Search
Total
11946 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-1000886 | 1 Nasm | 1 Netwide Assembler | 2019-02-01 | 4.3 MEDIUM | 5.5 MEDIUM |
| nasm version 2.14.01rc5, 2.15 contains a Buffer Overflow vulnerability in asm/stdscan.c:130 that can result in Stack-overflow caused by triggering endless macro generation, crash the program. This attack appear to be exploitable via a crafted nasm input file. | |||||
| CVE-2018-19792 | 1 Litespeedtech | 1 Openlitespeed | 2019-01-31 | 4.6 MEDIUM | 6.7 MEDIUM |
| The server in LiteSpeed OpenLiteSpeed before 1.5.0 RC6 allows local users to cause a denial of service (buffer overflow) or possibly have unspecified other impact by creating a symlink through which the openlitespeed program can be invoked with a long command name (involving ../ characters), which is mishandled in the LshttpdMain::getServerRootFromExecutablePath function. | |||||
| CVE-2015-1140 | 1 Apple | 1 Mac Os X | 2019-01-31 | 7.2 HIGH | N/A |
| Buffer overflow in IOHIDFamily in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors. | |||||
| CVE-2018-19587 | 1 Cesanta | 1 Mongoose | 2019-01-31 | 4.3 MEDIUM | 6.5 MEDIUM |
| In Cesanta Mongoose 6.13, a SIGSEGV exists in the mongoose.c mg_mqtt_add_session() function. | |||||
| CVE-2018-20304 | 1 Libexcel Project | 1 Libexcel | 2019-01-31 | 4.3 MEDIUM | 6.5 MEDIUM |
| wbook_addworksheet in workbook.c in libexcel.a in libexcel 0.01 allows attackers to cause a denial of service (SEGV) via a long second argument. NOTE: this is not a Microsoft product. | |||||
| CVE-2018-18732 | 1 Tenda | 10 Ac10, Ac10 Firmware, Ac15 and 7 more | 2019-01-29 | 7.8 HIGH | 7.5 HIGH |
| An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the 'ntpServer' parameter for a post request, the value is directly used in a strcpy to a local variable placed on the stack, which overrides the return address of the function. | |||||
| CVE-2018-18731 | 1 Tenda | 10 Ac10, Ac10 Firmware, Ac15 and 7 more | 2019-01-29 | 7.8 HIGH | 7.5 HIGH |
| An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the 'deviceMac' parameter for a post request, the value is directly used in a sprintf to a local variable placed on the stack, which overrides the return address of the function. | |||||
| CVE-2018-15497 | 1 Mitel | 2 Mivoice 5330e, Mivoice 5330e Firmware | 2019-01-25 | 10.0 HIGH | 9.8 CRITICAL |
| The Mitel MiVoice 5330e VoIP device is affected by memory corruption flaws in the SIP/SDP packet handling functionality. An attacker can exploit this issue remotely, by sending a particular pattern of SIP/SDP packets, to cause a denial of service state in the affected devices and probably remote code execution. | |||||
| CVE-2018-11279 | 1 Qualcomm | 92 Mdm9206, Mdm9206 Firmware, Mdm9607 and 89 more | 2019-01-25 | 8.3 HIGH | 8.8 HIGH |
| Lack of check of input size can make device memory get corrupted because of buffer overflow in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 810, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130 | |||||
| CVE-2018-5881 | 1 Qualcomm | 32 Mdm9206, Mdm9206 Firmware, Mdm9607 and 29 more | 2019-01-24 | 8.3 HIGH | 8.8 HIGH |
| Improper validation of buffer length checks in the lwm2m device management protocol can leads to a buffer overflow in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 835, SDA660, SDM630, SDM660 | |||||
| CVE-2018-5880 | 1 Qualcomm | 32 Mdm9206, Mdm9206 Firmware, Mdm9607 and 29 more | 2019-01-24 | 7.2 HIGH | 7.8 HIGH |
| Improper data length check while processing an event report indication can lead to a buffer overflow in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 835, SDA660, SDM630, SDM660 | |||||
| CVE-2018-5868 | 1 Qualcomm | 32 Msm8996au, Msm8996au Firmware, Sd 425 and 29 more | 2019-01-24 | 7.2 HIGH | 7.8 HIGH |
