Export limit exceeded: 20493 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (20493 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-18090 | 1 Intel | 1 Graphics Driver | 2024-11-21 | N/A |
| Out of bounds read in igdkm64.sys in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 may allow an authenticated user to potentially enable denial of service via local access. | ||||
| CVE-2018-18089 | 1 Intel | 1 Graphics Driver | 2024-11-21 | N/A |
| Multiple out of bounds read in igdkm64.sys in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 may allow an authenticated user to potentially enable information disclosure via local access. | ||||
| CVE-2018-18064 | 1 Cairographics | 1 Cairo | 2024-11-21 | 6.5 Medium |
| cairo through 1.15.14 has an out-of-bounds stack-memory write during processing of a crafted document by WebKitGTK+ because of the interaction between cairo-rectangular-scan-converter.c (the generate and render_rows functions) and cairo-image-compositor.c (the _cairo_image_spans_and_zero function). | ||||
| CVE-2018-18060 | 1 Bitdefender | 1 Scan Engines | 2024-11-21 | N/A |
| An issue was discovered in Bitdefender Engines before 7.76808. A vulnerability has been discovered in the dalvik.xmd parser that results from a lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. Paired with other vulnerabilities, this can result in denial-of-service. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. | ||||
| CVE-2018-18059 | 1 Bitdefender | 1 Scan Engines | 2024-11-21 | N/A |
| An issue was discovered in Bitdefender Engines before 7.76675. A vulnerability has been discovered in the rar.xmd parser that results from a lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. Paired with other vulnerabilities, this can result in denial-of-service. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. | ||||
| CVE-2018-18025 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2024-11-21 | N/A |
| In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in the EncodeImage function of coders/pict.c, which allows attackers to cause a denial of service via a crafted SVG image file. | ||||
| CVE-2018-18023 | 1 Imagemagick | 1 Imagemagick | 2024-11-21 | N/A |
| In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in the SVGStripString function of coders/svg.c, which allows attackers to cause a denial of service via a crafted SVG image file. | ||||
| CVE-2018-17983 | 1 Mercurial | 1 Mercurial | 2024-11-21 | N/A |
| cext/manifest.c in Mercurial before 4.7.2 has an out-of-bounds read during parsing of a malformed manifest entry. | ||||
| CVE-2018-17974 | 1 Broadcom | 1 Tcpreplay | 2024-11-21 | N/A |
| An issue was discovered in Tcpreplay 4.3.0 beta1. A heap-based buffer over-read was triggered in the function dlt_en10mb_encode() of the file plugins/dlt_en10mb/en10mb.c, due to inappropriate values in the function memmove(). The length (pktlen + ctx -> l2len) can be larger than source value (packet + ctx->l2len) because the function fails to ensure the length of a packet is valid. This leads to Denial of Service. | ||||
| CVE-2018-17963 | 4 Canonical, Debian, Qemu and 1 more | 8 Ubuntu Linux, Debian Linux, Qemu and 5 more | 2024-11-21 | 9.8 Critical |
| qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact. | ||||
| CVE-2018-17962 | 6 Canonical, Debian, Oracle and 3 more | 7 Ubuntu Linux, Debian Linux, Linux and 4 more | 2024-11-21 | N/A |
| Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used. | ||||
| CVE-2018-17958 | 4 Canonical, Debian, Qemu and 1 more | 8 Ubuntu Linux, Debian Linux, Qemu and 5 more | 2024-11-21 | 7.5 High |
| Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used. | ||||
| CVE-2018-17942 | 1 Gnu | 1 Gnulib | 2024-11-21 | N/A |
| The convert_to_decimal function in vasnprintf.c in Gnulib before 2018-09-23 has a heap-based buffer overflow because memory is not allocated for a trailing '\0' character during %f processing. | ||||
| CVE-2018-17937 | 3 Debian, Gpsd Project, Microjson Project | 3 Debian Linux, Gpsd, Microjson | 2024-11-21 | 8.8 High |
| gpsd versions 2.90 to 3.17 and microjson versions 1.0 to 1.3, an open source project, allow a stack-based buffer overflow, which may allow remote attackers to execute arbitrary code on embedded platforms via traffic on Port 2947/TCP or crafted JSON inputs. | ||||
| CVE-2018-17930 | 1 Teledynedalsa | 1 Sherlock | 2024-11-21 | 9.8 Critical |
| A stack-based buffer overflow vulnerability has been identified in Teledyne DALSA Sherlock Version 7.2.7.4 and prior, which may allow remote code execution. | ||||
| CVE-2018-17929 | 1 Deltaww | 1 Tpeditor | 2024-11-21 | 7.8 High |
| In Delta Industrial Automation TPEditor, TPEditor Versions 1.90 and prior, multiple stack-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files lacking user input validation before copying data from project files onto the stack and may allow an attacker to remotely execute arbitrary code. | ||||
| CVE-2018-17916 | 1 Aveva | 3 Edge, Indusoft Web Studio, Intouch Machine Edition 2014 | 2024-11-21 | 9.8 Critical |
| InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI (formerly InTouch Machine Edition) versions prior to 2017 SP2. A remote attacker could send a carefully crafted packet to exploit a stack-based buffer overflow vulnerability during tag, alarm, or event related actions such as read and write, with potential for code to be executed. If InduSoft Web Studio remote communication security was not enabled, or a password was left blank, a remote user could send a carefully crafted packet to invoke an arbitrary process, with potential for code to be executed. The code would be executed under the privileges of the InduSoft Web Studio or InTouch Edge HMI runtime and could lead to a compromise of the InduSoft Web Studio or InTouch Edge HMI server machine. | ||||
| CVE-2018-17911 | 1 Lcds | 1 Laquis Scada | 2024-11-21 | 7.8 High |
| LAquis SCADA Versions 4.1.0.3870 and prior has several stack-based buffer overflow vulnerabilities, which may allow remote code execution. | ||||
| CVE-2018-17910 | 1 Advantech | 1 Webaccess | 2024-11-21 | N/A |
| WebAccess Versions 8.3.2 and prior. The application fails to properly validate the length of user-supplied data, causing a buffer overflow condition that allows for arbitrary remote code execution. | ||||
| CVE-2018-17895 | 1 Lcds | 1 Laquis Scada | 2024-11-21 | N/A |
| LAquis SCADA Versions 4.1.0.3870 and prior has several out-of-bounds read vulnerabilities, which may allow remote code execution. | ||||