Total
13317 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-5718 | 1 Safensoft | 3 Softcontrol Enterprise Suite, Softcontrol Syswatch, Softcontrol Tpsecure | 2024-11-21 | N/A |
| Improper restriction of write operations within the bounds of a memory buffer in snscore.sys in SoftControl/SafenSoft SysWatch, SoftControl/SafenSoft TPSecure, SoftControl/SafenSoft Enterprise Suite before version 4.4.1 allows local users to cause a denial of service (BSOD) or modify kernel-mode memory via loading of a forged DLL into an user-mode process. | ||||
| CVE-2018-5701 | 1 Iolo | 1 System Shield | 2024-11-21 | N/A |
| In Iolo System Shield AntiVirus and AntiSpyware 5.0.0.136, the amp.sys driver file contains an Arbitrary Write vulnerability due to not validating input values from IOCtl 0x00226003. | ||||
| CVE-2018-5684 | 1 Libav | 1 Libav | 2024-11-21 | N/A |
| In Libav through 12.2, there is an invalid memcpy call in the ff_mov_read_stsd_entries function of libavformat/mov.c. Remote attackers could leverage this vulnerability to cause a denial of service (segmentation fault) and program failure with a crafted avi file. | ||||
| CVE-2018-5678 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2024-11-21 | N/A |
| This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader before 9.1 and PhantomPDF before 9.1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of specially crafted pdf files with embedded u3d images. Crafted data in the PDF file can trigger an overflow of a heap-based buffer. An attacker can leverage this vulnerability to execute code under the context of the current process, a different vulnerability than CVE-2018-5674 and CVE-2018-5676. | ||||
| CVE-2018-5676 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2024-11-21 | N/A |
| This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader before 9.1 and PhantomPDF before 9.1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of specially crafted pdf files with embedded u3d images. Crafted data in the PDF file can trigger an overflow of a heap-based buffer. An attacker can leverage this vulnerability to execute code under the context of the current process, a different vulnerability than CVE-2018-5674 and CVE-2018-5678. | ||||
| CVE-2018-5674 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2024-11-21 | N/A |
| This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader before 9.1 and PhantomPDF before 9.1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of specially crafted pdf files with embedded u3d images. Crafted data in the PDF file can trigger an overflow of a heap-based buffer. An attacker can leverage this vulnerability to execute code under the context of the current process, a different vulnerability than CVE-2018-5676 and CVE-2018-5678. | ||||
| CVE-2018-5473 | 1 Ge | 2 D60 Line Distance Relay, D60 Line Distance Relay Firmware | 2024-11-21 | 9.8 Critical |
| An Improper Restriction of Operations within the Bounds of a Memory Buffer issue was discovered in GE D60 Line Distance Relay devices running firmware Version 7.11 and prior. The SSH functions of the device are vulnerable to buffer overflow conditions that may allow a remote attacker to execute arbitrary code on the device. | ||||
| CVE-2018-5463 | 1 Lcds | 1 Laquis Scada | 2024-11-21 | N/A |
| A structured exception handler overflow vulnerability in Leao Consultoria e Desenvolvimento de Sistemas (LCDS) LTDA ME LAquis SCADA 4.1.0.3391 and earlier may allow code execution. | ||||
| CVE-2018-5453 | 1 Moxa | 8 Oncell G3110-hspa, Oncell G3110-hspa-t, Oncell G3110-hspa-t Firmware and 5 more | 2024-11-21 | N/A |
| An Improper Handling of Length Parameter Inconsistency issue was discovered in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. An attacker may be able to edit the element of an HTTP request, causing the device to become unavailable. | ||||
| CVE-2018-5388 | 3 Canonical, Debian, Strongswan | 3 Ubuntu Linux, Debian Linux, Strongswan | 2024-11-21 | N/A |
| In stroke_socket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket. | ||||
| CVE-2018-5378 | 3 Canonical, Debian, Quagga | 3 Ubuntu Linux, Debian Linux, Quagga | 2024-11-21 | N/A |
| The Quagga BGP daemon (bgpd) prior to version 1.2.3 does not properly bounds check the data sent with a NOTIFY to a peer, if an attribute length is invalid. Arbitrary data from the bgpd process may be sent over the network to a peer and/or bgpd may crash. | ||||
| CVE-2018-5359 | 1 Flexense | 1 Sysgauge | 2024-11-21 | N/A |
| The server in Flexense SysGauge 3.6.18 operating on port 9221 can be exploited remotely with the attacker gaining system-level access because of a Buffer Overflow. | ||||
| CVE-2018-5336 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2024-11-21 | N/A |
| In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the JSON, XML, NTP, XMPP, and GDB dissectors could crash. This was addressed in epan/tvbparse.c by limiting the recursion depth. | ||||
| CVE-2018-5335 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2024-11-21 | N/A |
| In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the WCP dissector could crash. This was addressed in epan/dissectors/packet-wcp.c by validating the available buffer length. | ||||
| CVE-2018-5334 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2024-11-21 | N/A |
| In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the IxVeriWave file parser could crash. This was addressed in wiretap/vwr.c by correcting the signature timestamp bounds checks. | ||||
| CVE-2018-5244 | 1 Xen | 1 Xen | 2024-11-21 | N/A |
| In Xen 4.10, new infrastructure was introduced as part of an overhaul to how MSR emulation happens for guests. Unfortunately, one tracking structure isn't freed when a vcpu is destroyed. This allows guest OS administrators to cause a denial of service (host OS memory consumption) by rebooting many times. | ||||
| CVE-2018-5221 | 1 Barcodewiz | 1 Barcode Activex Control | 2024-11-21 | N/A |
| Multiple buffer overflows in BarCodeWiz BarCode before 6.7 ActiveX control (BarcodeWiz.DLL) allow remote attackers to execute arbitrary code via a long argument to the (1) BottomText or (2) TopText property. | ||||
| CVE-2018-5208 | 2 Debian, Irssi | 2 Debian Linux, Irssi | 2024-11-21 | N/A |
| In Irssi before 1.0.6, a calculation error in the completion code could cause a heap buffer overflow when completing certain strings. | ||||
| CVE-2018-5200 | 1 Pandora | 1 Kmplayer | 2024-11-21 | 7.8 High |
| KMPlayer 4.2.2.15 and earlier have a Heap Based Buffer Overflow Vulnerability. It could be exploited with a crafted FLV format file. The problem is that more frame data is copied to heap memory than the size specified in the frame header. This results in a memory corruption and remote code execution. | ||||
| CVE-2018-5195 | 1 Hancom | 1 Thinkfree Office Neo | 2024-11-21 | N/A |
| Hancom NEO versions 9.6.1.5183 and earlier have a buffer Overflow vulnerability that leads remote attackers to execute arbitrary commands when performing the hyperlink Attributes in document. | ||||