Total
13235 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-3565 | 1 Google | 1 Android | 2024-11-21 | N/A |
| While sending a probe request indication in lim_send_sme_probe_req_ind() in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel, a buffer overflow can occur. | ||||
| CVE-2018-3562 | 1 Google | 1 Android | 2024-11-21 | N/A |
| Buffer over -read can occur while processing a FILS authentication frame in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | ||||
| CVE-2018-2386 | 1 Sap | 1 Internet Graphics Server | 2024-11-21 | N/A |
| Under certain conditions a malicious user provoking an out of bounds buffer overflow can prevent legitimate users from accessing the SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53. | ||||
| CVE-2018-21052 | 1 Google | 1 Android | 2024-11-21 | 9.8 Critical |
| An issue was discovered on Samsung mobile devices with N(7.x) and O(8.X) (Exynos chipsets) software. There is incorrect usage of shared memory in the vaultkeeper Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2018-12855 (October 2018). | ||||
| CVE-2018-21027 | 1 Boa | 1 Boa | 2024-11-21 | 9.8 Critical |
| Boa through 0.94.14rc21 allows remote attackers to trigger an out-of-memory (OOM) condition because malloc is mishandled. | ||||
| CVE-2018-21000 | 1 Safe-transmute Project | 1 Safe-transmute | 2024-11-21 | N/A |
| An issue was discovered in the safe-transmute crate before 0.10.1 for Rust. A constructor's arguments are in the wrong order, causing heap memory corruption. | ||||
| CVE-2018-20998 | 1 Arrayfire | 1 Arrayfire | 2024-11-21 | N/A |
| An issue was discovered in the arrayfire crate before 3.6.0 for Rust. Addition of the repr() attribute to an enum is mishandled, leading to memory corruption. | ||||
| CVE-2018-20995 | 1 Slice-deque Project | 1 Slice-deque | 2024-11-21 | N/A |
| An issue was discovered in the slice-deque crate before 0.1.16 for Rust. move_head_unchecked allows memory corruption because deque updates are mishandled. | ||||
| CVE-2018-20961 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 9.8 Critical |
| In the Linux kernel before 4.16.4, a double free vulnerability in the f_midi_set_alt function of drivers/usb/gadget/function/f_midi.c in the f_midi driver may allow attackers to cause a denial of service or possibly have unspecified other impact. | ||||
| CVE-2018-20856 | 2 Linux, Redhat | 8 Linux Kernel, Enterprise Linux, Enterprise Mrg and 5 more | 2024-11-21 | N/A |
| An issue was discovered in the Linux kernel before 4.18.7. In block/blk-core.c, there is an __blk_drain_queue() use-after-free because a certain error case is mishandled. | ||||
| CVE-2018-20855 | 3 Linux, Netapp, Opensuse | 6 Linux Kernel, Active Iq Performance Analytics Services, Active Iq Unified Manager and 3 more | 2024-11-21 | 3.3 Low |
| An issue was discovered in the Linux kernel before 4.18.7. In create_qp_common in drivers/infiniband/hw/mlx5/qp.c, mlx5_ib_create_qp_resp was never initialized, resulting in a leak of stack memory to userspace. | ||||
| CVE-2018-20854 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A |
| An issue was discovered in the Linux kernel before 4.20. drivers/phy/mscc/phy-ocelot-serdes.c has an off-by-one error with a resultant ctrl->phys out-of-bounds read. | ||||
| CVE-2018-20818 | 1 Openplcproject | 4 Openplc V2, Openplc V2 Firmware, Openplc V3 and 1 more | 2024-11-21 | N/A |
| A buffer overflow vulnerability was discovered in the OpenPLC controller, in the OpenPLC_v2 and OpenPLC_v3 versions. It occurs in the modbus.cpp mapUnusedIO() function, which can cause a runtime crash of the PLC or possibly have unspecified other impact. | ||||
| CVE-2018-20817 | 1 Activision | 1 Call Of Duty\ | 2024-11-21 | N/A |
| SV_SteamAuthClient in various Activision Infinity Ward Call of Duty games before 2015-08-11 is missing a size check when reading authBlob data into a buffer, which allows one to execute code on the remote target machine when sending a steam authentication request. This affects Call of Duty: Modern Warfare 2, Call of Duty: Modern Warfare 3, Call of Duty: Ghosts, Call of Duty: Advanced Warfare, Call of Duty: Black Ops 1, and Call of Duty: Black Ops 2. | ||||
| CVE-2018-20815 | 2 Qemu, Redhat | 4 Qemu, Enterprise Linux, Openstack and 1 more | 2024-11-21 | N/A |
| In QEMU 3.1.0, load_device_tree in device_tree.c calls the deprecated load_image function, which has a buffer overflow risk. | ||||
| CVE-2018-20797 | 1 Podofo Project | 1 Podofo | 2024-11-21 | N/A |
| An issue was discovered in PoDoFo 0.9.6. There is an attempted excessive memory allocation in PoDoFo::podofo_calloc in base/PdfMemoryManagement.cpp when called from PoDoFo::PdfPredictorDecoder::PdfPredictorDecoder in base/PdfFiltersPrivate.cpp. | ||||
| CVE-2018-20762 | 3 Canonical, Debian, Gpac Project | 3 Ubuntu Linux, Debian Linux, Gpac | 2024-11-21 | N/A |
| GPAC version 0.7.1 and earlier has a buffer overflow vulnerability in the cat_multiple_files function in applications/mp4box/fileimport.c when MP4Box is used for a local directory containing crafted filenames. | ||||
| CVE-2018-20761 | 3 Canonical, Debian, Gpac Project | 3 Ubuntu Linux, Debian Linux, Gpac | 2024-11-21 | N/A |
| GPAC version 0.7.1 and earlier has a Buffer Overflow vulnerability in the gf_sm_load_init function in scene_manager.c in libgpac_static.a. | ||||
| CVE-2018-20642 | 1 Entrepreneur Job Portal Script Project | 1 Entrepreneur Job Portal Script | 2024-11-21 | N/A |
| PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 allows remote attackers to cause a denial of service (outage of profile editing) via crafted JavaScript code in the KeySkills field. | ||||
| CVE-2018-20637 | 1 Chartered Accountant \ | 1 Auditor Website Project | 2024-11-21 | N/A |
| PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 allows remote attackers to cause a denial of service (unrecoverable blank profile) via crafted JavaScript code in the First Name and Last Name field. | ||||