Export limit exceeded: 41752 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (41752 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-14645 | 3 Canonical, Haproxy, Redhat | 6 Ubuntu Linux, Haproxy, Enterprise Linux and 3 more | 2024-11-21 | N/A |
| A flaw was discovered in the HPACK decoder of HAProxy, before 1.8.14, that is used for HTTP/2. An out-of-bounds read access in hpack_valid_idx() resulted in a remote crash and denial of service. | ||||
| CVE-2018-14633 | 4 Canonical, Debian, Linux and 1 more | 11 Ubuntu Linux, Debian Linux, Linux Kernel and 8 more | 2024-11-21 | 7.0 High |
| A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The attack requires the iSCSI target to be enabled on the victim host. Depending on how the target's code was built (i.e. depending on a compiler, compile flags and hardware architecture) an attack may lead to a system crash and thus to a denial-of-service or possibly to a non-authorized access to data exported by an iSCSI target. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is highly unlikely. Kernel versions 4.18.x, 4.14.x and 3.10.x are believed to be vulnerable. | ||||
| CVE-2018-14618 | 4 Canonical, Debian, Haxx and 1 more | 6 Ubuntu Linux, Debian Linux, Libcurl and 3 more | 2024-11-21 | N/A |
| curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow. (This bug is almost identical to CVE-2017-8816.) | ||||
| CVE-2018-14615 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A |
| An issue was discovered in the Linux kernel through 4.17.10. There is a buffer overflow in truncate_inline_inode() in fs/f2fs/inline.c when umounting an f2fs image, because a length value may be negative. | ||||
| CVE-2018-14610 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A |
| An issue was discovered in the Linux kernel through 4.17.10. There is out-of-bounds access in write_extent_buffer() when mounting and operating a crafted btrfs image, because of a lack of verification that each block group has a corresponding chunk at mount time, within btrfs_read_block_groups in fs/btrfs/extent-tree.c. | ||||
| CVE-2018-14599 | 5 Canonical, Debian, Fedoraproject and 2 more | 8 Ubuntu Linux, Debian Linux, Fedora and 5 more | 2024-11-21 | 9.8 Critical |
| An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c is vulnerable to an off-by-one error caused by malicious server responses, leading to DoS or possibly unspecified other impact. | ||||
| CVE-2018-14590 | 1 Axiosys | 1 Bento4 | 2024-11-21 | N/A |
| An issue has been discovered in Bento4 1.5.1-624. A SEGV can occur in AP4_Processor::ProcessFragments in Core/Ap4Processor.cpp. | ||||
| CVE-2018-14589 | 1 Axiosys | 1 Bento4 | 2024-11-21 | N/A |
| An issue has been discovered in Bento4 1.5.1-624. AP4_Mp4AudioDsiParser::ReadBits in Codecs/Ap4Mp4AudioInfo.cpp has a heap-based buffer over-read. | ||||
| CVE-2018-14587 | 1 Axiosys | 1 Bento4 | 2024-11-21 | N/A |
| An issue has been discovered in Bento4 1.5.1-624. AP4_MemoryByteStream::WritePartial in Core/Ap4ByteStream.cpp has a buffer over-read. | ||||
| CVE-2018-14586 | 1 Axiosys | 1 Bento4 | 2024-11-21 | N/A |
| An issue has been discovered in Bento4 1.5.1-624. A SEGV can occur in AP4_Mpeg2TsAudioSampleStream::WriteSample in Core/Ap4Mpeg2Ts.cpp, a different vulnerability than CVE-2018-14532. | ||||
| CVE-2018-14585 | 1 Axiosys | 1 Bento4 | 2024-11-21 | N/A |
| An issue has been discovered in Bento4 1.5.1-624. AP4_BytesToUInt16BE in Core/Ap4Utils.h has a heap-based buffer over-read after a call from the AP4_Stz2Atom class. | ||||
| CVE-2018-14584 | 1 Axiosys | 1 Bento4 | 2024-11-21 | N/A |
| An issue has been discovered in Bento4 1.5.1-624. AP4_AvccAtom::Create in Core/Ap4AvccAtom.cpp has a heap-based buffer over-read. | ||||
| CVE-2018-14576 | 1 Suncontract | 1 Suncontract | 2024-11-21 | 7.5 High |
| The mintTokens function of a smart contract implementation for SunContract, an Ethereum token, has an integer overflow via the _amount variable. | ||||
| CVE-2018-14565 | 1 Thunlp | 1 Thulac | 2024-11-21 | N/A |
| An issue was discovered in libthulac.so in THULAC through 2018-02-25. A heap-based buffer over-read can occur in NGramFeature::find_bases in include/cb_ngram_feature.h. | ||||
| CVE-2018-14564 | 1 Thunlp | 1 Thulac | 2024-11-21 | N/A |
| An issue was discovered in libthulac.so in THULAC through 2018-02-25. A SEGV can occur in NGramFeature::find_bases in include/cb_ngram_feature.h. | ||||
| CVE-2018-14563 | 1 Thunlp | 1 Thulac | 2024-11-21 | N/A |
| An issue was discovered in libthulac.so in THULAC through 2018-02-25. "operator delete" is used with "operator new[]" in the TaggingLearner class in include/cb_tagging_learner.h, possibly leading to memory corruption. | ||||
| CVE-2018-14559 | 1 Tenda | 6 Ac10, Ac10 Firmware, Ac7 and 3 more | 2024-11-21 | N/A |
| An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through V15.03.05.19(6318)_CN(AC9), and AC10 devices with firmware through V15.03.06.23_CN(AC10). A buffer overflow vulnerability exists in the router's web server (httpd). When processing the list parameters for a post request, the value is directly written with sprintf to a local variable placed on the stack, which overrides the return address of the function, causing a buffer overflow. | ||||
| CVE-2018-14557 | 1 Tenda | 6 Ac10, Ac10 Firmware, Ac7 and 3 more | 2024-11-21 | N/A |
| An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through V15.03.05.19(6318)_CN(AC9), and AC10 devices with firmware through V15.03.06.23_CN(AC10). A buffer overflow vulnerability exists in the router's web server (httpd). When processing the page parameters for a post request, the value is directly written with sprintf to a local variable placed on the stack, which overrides the return address of the function, a causing buffer overflow. | ||||
| CVE-2018-14553 | 6 Canonical, Debian, Fedoraproject and 3 more | 6 Ubuntu Linux, Debian Linux, Fedora and 3 more | 2024-11-21 | 7.5 High |
| gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer dereference allowing attackers to crash an application via a specific function call sequence. Only affects PHP when linked with an external libgd (not bundled). | ||||
| CVE-2018-14550 | 3 Libpng, Netapp, Oracle | 5 Libpng, Active Iq Unified Manager, Oncommand Api Services and 2 more | 2024-11-21 | 8.8 High |
| An issue has been found in third-party PNM decoding associated with libpng 1.6.35. It is a stack-based buffer overflow in the function get_token in pnm2png.c in pnm2png. | ||||