| Lack of checking input size can lead to buffer overflow In WideVine in snapdragon automobile and snapdragon mobile in versions MSM8996AU, SD 425, SD 430, SD 450, SD 625, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDX24, SXR1130 | |||||
| CVE-2018-5867 | 1 Qualcomm | 76 Mdm9206, Mdm9206 Firmware, Mdm9607 and 73 more | 2019-01-24 | 7.2 HIGH | 7.8 HIGH |
| Lack of checking input size can lead to buffer overflow In WideVine in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016, SXR1130 | |||||
| CVE-2018-4281 | 1 Apple | 1 Swiftnio | 2019-01-24 | 7.5 HIGH | 9.8 CRITICAL |
| In SwiftNIO before 1.8.0, a buffer overflow was addressed with improved size validation. | |||||
| CVE-2017-6462 | 1 Ntp | 1 Ntp | 2019-01-24 | 4.6 MEDIUM | 7.8 HIGH |
| Buffer overflow in the legacy Datum Programmable Time Server (DPTS) refclock driver in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via a crafted /dev/datum device. | |||||
| CVE-2018-5866 | 1 Qualcomm | 32 Mdm9206, Mdm9206 Firmware, Mdm9607 and 29 more | 2019-01-23 | 7.2 HIGH | 7.8 HIGH |
| While processing logs, data is copied into a buffer pointed to by an untrusted pointer in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 835, SD 845, SD 850, SDA660. | |||||
| CVE-2018-4404 | 1 Apple | 2 Iphone Os, Mac Os X | 2019-01-23 | 9.3 HIGH | 7.8 HIGH |
| In iOS before 11.4 and macOS High Sierra before 10.13.5, a memory corruption issue exists and was addressed with improved memory handling. | |||||
| CVE-2018-4330 | 1 Apple | 1 Iphone Os | 2019-01-23 | 9.3 HIGH | 7.8 HIGH |
| In iOS before 11.4, a memory corruption issue exists and was addressed with improved memory handling. | |||||
| CVE-2018-18820 | 2 Debian, Xiph | 2 Debian Linux, Icecast | 2019-01-23 | 6.8 MEDIUM | 8.1 HIGH |
| A buffer overflow was discovered in the URL-authentication backend of the Icecast before 2.4.4. If the backend is enabled, then any malicious HTTP client can send a request for that specific resource including a crafted header, leading to denial of service and potentially remote code execution. | |||||
| CVE-2016-7576 | 1 Apple | 1 Iphone Os | 2019-01-17 | 9.3 HIGH | 7.8 HIGH |
| In iOS before 9.3.3, a memory corruption issue existed in the kernel. This issue was addressed through improved memory handling. | |||||
| CVE-2018-4147 | 2 Apple, Microsoft | 5 Icloud, Iphone Os, Itunes and 2 more | 2019-01-17 | 6.8 MEDIUM | 9.8 CRITICAL |
| In iCloud for Windows before 7.3, Safari before 11.0.3, iTunes before 12.7.3 for Windows, and iOS before 11.2.5, multiple memory corruption issues exist and were addressed with improved memory handling. | |||||
| CVE-2018-4189 | 1 Apple | 4 Apple Tv, Iphone Os, Mac Os X and 1 more | 2019-01-17 | 10.0 HIGH | 9.8 CRITICAL |
| In iOS before 11.2.5, macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan, watchOS before 4.2.2, and tvOS before 11.2.5, a memory corruption issue exists and was addressed with improved memory handling. | |||||
| CVE-2018-12326 | 1 Redislabs | 1 Redis | 2019-01-17 | 4.6 MEDIUM | 8.4 HIGH |
| Buffer overflow in redis-cli of Redis before 4.0.10 and 5.x before 5.0 RC3 allows an attacker to achieve code execution and escalate to higher privileges via a crafted command line. NOTE: It is unclear whether there are any common situations in which redis-cli is used with, for example, a -h (aka hostname) argument from an untrusted source. | |||||
| CVE-2018-0640 | 1 Nec | 2 Aterm Hc100rc, Aterm Hc100rc Firmware | 2019-01-16 | 6.5 MEDIUM | 7.2 HIGH |
| Buffer overflow in Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary code via netWizard.cgi date parameter, time parameter, and offset parameter. | |||||
| CVE-2018-0641 | 1 Nec | 2 Aterm Hc100rc, Aterm Hc100rc Firmware | 2019-01-16 | 6.5 MEDIUM | 7.2 HIGH |
| Buffer overflow in Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary code via tools_system.cgi date parameter, time parameter, and offset parameter. | |||||
