Export limit exceeded: 20505 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (20505 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-4194 | 2 Apple, Microsoft | 6 Icloud, Iphone Os, Itunes and 3 more | 2024-11-21 | N/A |
| In iOS before 11.4, iCloud for Windows before 7.5, watchOS before 4.3.1, iTunes before 12.7.5 for Windows, and macOS High Sierra before 10.13.5, an out-of-bounds read was addressed with improved input validation. | ||||
| CVE-2018-4169 | 1 Apple | 1 Mac Os X | 2024-11-21 | N/A |
| In macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan, an out-of-bounds read was addressed with improved input validation. | ||||
| CVE-2018-4160 | 1 Apple | 1 Mac Os X | 2024-11-21 | N/A |
| An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (out-of-bounds read) via a crafted app. | ||||
| CVE-2018-4136 | 1 Apple | 1 Mac Os X | 2024-11-21 | N/A |
| An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (out-of-bounds read) via a crafted app. | ||||
| CVE-2018-3971 | 1 Sophos | 1 Hitmanpro.alert | 2024-11-21 | 7.8 High |
| An exploitable arbitrary write vulnerability exists in the 0x2222CC IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to write data under controlled by an attacker address, resulting in memory corruption. An attacker can send IRP request to trigger this vulnerability. | ||||
| CVE-2018-3956 | 2 Foxitsoftware, Microsoft | 3 Phantompdf, Reader, Windows | 2024-11-21 | 7.1 High |
| An exploitable out-of-bounds read vulnerability exists in the handling of certain XFA element attributes of Foxit Software's PDF Reader version 9.1.0.5096. A specially crafted PDF document can trigger an out-of-bounds read, which can disclose sensitive memory content and aid in exploitation when coupled with another vulnerability. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability. | ||||
| CVE-2018-3899 | 1 Yitechnology | 2 Yi Home Camera, Yi Home Camera Firmware | 2024-11-21 | 7.5 High |
| An exploitable code execution vulnerability exists in the QR code scanning functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted QR Code can cause a buffer overflow, resulting in code execution. The trans_info call can overwrite a buffer of size 0x104, which is more than enough to overflow the return address from the password_dst field | ||||
| CVE-2018-3898 | 1 Yitechnology | 2 Yi Home Camera, Yi Home Camera Firmware | 2024-11-21 | 7.5 High |
| An exploitable code execution vulnerability exists in the QR code scanning functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted QR Code can cause a buffer overflow, resulting in code execution. The trans_info call can overwrite a buffer of size 0x104, which is more than enough to overflow the return address from the ssid_dst field. | ||||
| CVE-2018-3897 | 1 Samsung | 2 Sth-eth-250, Sth-eth-250 Firmware | 2024-11-21 | 8.8 High |
| An exploitable buffer overflow vulnerabilities exist in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub with Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. The strncpy call overflows the destination buffer, which has a size of 52 bytes. An attacker can send an arbitrarily long "callbackUrl" value in order to exploit this vulnerability. | ||||
| CVE-2018-3896 | 1 Samsung | 2 Sth-eth-250, Sth-eth-250 Firmware | 2024-11-21 | 8.8 High |
| An exploitable buffer overflow vulnerabilities exist in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub with Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. The strncpy call overflows the destination buffer, which has a size of 52 bytes. An attacker can send an arbitrarily long "correlationId" value in order to exploit this vulnerability. | ||||
| CVE-2018-3895 | 1 Samsung | 2 Sth-eth-250, Sth-eth-250 Firmware | 2024-11-21 | 8.8 High |
| An exploitable buffer overflow vulnerability exists in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 Firmware version 0.20.17. The strncpy call overflows the destination buffer, which has a size of 52 bytes. An attacker can send an arbitrarily long 'endTime' value in order to exploit this vulnerability. An attacker can send an HTTP request to trigger this vulnerability. | ||||
| CVE-2018-3894 | 1 Samsung | 2 Sth-eth-250, Sth-eth-250 Firmware | 2024-11-21 | 8.8 High |
| An exploitable buffer overflow vulnerability exists in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy call overflows the destination buffer, which has a size of 52 bytes. An attacker can send an arbitrarily long "startTime" value in order to exploit this vulnerability. | ||||
| CVE-2018-3892 | 1 Yitechnology | 2 Yi Home Camera, Yi Home Camera Firmware | 2024-11-21 | 8.1 High |
| An exploitable firmware downgrade vulnerability exists in the time syncing functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted packet can cause a buffer overflow, resulting in code execution. An attacker can intercept and alter network traffic to trigger this vulnerability. | ||||
| CVE-2018-3876 | 1 Samsung | 2 Sth-eth-250, Sth-eth-250 Firmware | 2024-11-21 | 8.8 High |
| An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 64 bytes. An attacker can send an arbitrarily long "bucket" value in order to exploit this vulnerability. | ||||
| CVE-2018-3865 | 1 Samsung | 2 Sth-eth-250, Sth-eth-250 Firmware | 2024-11-21 | 8.8 High |
| An exploitable buffer overflow vulnerability exists in the Samsung WifiScan handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy overflows the destination buffer, which has a size of 40 bytes. An attacker can send an arbitrarily long "cameraIp" value in order to exploit this vulnerability. | ||||
| CVE-2018-3864 | 1 Samsung | 2 Sth-eth-250, Sth-eth-250 Firmware | 2024-11-21 | 8.8 High |
| An exploitable buffer overflow vulnerability exists in the Samsung WifiScan handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy overflows the destination buffer, which has a size of 40 bytes. An attacker can send an arbitrarily long "password" value in order to exploit this vulnerability. | ||||
| CVE-2018-3858 | 1 Acdsystems | 1 Canvas Draw | 2024-11-21 | 7.8 High |
| An exploitable heap overflow exists in the TIFF parsing functionality of Canvas Draw version 4.0.0. A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this vulnerability and gain the ability to execute code. A different vulnerability than CVE-2018-3857. | ||||
| CVE-2018-3857 | 1 Acdsystems | 1 Canvas Draw | 2024-11-21 | 7.8 High |
| An exploitable heap overflow exists in the TIFF parsing functionality of Canvas Draw version 4.0.0. A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this vulnerability and gain code execution. A different vulnerability than CVE-2018-3858. | ||||
| CVE-2018-3849 | 2 Fedoraproject, Nasa | 2 Fedora, Cfitsio | 2024-11-21 | 8.8 High |
| In the ffghtb function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potentially gain code execution. | ||||
| CVE-2018-3848 | 2 Fedoraproject, Nasa | 2 Fedora, Cfitsio | 2024-11-21 | 8.8 High |
| In the ffghbn function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potentially gain code execution. | ||||