Total
11965 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-4928 | 3 Adobe, Apple, Microsoft | 3 Indesign, Mac Os X, Windows | 2018-06-22 | 9.3 HIGH | 7.8 HIGH |
| Adobe InDesign versions 13.0 and below have an exploitable Memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. | |||||
| CVE-2018-10731 | 1 Phoenixcontact | 58 Fl Switch 3004t-fx, Fl Switch 3004t-fx Firmware, Fl Switch 3004t-fx St and 55 more | 2018-06-20 | 9.3 HIGH | 9.0 CRITICAL |
| All Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products running firmware version 1.0 to 1.33 are prone to buffer overflows when handling very large cookies (a different vulnerability than CVE-2018-10728). | |||||
| CVE-2018-10728 | 1 Phoenixcontact | 58 Fl Switch 3004t-fx, Fl Switch 3004t-fx Firmware, Fl Switch 3004t-fx St and 55 more | 2018-06-20 | 6.8 MEDIUM | 8.1 HIGH |
| All Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products running firmware version 1.0 to 1.33 are prone to buffer overflows (a different vulnerability than CVE-2018-10731). | |||||
| CVE-2018-11226 | 1 Libming | 1 Libming | 2018-06-20 | 6.8 MEDIUM | 8.8 HIGH |
| The getString function in decompile.c in libming through 0.4.8 mishandles cases where the header indicates a file size greater than the actual size, which allows remote attackers to cause a denial of service (Segmentation fault and application crash) or possibly have unspecified other impact. | |||||
| CVE-2017-15670 | 1 Gnu | 1 Glibc | 2018-06-20 | 7.5 HIGH | 9.8 CRITICAL |
| The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the ~ operator followed by a long string. | |||||
| CVE-2018-3661 | 1 Intel | 2 Selview, Syscfg | 2018-06-19 | 2.1 LOW | 5.5 MEDIUM |
| Buffer overflow in Intel system Configuration utilities selview.exe and syscfg.exe before version 14 build 11 allows a local user to crash these services potentially resulting in a denial of service. | |||||
| CVE-2018-11033 | 1 Xpdfreader | 1 Xpdf | 2018-06-19 | 6.8 MEDIUM | 7.8 HIGH |
| The DCTStream::readHuffSym function in Stream.cc in the DCT decoder in xpdf before 4.00 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JPEG data. | |||||
| CVE-2018-3568 | 1 Google | 1 Android | 2018-06-19 | 4.6 MEDIUM | 7.8 HIGH |
| In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in __wlan_hdd_cfg80211_vendor_scan(), a buffer overwrite can potentially occur. | |||||
| CVE-2018-5827 | 1 Google | 1 Android | 2018-06-19 | 4.6 MEDIUM | 7.8 HIGH |
| In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, a buffer overflow vulnerability exists in WLAN while processing an extscan hotlist event. | |||||
| CVE-2018-3567 | 1 Google | 1 Android | 2018-06-19 | 4.6 MEDIUM | 7.8 HIGH |
| In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, a buffer overflow vulnerability exists in WLAN while processing the HTT_T2H_MSG_TYPE_PEER_MAP or HTT_T2H_MSG_TYPE_PEER_UNMAP messages. | |||||
| CVE-2017-15855 | 1 Google | 1 Android | 2018-06-19 | 4.6 MEDIUM | 7.8 HIGH |
| In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, the camera application triggers "user-memory-access" issue as the Camera CPP module Linux driver directly accesses the application provided buffer, which resides in user space. An unchecked userspace value (ioctl_ptr->len) is used to copy contents to a kernel buffer which can lead to kernel buffer overflow. | |||||
| CVE-2018-10996 | 1 D-link | 2 Dir-629-b, Dir-629-b Firmware | 2018-06-18 | 10.0 HIGH | 9.8 CRITICAL |
| The weblogin_log function in /htdocs/cgibin on D-Link DIR-629-B1 devices allows attackers to execute arbitrary code or cause a denial of service (buffer overflow) via a session.cgi?ACTION=logout request involving a long REMOTE_ADDR environment variable. | |||||
| CVE-2017-12942 | 1 Rarlab | 1 Unrar | 2018-06-16 | 7.5 HIGH | 9.8 CRITICAL |
| libunrar.a in UnRAR before 5.5.7 has a buffer overflow in the Unpack::LongLZ function. | |||||
| CVE-2018-10655 | 1 Devicelock | 1 Plug And Play Auditor | 2018-06-14 | 6.8 MEDIUM | 7.8 HIGH |
| DLPnpAuditor.exe in DeviceLock Plug and Play Auditor (freeware) 5.72 has a Unicode Buffer Overflow (SEH). | |||||
| CVE-2017-14682 | 1 Imagemagick | 1 Imagemagick | 2018-06-14 | 6.8 MEDIUM | 8.8 HIGH |
| GetNextToken in MagickCore/token.c in ImageMagick 7.0.6 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted SVG document, a different vulnerability than CVE-2017-10928. | |||||
| CVE-2017-13758 | 1 Imagemagick | 1 Imagemagick | 2018-06-14 | 4.3 MEDIUM | 6.5 MEDIUM |
| In ImageMagick 7.0.6-10, there is a heap-based buffer overflow in the TracePoint() function in MagickCore/draw.c. | |||||
| CVE-2017-14224 | 1 Imagemagick | 1 Imagemagick | 2018-06-14 | 6.8 MEDIUM | 8.8 HIGH |
| A heap-based buffer overflow in WritePCXImage in coders/pcx.c in ImageMagick 7.0.6-8 Q16 allows remote attackers to cause a denial of service or code execution via a crafted file. | |||||
| CVE-2017-12983 | 1 Imagemagick | 1 Imagemagick | 2018-06-14 | 6.8 MEDIUM | 8.8 HIGH |
| Heap-based buffer overflow in the ReadSFWImage function in coders/sfw.c in ImageMagick 7.0.6-8 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file. | |||||
| CVE-2017-11640 | 1 Imagemagick | 1 Imagemagick | 2018-06-14 | 4.3 MEDIUM | 6.5 MEDIUM |
| When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to an address access exception in the WritePTIFImage() function in coders/tiff.c. | |||||
| CVE-2018-6242 | 1 Nvidia | 2 Tegra Bootrom Rcm, Tegra Mobile Processor | 2018-06-13 | 7.2 HIGH | 6.8 MEDIUM |
| Some NVIDIA Tegra mobile processors released prior to 2016 contain a buffer overflow vulnerability in BootROM Recovery Mode (RCM). An attacker with physical access to the device's USB and the ability to force the device to reboot into RCM could exploit the vulnerability to execute unverified code. | |||||