Total
8195 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-8099 | 2 Debian, Libgit2 | 2 Debian Linux, Libgit2 | 2024-11-21 | 6.5 Medium |
| Incorrect returning of an error code in the index.c:read_entry() function leads to a double free in libgit2 before v0.26.2, which allows an attacker to cause a denial of service via a crafted repository index file. | ||||
| CVE-2018-8098 | 2 Debian, Libgit2 | 2 Debian Linux, Libgit2 | 2024-11-21 | 6.5 Medium |
| Integer overflow in the index.c:read_entry() function while decompressing a compressed prefix length in libgit2 before v0.26.2 allows an attacker to cause a denial of service (out-of-bounds read) via a crafted repository index file. | ||||
| CVE-2018-8001 | 1 Podofo Project | 1 Podofo | 2024-11-21 | N/A |
| In PoDoFo 0.9.5, there exists a heap-based buffer over-read vulnerability in UnescapeName() in PdfName.cpp. Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other impact via a crafted pdf file. | ||||
| CVE-2018-7875 | 2 Debian, Libming | 2 Debian Linux, Libming | 2024-11-21 | N/A |
| There is a heap-based buffer over-read in the getString function of util/decompile.c in libming 0.4.8 for CONSTANT8 data. A Crafted input will lead to a denial of service attack. | ||||
| CVE-2018-7871 | 2 Debian, Libming | 2 Debian Linux, Libming | 2024-11-21 | N/A |
| There is a heap-based buffer over-read in the getName function of util/decompile.c in libming 0.4.8 for CONSTANT16 data. A crafted input will lead to a denial of service or possibly unspecified other impact. | ||||
| CVE-2018-7868 | 2 Debian, Libming | 2 Debian Linux, Libming | 2024-11-21 | N/A |
| There is a heap-based buffer over-read in the getName function of util/decompile.c in libming 0.4.8 for CONSTANT8 data. A Crafted input will lead to a denial of service attack. | ||||
| CVE-2018-7858 | 4 Canonical, Opensuse, Qemu and 1 more | 11 Ubuntu Linux, Leap, Qemu and 8 more | 2024-11-21 | 5.5 Medium |
| Quick Emulator (aka QEMU), when built with the Cirrus CLGD 54xx VGA Emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds access and QEMU process crash) by leveraging incorrect region calculation when updating VGA display. | ||||
| CVE-2018-7845 | 1 Schneider-electric | 8 Modicon M340, Modicon M340 Firmware, Modicon M580 and 5 more | 2024-11-21 | 7.5 High |
| A CWE-125: Out-of-bounds Read vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause the disclosure of unexpected data from the controller when reading specific memory blocks in the controller over Modbus. | ||||
| CVE-2018-7843 | 1 Schneider-electric | 8 Modicon M340, Modicon M340 Firmware, Modicon M580 and 5 more | 2024-11-21 | 7.5 High |
| A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause denial of service when reading memory blocks with an invalid data size or with an invalid data offset in the controller over Modbus. | ||||
| CVE-2018-7730 | 4 Canonical, Debian, Exempi Project and 1 more | 4 Ubuntu Linux, Debian Linux, Exempi and 1 more | 2024-11-21 | N/A |
| An issue was discovered in Exempi through 2.4.4. A certain case of a 0xffffffff length is mishandled in XMPFiles/source/FormatSupport/PSIR_FileWriter.cpp, leading to a heap-based buffer over-read in the PSD_MetaHandler::CacheFileData() function. | ||||
| CVE-2018-7729 | 2 Canonical, Exempi Project | 2 Ubuntu Linux, Exempi | 2024-11-21 | N/A |
| An issue was discovered in Exempi through 2.4.4. There is a stack-based buffer over-read in the PostScript_MetaHandler::ParsePSFile() function in XMPFiles/source/FileHandlers/PostScript_Handler.cpp. | ||||
| CVE-2018-7728 | 3 Canonical, Debian, Exempi Project | 3 Ubuntu Linux, Debian Linux, Exempi | 2024-11-21 | N/A |
| An issue was discovered in Exempi through 2.4.4. XMPFiles/source/FileHandlers/TIFF_Handler.cpp mishandles a case of a zero length, leading to a heap-based buffer over-read in the MD5Update() function in third-party/zuid/interfaces/MD5.cpp. | ||||
| CVE-2018-7641 | 1 Cimg | 1 Cimg | 2024-11-21 | N/A |
| An issue was discovered in CImg v.220. A heap-based buffer over-read in load_bmp in CImg.h occurs when loading a crafted bmp image, a different vulnerability than CVE-2018-7588. This is in a "32 bits colors" case, aka case 32. | ||||
| CVE-2018-7640 | 1 Cimg | 1 Cimg | 2024-11-21 | N/A |
| An issue was discovered in CImg v.220. A heap-based buffer over-read in load_bmp in CImg.h occurs when loading a crafted bmp image, a different vulnerability than CVE-2018-7588. This is in a Monochrome case, aka case 1. | ||||
| CVE-2018-7639 | 1 Cimg | 1 Cimg | 2024-11-21 | N/A |
| An issue was discovered in CImg v.220. A heap-based buffer over-read in load_bmp in CImg.h occurs when loading a crafted bmp image, a different vulnerability than CVE-2018-7588. This is in a "16 bits colors" case, aka case 16. | ||||
| CVE-2018-7638 | 1 Cimg | 1 Cimg | 2024-11-21 | N/A |
| An issue was discovered in CImg v.220. A heap-based buffer over-read in load_bmp in CImg.h occurs when loading a crafted bmp image, a different vulnerability than CVE-2018-7588. This is in a "256 colors" case, aka case 8. | ||||
| CVE-2018-7637 | 1 Cimg | 1 Cimg | 2024-11-21 | N/A |
| An issue was discovered in CImg v.220. A heap-based buffer over-read in load_bmp in CImg.h occurs when loading a crafted bmp image, a different vulnerability than CVE-2018-7588. This is in a "16 colors" case, aka case 4. | ||||
| CVE-2018-7588 | 1 Cimg | 1 Cimg | 2024-11-21 | N/A |
| An issue was discovered in CImg v.220. A heap-based buffer over-read in load_bmp in CImg.h occurs when loading a crafted bmp image. | ||||
| CVE-2018-7584 | 4 Canonical, Debian, Php and 1 more | 5 Ubuntu Linux, Debian Linux, Php and 2 more | 2024-11-21 | N/A |
| In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and 7.2.x through 7.2.2, there is a stack-based buffer under-read while parsing an HTTP response in the php_stream_url_wrap_http_ex function in ext/standard/http_fopen_wrapper.c. This subsequently results in copying a large string. | ||||
| CVE-2018-7557 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2024-11-21 | 6.5 Medium |
| The decode_init function in libavcodec/utvideodec.c in FFmpeg 2.8 through 3.4.2 allows remote attackers to cause a denial of service (Out of array read) via an AVI file with crafted dimensions within chroma subsampling data. | ||||