Export limit exceeded: 43465 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (43465 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-20340 | 2 Debian, Yubico | 2 Debian Linux, Libu2f-host | 2024-11-21 | N/A |
| Yubico libu2f-host 1.1.6 contains unchecked buffers in devs.c, which could enable a malicious token to exploit a buffer overflow. An attacker could use this to attempt to execute malicious code using a crafted USB device masquerading as a security token on a computer where the affected library is currently in use. It is not possible to perform this attack with a genuine YubiKey. | ||||
| CVE-2018-20337 | 2 Libraw, Redhat | 2 Libraw, Enterprise Linux | 2024-11-21 | N/A |
| There is a stack-based buffer overflow in the parse_makernote function of dcraw_common.cpp in LibRaw 0.19.1. Crafted input will lead to a denial of service or possibly unspecified other impact. | ||||
| CVE-2018-20336 | 1 Asus | 2 Asuswrt-merlin, Rt-ac68u | 2024-11-21 | 7.5 High |
| An issue was discovered in ASUSWRT 3.0.0.4.384.20308. There is a stack-based buffer overflow issue in parse_req_queries function in wanduck.c via a long string over UDP, which may lead to an information leak. | ||||
| CVE-2018-20331 | 1 Antiy | 1 Anti Virus Lab Atool | 2024-11-21 | N/A |
| Local attackers can trigger a Kernel Pool Buffer Overflow in Antiy AVL ATool v1.0.0.22. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of IOCTL 0x80002004 by the ssdt.sys kernel driver. The bug is caused by failure to properly validate the length of the user-supplied data. An attacker can leverage this vulnerability to execute arbitrary code in the context of the kernel, which could lead to privilege escalation. A failed exploit could lead to denial of service. | ||||
| CVE-2018-20330 | 1 Libjpeg-turbo | 1 Libjpeg-turbo | 2024-11-21 | N/A |
| The tjLoadImage function in libjpeg-turbo 2.0.1 has an integer overflow with a resultant heap-based buffer overflow via a BMP image because multiplication of pitch and height is mishandled, as demonstrated by tjbench. | ||||
| CVE-2018-20316 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2024-11-21 | 8.1 High |
| Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyDoAction race condition that can cause a stack-based buffer overflow or an out-of-bounds read, a different issue than CVE-2018-20310 because of a different opcode. | ||||
| CVE-2018-20314 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2024-11-21 | 8.1 High |
| Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyCheckLicence race condition that can cause a stack-based buffer overflow or an out-of-bounds read. | ||||
| CVE-2018-20313 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2024-11-21 | 8.1 High |
| Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyPreviewAction race condition that can cause a stack-based buffer overflow or an out-of-bounds read. | ||||
| CVE-2018-20312 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2024-11-21 | 8.1 High |
| Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyDoAction race condition that can cause a stack-based buffer overflow or an out-of-bounds read, a different issue than CVE-2018-20310 because of a different opcode. | ||||
| CVE-2018-20311 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2024-11-21 | 8.1 High |
| Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyCPDFAction race condition that can cause a stack-based buffer overflow or an out-of-bounds read. | ||||
| CVE-2018-20310 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2024-11-21 | 8.1 High |
| Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyDoAction race condition that can cause a stack-based buffer overflow or an out-of-bounds read. | ||||
| CVE-2018-20309 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2024-11-21 | 8.1 High |
| Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyGetAppEdition race condition that can cause a stack-based buffer overflow or an out-of-bounds read. | ||||
| CVE-2018-20304 | 1 Libexcel Project | 1 Libexcel | 2024-11-21 | N/A |
| wbook_addworksheet in workbook.c in libexcel.a in libexcel 0.01 allows attackers to cause a denial of service (SEGV) via a long second argument. NOTE: this is not a Microsoft product. | ||||
| CVE-2018-20299 | 1 Bosch | 4 360-indoor Camera, 360-indoor Camera Firmware, Eyes Outdoor Camera and 1 more | 2024-11-21 | 9.8 Critical |
| An issue was discovered in several Bosch Smart Home cameras (360 degree indoor camera and Eyes outdoor camera) with firmware before 6.52.4. A malicious client could potentially succeed in the unauthorized execution of code on the device via the network interface, because there is a buffer overflow in the RCP+ parser of the web server. | ||||
| CVE-2018-20249 | 1 Foxitsoftware | 1 Quick Pdf Library | 2024-11-21 | N/A |
| In Foxit Quick PDF Library (all versions prior to 16.12), issue where loading a malformed or malicious PDF containing invalid xref entries using the DAOpenFile or DAOpenFileReadOnly functions may result in an access violation caused by out of bounds memory access. | ||||
| CVE-2018-20248 | 1 Foxitsoftware | 1 Quick Pdf Library | 2024-11-21 | N/A |
| In Foxit Quick PDF Library (all versions prior to 16.12), issue where loading a malformed or malicious PDF containing invalid xref table pointers or invalid xref table data using the LoadFromFile, LoadFromString, LoadFromStream, DAOpenFile or DAOpenFileReadOnly functions may result in an access violation caused by out of bounds memory access. | ||||
| CVE-2018-20247 | 1 Foxitsoftware | 1 Quick Pdf Library | 2024-11-21 | 7.8 High |
| In Foxit Quick PDF Library (all versions prior to 16.12), issue where loading a malformed or malicious PDF containing a recursive page tree structure using the LoadFromFile, LoadFromString or LoadFromStream functions results in a stack overflow. | ||||
| CVE-2018-20213 | 1 Libexcel Project | 1 Libexcel | 2024-11-21 | N/A |
| wbook_addworksheet in workbook.c in libexcel.a in libexcel 0.01 allows attackers to cause a denial of service (SEGV) via a long name. NOTE: this is not a Microsoft product. | ||||
| CVE-2018-20201 | 1 Pur3 | 1 Espruino | 2024-11-21 | N/A |
| There is a stack-based buffer over-read in the jsfNameFromString function of jsflash.c in Espruino 2V00, leading to a denial of service or possibly unspecified other impact via a crafted js file. | ||||
| CVE-2018-20185 | 3 Canonical, Debian, Graphicsmagick | 3 Ubuntu Linux, Debian Linux, Graphicsmagick | 2024-11-21 | 5.3 Medium |
| In GraphicsMagick 1.4 snapshot-20181209 Q8 on 32-bit platforms, there is a heap-based buffer over-read in the ReadBMPImage function of bmp.c, which allows attackers to cause a denial of service via a crafted bmp image file. This only affects GraphicsMagick installations with customized BMP limits. | ||||