Total
7835 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-11503 | 2 Debian, Discount Project | 2 Debian Linux, Discount | 2024-11-21 | N/A |
| The isfootnote function in markdown.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file, as demonstrated by mkd2html. | ||||
| CVE-2018-11468 | 2 Debian, Discount Project | 2 Debian Linux, Discount | 2024-11-21 | N/A |
| The __mkd_trim_line function in mkdio.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file, as demonstrated by mkd2html. | ||||
| CVE-2018-11465 | 1 Siemens | 10 Sinumerik 808d V4.7, Sinumerik 808d V4.7 Firmware, Sinumerik 808d V4.8 and 7 more | 2024-11-21 | N/A |
| A vulnerability has been identified in SINUMERIK 808D V4.7 (All versions), SINUMERIK 808D V4.8 (All versions), SINUMERIK 828D V4.7 (All versions < V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions < V4.7 SP6 HF5), SINUMERIK 840D sl V4.8 (All versions < V4.8 SP3). A local attacker could use ioctl calls to do out of bounds reads, arbitrary writes, or execute code in kernel mode. The security vulnerability could be exploited by an attacker with local access to the affected systems. Successful exploitation requires user privileges but no user interaction. The vulnerability could allow an attacker to compromise confidentiality, integrity and availability of the system. At the time of advisory publication no public exploitation of this security vulnerability was known. | ||||
| CVE-2018-11439 | 3 Debian, Redhat, Taglib | 3 Debian Linux, Enterprise Linux, Taglib | 2024-11-21 | 6.5 Medium |
| The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLib 1.11.1 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted audio file. | ||||
| CVE-2018-11436 | 1 Libmobi Project | 1 Libmobi | 2024-11-21 | N/A |
| The buffer_addraw function in buffer.c in Libmobi 0.3 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted mobi file. | ||||
| CVE-2018-11434 | 1 Libmobi Project | 1 Libmobi | 2024-11-21 | N/A |
| The buffer_fill64 function in compression.c in Libmobi 0.3 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted mobi file. | ||||
| CVE-2018-11433 | 1 Libmobi Project | 1 Libmobi | 2024-11-21 | N/A |
| The mobi_get_kf8boundary_seqnumber function in util.c in Libmobi 0.3 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted mobi file. | ||||
| CVE-2018-11432 | 1 Libmobi Project | 1 Libmobi | 2024-11-21 | N/A |
| The mobi_parse_mobiheader function in read.c in Libmobi 0.3 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted mobi file. | ||||
| CVE-2018-11419 | 1 Jerryscript | 1 Jerryscript | 2024-11-21 | N/A |
| An issue was discovered in JerryScript 1.0. There is a heap-based buffer over-read in the lit_read_code_unit_from_hex function via a RegExp("[\\u0") payload, related to re_parse_char_class in parser/regexp/re-parser.c. | ||||
| CVE-2018-11418 | 1 Jerryscript | 1 Jerryscript | 2024-11-21 | N/A |
| An issue was discovered in JerryScript 1.0. There is a heap-based buffer over-read in the lit_read_code_unit_from_utf8 function via a RegExp("[\\u0020") payload, related to re_parse_char_class in parser/regexp/re-parser.c. | ||||
| CVE-2018-11384 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A |
| The sh_op() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted ELF file. | ||||
| CVE-2018-11382 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A |
| The _inst__sts() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file. | ||||
| CVE-2018-11381 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A |
| The string_scan_range() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file. | ||||
| CVE-2018-11380 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A |
| The parse_import_ptr() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted Mach-O file. | ||||
| CVE-2018-11379 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A |
| The get_debug_info() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted PE file. | ||||
| CVE-2018-11377 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A |
| The avr_op_analyze() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file. | ||||
| CVE-2018-11376 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A |
| The r_read_le32() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted ELF file. | ||||
| CVE-2018-11375 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A |
| The _inst__lds() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file. | ||||
| CVE-2018-11363 | 1 Pdfgen | 1 Pdfgen | 2024-11-21 | N/A |
| jpeg_size in pdfgen.c in PDFGen before 2018-04-09 has a heap-based buffer over-read. | ||||
| CVE-2018-11362 | 3 Debian, Redhat, Wireshark | 3 Debian Linux, Enterprise Linux, Wireshark | 2024-11-21 | N/A |
| In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by avoiding a buffer over-read upon encountering a missing '\0' character. | ||||