Total
13223 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-1083 | 4 Canonical, Debian, Redhat and 1 more | 7 Ubuntu Linux, Debian Linux, Enterprise Linux and 4 more | 2024-11-21 | N/A |
| Zsh before version 5.4.2-test-1 is vulnerable to a buffer overflow in the shell autocomplete functionality. A local unprivileged user can create a specially crafted directory path which leads to code execution in the context of the user who tries to use autocomplete to traverse the before mentioned path. If the user affected is privileged, this leads to privilege escalation. | ||||
| CVE-2018-1068 | 4 Canonical, Debian, Linux and 1 more | 17 Ubuntu Linux, Debian Linux, Linux Kernel and 14 more | 2024-11-21 | 6.7 Medium |
| A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory. | ||||
| CVE-2018-1003 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2024-11-21 | N/A |
| A buffer overflow vulnerability exists in the Microsoft JET Database Engine that could allow remote code execution on an affected system, aka "Microsoft JET Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10. | ||||
| CVE-2018-19978 | 1 Auerswald | 2 Comfortel 1200 Ip, Comfortel 1200 Ip Firmware | 2024-11-21 | N/A |
| A buffer overflow vulnerability in the DHCP and PPPOE configuration interface of the Auerswald COMfort 1200 IP phone 3.4.4.1-10589 allows a remote attacker (authenticated as simple user in the same network as the device) to trigger remote code execution via a POST request (ManufacturerName parameter) to the web server on the device. The web server is running with root privileges and the injected code will also run with root privileges. | ||||
| CVE-2018-19963 | 1 Xen | 1 Xen | 2024-11-21 | N/A |
| An issue was discovered in Xen 4.11 allowing HVM guest OS users to cause a denial of service (host OS crash) or possibly gain host OS privileges because x86 IOREQ server resource accounting (for external emulators) was mishandled. | ||||
| CVE-2018-19891 | 1 Audiocoding | 1 Freeware Advanced Audio Coder | 2024-11-21 | N/A |
| An invalid memory address dereference was discovered in the huffcode function (libfaac/huff2.c) in Freeware Advanced Audio Coder (FAAC) 1.29.9.2. The vulnerability causes a segmentation fault and application crash, which leads to denial of service in the book 10 case. | ||||
| CVE-2018-19890 | 1 Audiocoding | 1 Freeware Advanced Audio Coder | 2024-11-21 | N/A |
| An invalid memory address dereference was discovered in the huffcode function (libfaac/huff2.c) in Freeware Advanced Audio Coder (FAAC) 1.29.9.2. The vulnerability causes a segmentation fault and application crash, which leads to denial of service in the book 2 case. | ||||
| CVE-2018-19889 | 1 Audiocoding | 1 Freeware Advanced Audio Coder | 2024-11-21 | N/A |
| An invalid memory address dereference was discovered in the huffcode function (libfaac/huff2.c) in Freeware Advanced Audio Coder (FAAC) 1.29.9.2. The vulnerability causes a segmentation fault and application crash, which leads to denial of service in the book 6 case. | ||||
| CVE-2018-19888 | 1 Audiocoding | 1 Freeware Advanced Audio Coder | 2024-11-21 | N/A |
| An invalid memory address dereference was discovered in the huffcode function (libfaac/huff2.c) in Freeware Advanced Audio Coder (FAAC) 1.29.9.2. The vulnerability causes a segmentation fault and application crash, which leads to denial of service in the HCB_ESC case. | ||||
| CVE-2018-19887 | 1 Audiocoding | 1 Freeware Advanced Audio Coder | 2024-11-21 | N/A |
| An invalid memory address dereference was discovered in the huffcode function (libfaac/huff2.c) in Freeware Advanced Audio Coder (FAAC) 1.29.9.2. The vulnerability causes a segmentation fault and application crash, which leads to denial of service in the book 4 case. | ||||
| CVE-2018-19886 | 1 Audiocoding | 1 Freeware Advanced Audio Coder | 2024-11-21 | 5.5 Medium |
| An invalid memory address dereference was discovered in the huffcode function (libfaac/huff2.c) in Freeware Advanced Audio Coder (FAAC) 1.29.9.2. The vulnerability causes a segmentation fault and application crash, which leads to denial of service in the book 8 case. | ||||
| CVE-2018-19864 | 1 Nuuo | 1 Nvrmini2 Firmware | 2024-11-21 | N/A |
| NUUO NVRmini2 Network Video Recorder firmware through 3.9.1 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow), resulting in ability to read camera feeds or reconfigure the device. | ||||
| CVE-2018-19862 | 1 Minishare Project | 1 Minishare | 2024-11-21 | N/A |
| Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP POST request. NOTE: this product is discontinued. | ||||
| CVE-2018-19861 | 1 Minishare Project | 1 Minishare | 2024-11-21 | N/A |
| Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP HEAD request. NOTE: this product is discontinued. | ||||
| CVE-2018-19800 | 1 Aubio | 1 Aubio | 2024-11-21 | N/A |
| aubio v0.4.0 to v0.4.8 has a Buffer Overflow in new_aubio_tempo. | ||||
| CVE-2018-19792 | 1 Litespeedtech | 1 Openlitespeed | 2024-11-21 | N/A |
| The server in LiteSpeed OpenLiteSpeed before 1.5.0 RC6 allows local users to cause a denial of service (buffer overflow) or possibly have unspecified other impact by creating a symlink through which the openlitespeed program can be invoked with a long command name (involving ../ characters), which is mishandled in the LshttpdMain::getServerRootFromExecutablePath function. | ||||
| CVE-2018-19587 | 1 Cesanta | 1 Mongoose | 2024-11-21 | N/A |
| In Cesanta Mongoose 6.13, a SIGSEGV exists in the mongoose.c mg_mqtt_add_session() function. | ||||
| CVE-2018-19568 | 1 Dcraw Project | 1 Dcraw | 2024-11-21 | N/A |
| A floating point exception in kodak_radc_load_raw in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code. | ||||
| CVE-2018-19567 | 1 Dcraw Project | 1 Dcraw | 2024-11-21 | N/A |
| A floating point exception in parse_tiff_ifd in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code. | ||||
| CVE-2018-19528 | 1 Tp-link | 2 Tl-wr886n, Tl-wr886n Firmware | 2024-11-21 | N/A |
| TP-Link TL-WR886N 7.0 1.1.0 devices allow remote attackers to cause a denial of service (Tlb Load Exception) via crafted DNS packets to port 53/udp. | ||||