| CVE-2018-0632 | 1 Nec | 2 Aterm W300p, Aterm W300p Firmware | 2019-01-16 | 6.5 MEDIUM | 7.2 HIGH |
| Buffer overflow in Aterm W300P Ver1.0.13 and earlier allows attacker with administrator rights to execute arbitrary code via HTTP request and response. | |||||
| CVE-2018-0633 | 1 Nec | 2 Aterm W300p, Aterm W300p Firmware | 2019-01-16 | 6.5 MEDIUM | 7.2 HIGH |
| Buffer overflow in Aterm W300P Ver1.0.13 and earlier allows attacker with administrator rights to execute arbitrary code via submit-url parameter. | |||||
| CVE-2018-19150 | 1 Pdfforge | 1 Pdf Architect | 2019-01-16 | 6.8 MEDIUM | 7.8 HIGH |
| Memory corruption in PDMODELProvidePDModelHFT in pdmodel.dll in pdfforge PDF Architect 6 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact because of a "Data from Faulting Address controls Code Flow" issue. | |||||
| CVE-2018-4257 | 1 Apple | 1 Mac Os X | 2019-01-16 | 10.0 HIGH | 9.8 CRITICAL |
| In macOS High Sierra before 10.13.5, a buffer overflow was addressed with improved size validation. | |||||
| CVE-2018-4258 | 1 Apple | 1 Mac Os X | 2019-01-16 | 10.0 HIGH | 9.8 CRITICAL |
| In macOS High Sierra before 10.13.5, a buffer overflow was addressed with improved bounds checking. | |||||
| CVE-2018-17470 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more | 2019-01-15 | 4.3 MEDIUM | 7.4 HIGH |
| A heap buffer overflow in GPU in Google Chrome prior to 70.0.3538.67 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | |||||
| CVE-2018-19240 | 1 Trendnet | 4 Tv-ip110wn, Tv-ip110wn Firmware, Tv-ip121wn and 1 more | 2019-01-14 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer overflow in network.cgi on TRENDnet TV-IP110WN V1.2.2 build 68, V1.2.2.65, and V1.2.2 build 64 and TV-IP121WN V1.2.2 build 28 devices allows attackers to hijack the control flow to any attacker-specified location by crafting a POST request payload (without authentication). | |||||
| CVE-2018-19241 | 1 Trendnet | 4 Tv-ip110wn, Tv-ip110wn Firmware, Tv-ip121wn and 1 more | 2019-01-14 | 5.0 MEDIUM | 7.5 HIGH |
| Buffer overflow in video.cgi on TRENDnet TV-IP110WN V1.2.2 build 68, V1.2.2.65, and V1.2.2 build 64 and TV-IP121WN V1.2.2 build 28 devices allows attackers to hijack the control flow to any attacker-specified location by crafting a POST request payload (without authentication). | |||||
| CVE-2018-19242 | 1 Trendnet | 4 Tew-632brp, Tew-632brp Firmware, Tew-673gru and 1 more | 2019-01-14 | 6.5 MEDIUM | 8.8 HIGH |
| Buffer overflow in apply.cgi on TRENDnet TEW-632BRP 1.010B32 and TEW-673GRU devices allows attackers to hijack the control flow to any attacker-specified location by crafting a POST request payload (with authentication). | |||||
| CVE-2018-18759 | 1 Modbustools | 1 Modbus Slave | 2019-01-14 | 5.0 MEDIUM | 7.5 HIGH |
| Modbus Slave 7.0.0 in modbus tools has a Buffer Overflow. | |||||
| CVE-2018-7796 | 1 Schneider-electric | 1 Powersuite 2 | 2019-01-11 | 6.8 MEDIUM | 6.3 MEDIUM |
| A Buffer Error vulnerability exists in PowerSuite 2, all released versions (VW3A8104 & Patches), which could cause an overflow in the memcpy function, leading to corruption of data and program instability. | |||||
| CVE-2018-20542 | 1 Libxsmm Project | 1 Libxsmm | 2019-01-11 | 6.8 MEDIUM | 8.8 HIGH |
| There is a heap-based buffer-overflow at generator_spgemm_csc_reader.c (function libxsmm_sparse_csc_reader) in LIBXSMM 1.10, a different vulnerability than CVE-2018-20541 (which is in a different part of the source code and is seen at a different address). | |||||
| CVE-2018-20213 | 1 Libexcel Project | 1 Libexcel | 2019-01-10 | 5.0 MEDIUM | 7.5 HIGH |
| wbook_addworksheet in workbook.c in libexcel.a in libexcel 0.01 allows attackers to cause a denial of service (SEGV) via a long name. NOTE: this is not a Microsoft product. | |||||
