Export limit exceeded: 10057 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 20501 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (20501 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-20468 | 1 Sahipro | 1 Sahi Pro | 2024-11-21 | N/A |
| An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. A web reports module has "export to excel features" that are vulnerable to CSV injection. An attacker can embed Excel formulas inside an automation script that, when exported after execution, results in code execution. | ||||
| CVE-2018-20461 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A |
| In radare2 prior to 3.1.1, core_anal_bytes in libr/core/cmd_anal.c allows attackers to cause a denial-of-service (application crash caused by out-of-bounds read) by crafting a binary file. | ||||
| CVE-2018-20459 | 1 Radare | 1 Radare2 | 2024-11-21 | 5.5 Medium |
| In radare2 through 3.1.3, the armass_assemble function in libr/asm/arch/arm/armass.c allows attackers to cause a denial-of-service (application crash by out-of-bounds read) by crafting an arm assembly input because a loop uses an incorrect index in armass.c and certain length validation is missing in armass64.c, a related issue to CVE-2018-20457. | ||||
| CVE-2018-20458 | 1 Radare | 1 Radare2 | 2024-11-21 | 5.5 Medium |
| In radare2 prior to 3.1.1, r_bin_dyldcache_extract in libr/bin/format/mach0/dyldcache.c may allow attackers to cause a denial-of-service (application crash caused by out-of-bounds read) by crafting an input file. | ||||
| CVE-2018-20457 | 1 Radare | 1 Radare2 | 2024-11-21 | 5.5 Medium |
| In radare2 through 3.1.3, the assemble function inside libr/asm/p/asm_arm_cs.c allows attackers to cause a denial-of-service (application crash via an r_num_calc out-of-bounds read) by crafting an arm assembly input because a loop uses an incorrect index in armass.c and certain length validation is missing in armass64.c, a related issue to CVE-2018-20459. | ||||
| CVE-2018-20456 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A |
| In radare2 prior to 3.1.1, the parseOperand function inside libr/asm/p/asm_x86_nz.c may allow attackers to cause a denial of service (application crash in libr/util/strbuf.c via a stack-based buffer over-read) by crafting an input file, a related issue to CVE-2018-20455. | ||||
| CVE-2018-20453 | 1 Libdoc Project | 1 Libdoc | 2024-11-21 | N/A |
| The getlong function in numutils.c in libdoc through 2017-10-23 has a heap-based buffer over-read that allows attackers to cause a denial of service (application crash) via a crafted file. | ||||
| CVE-2018-20451 | 1 Libdoc Project | 1 Libdoc | 2024-11-21 | 6.5 Medium |
| The process_file function in reader.c in libdoc through 2017-10-23 has a heap-based buffer over-read that allows attackers to cause a denial of service (application crash) via a crafted file. | ||||
| CVE-2018-20430 | 2 Debian, Gnu | 2 Debian Linux, Libextractor | 2024-11-21 | N/A |
| GNU Libextractor through 1.8 has an out-of-bounds read vulnerability in the function history_extract() in plugins/ole2_extractor.c, related to EXTRACTOR_common_convert_to_utf8 in common/convert.c. | ||||
| CVE-2018-20409 | 1 Axiosys | 1 Bento4 | 2024-11-21 | N/A |
| An issue was discovered in Bento4 1.5.1-627. There is a heap-based buffer over-read in AP4_AvccAtom::Create in Core/Ap4AvccAtom.cpp, as demonstrated by mp42hls. | ||||
| CVE-2018-20365 | 1 Libraw | 1 Libraw | 2024-11-21 | N/A |
| LibRaw::raw2image() in libraw_cxx.cpp has a heap-based buffer overflow. | ||||
| CVE-2018-20343 | 1 Advsys | 1 Build Engine | 2024-11-21 | 7.8 High |
| Multiple buffer overflow vulnerabilities have been found in Ken Silverman Build Engine 1. An attacker could craft a special map file to execute arbitrary code when the map file is loaded. | ||||
| CVE-2018-20337 | 2 Libraw, Redhat | 2 Libraw, Enterprise Linux | 2024-11-21 | N/A |
| There is a stack-based buffer overflow in the parse_makernote function of dcraw_common.cpp in LibRaw 0.19.1. Crafted input will lead to a denial of service or possibly unspecified other impact. | ||||
| CVE-2018-20336 | 1 Asus | 2 Asuswrt-merlin, Rt-ac68u | 2024-11-21 | 7.5 High |
| An issue was discovered in ASUSWRT 3.0.0.4.384.20308. There is a stack-based buffer overflow issue in parse_req_queries function in wanduck.c via a long string over UDP, which may lead to an information leak. | ||||
| CVE-2018-20330 | 1 Libjpeg-turbo | 1 Libjpeg-turbo | 2024-11-21 | N/A |
| The tjLoadImage function in libjpeg-turbo 2.0.1 has an integer overflow with a resultant heap-based buffer overflow via a BMP image because multiplication of pitch and height is mishandled, as demonstrated by tjbench. | ||||
| CVE-2018-20316 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2024-11-21 | 8.1 High |
| Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyDoAction race condition that can cause a stack-based buffer overflow or an out-of-bounds read, a different issue than CVE-2018-20310 because of a different opcode. | ||||
| CVE-2018-20314 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2024-11-21 | 8.1 High |
| Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyCheckLicence race condition that can cause a stack-based buffer overflow or an out-of-bounds read. | ||||
| CVE-2018-20313 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2024-11-21 | 8.1 High |
| Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyPreviewAction race condition that can cause a stack-based buffer overflow or an out-of-bounds read. | ||||
| CVE-2018-20312 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2024-11-21 | 8.1 High |
| Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyDoAction race condition that can cause a stack-based buffer overflow or an out-of-bounds read, a different issue than CVE-2018-20310 because of a different opcode. | ||||
| CVE-2018-20311 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2024-11-21 | 8.1 High |
| Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyCPDFAction race condition that can cause a stack-based buffer overflow or an out-of-bounds read. | ||||