ubuntu Linux, Firefox | 2018-06-25 | 10.0 HIGH | 9.8 CRITICAL |
| Memory safety bugs were reported in Firefox 57. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 58. | |||||
| CVE-2018-11225 | 1 Libming | 1 Libming | 2018-06-25 | 6.8 MEDIUM | 8.8 HIGH |
| The dcputs function in decompile.c in libming through 0.4.8 mishandles cases where the header indicates a file size greater than the actual size, which allows remote attackers to cause a denial of service (Segmentation fault and application crash) or possibly have unspecified other impact. | |||||
| CVE-2018-11224 | 1 Libav | 1 Libav | 2018-06-25 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Libav 12.3. A read access violation in the in_table_init16 function in libavcodec/aacsbr.c allows remote attackers to cause a denial of service (application crash), as demonstrated by avconv. | |||||