| CVE-2018-20574 | 1 Yaml-cpp Project | 1 Yaml-cpp | 2019-01-10 | 4.3 MEDIUM | 6.5 MEDIUM |
| The SingleDocParser::HandleFlowMap function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file. | |||||
| CVE-2018-20573 | 1 Yaml-cpp Project | 1 Yaml-cpp | 2019-01-10 | 4.3 MEDIUM | 6.5 MEDIUM |
| The Scanner::EnsureTokensInQueue function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file. | |||||
| CVE-2017-18329 | 1 Qualcomm | 74 Mdm9615, Mdm9615 Firmware, Mdm9625 and 71 more | 2019-01-10 | 7.2 HIGH | 7.8 HIGH |
| Possible Buffer overflow when transmitting an RTP packet in snapdragon automobile and snapdragon wear in versions MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 810, SD 820, SD 835, SD 845 / SD 850, SDA660, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130 | |||||
| CVE-2018-11961 | 1 Google | 1 Android | 2019-01-09 | 7.2 HIGH | 7.8 HIGH |
| In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Possibility of accessing out of bound vector index When updating some GNSS configurations. | |||||
| CVE-2018-11986 | 1 Google | 1 Android | 2019-01-09 | 4.6 MEDIUM | 7.8 HIGH |
| In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Possible buffer overflow in TX and RX FIFOs of microcontroller in camera subsystem used to exchange commands and messages between Micro FW and CPP driver. | |||||
| CVE-2018-19862 | 1 Minishare Project | 1 Minishare | 2019-01-09 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP POST request. NOTE: this product is discontinued. | |||||
| CVE-2018-19861 | 1 Minishare Project | 1 Minishare | 2019-01-09 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP HEAD request. NOTE: this product is discontinued. | |||||
| CVE-2018-14852 | 1 Samsung | 2 Galaxy S6, Galaxy S6 Firmware | 2019-01-08 | 5.8 MEDIUM | 6.3 MEDIUM |
| Out-of-bounds array access in dhd_rx_frame in drivers/net/wireless/bcmdhd4358/dhd_linux.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attacker (who has obtained code execution on the Wi-Fi chip) to cause invalid accesses to operating system memory due to improper validation of the network interface index provided by the Wi-Fi chip's firmware. | |||||
| CVE-2018-14854 | 1 Samsung | 2 Galaxy S6, Galaxy S6 Firmware | 2019-01-08 | 5.8 MEDIUM | 6.3 MEDIUM |
| Buffer overflow in dhd_bus_flow_ring_delete_response in drivers/net/wireless/bcmdhd4358/dhd_pcie.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allow an attacker (who has obtained code execution on the Wi-Fi chip) to cause the device driver to perform invalid memory accesses. The Samsung ID is SVE-2018-11785. | |||||
| CVE-2018-14855 | 1 Samsung | 2 Galaxy S6, Galaxy S6 Firmware | 2019-01-08 | 5.8 MEDIUM | 6.3 MEDIUM |
| Buffer overflow in dhd_bus_flow_ring_flush_response in drivers/net/wireless/bcmdhd4358/dhd_pcie.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 allow an attacker (who has obtained code execution on the Wi-Fi chip) to cause the device driver to perform invalid memory accesses. The Samsung ID is SVE-2018-11785. | |||||
| CVE-2018-14856 | 1 Samsung | 2 Galaxy S6, Galaxy S6 Firmware | 2019-01-08 | 5.8 MEDIUM | 6.3 MEDIUM |
| Buffer overflow in dhd_bus_flow_ring_create_response in drivers/net/wireless/bcmdhd4358/dhd_pcie.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allow an attacker (who has obtained code execution on the Wi-Fi) chip to cause the device driver to perform invalid memory accesses. The Samsung ID is SVE-2018-11785. | |||||
| CVE-2017-14767 | 1 Ffmpeg | 1 Ffmpeg | 2019-01-08 | 6.8 MEDIUM | 8.8 HIGH |
| The sdp_parse_fmtp_config_h264 function in libavformat/rtpdec_h264.c in FFmpeg before 3.3.4 mishandles empty sprop-parameter-sets values, which allows remote attackers to cause a denial of service (heap buffer overflow) or possibly have unspecified other impact via a crafted sdp file. | |||||