Total
322230 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-10779 | 3 Canonical, Libtiff, Redhat | 3 Ubuntu Linux, Libtiff, Enterprise Linux | 2024-11-21 | N/A |
| TIFFWriteScanline in tif_write.c in LibTIFF 3.8.2 has a heap-based buffer over-read, as demonstrated by bmp2tiff. | ||||
| CVE-2018-10778 | 1 Mp3gain | 1 Mp3gain | 2024-11-21 | N/A |
| Read access violation in the III_dequantize_sample function in mpglibDBL/layer3.c in mp3gain through 1.5.2-r2 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact, a different vulnerability than CVE-2017-9872 and CVE-2017-14409. | ||||
| CVE-2018-10777 | 1 Mp3gain | 1 Mp3gain | 2024-11-21 | N/A |
| Buffer overflow in the WriteMP3GainAPETag function in apetag.c in mp3gain through 1.5.2-r2 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. | ||||
| CVE-2018-10776 | 1 Mp3gain | 1 Mp3gain | 2024-11-21 | N/A |
| The getbits function in mpglibDBL/common.c in mp3gain through 1.5.2-r2 allows remote attackers to cause a denial of service (segmentation fault and application crash) or possibly have unspecified other impact. | ||||
| CVE-2018-10775 | 1 Bibutils Project | 1 Bibutils | 2024-11-21 | N/A |
| NULL pointer dereference in the _fields_add function in fields.c in libbibcore.a in bibutils through 6.2 allows remote attackers to cause a denial of service (application crash), as demonstrated by end2xml. | ||||
| CVE-2018-10774 | 1 Bibutils Project | 1 Bibutils | 2024-11-21 | N/A |
| Read access violation in the isiin_keyword function in isiin.c in libbibutils.a in bibutils through 6.2 allows remote attackers to cause a denial of service (application crash), as demonstrated by isi2xml. | ||||
| CVE-2018-10773 | 1 Bibutils Project | 1 Bibutils | 2024-11-21 | N/A |
| NULL pointer deference in the addsn function in serialno.c in libbibcore.a in bibutils through 6.2 allows remote attackers to cause a denial of service (application crash), as demonstrated by copac2xml. | ||||
| CVE-2018-10772 | 2 Exiv2, Redhat | 2 Exiv2, Enterprise Linux | 2024-11-21 | N/A |
| The tEXtToDataBuf function in pngimage.cpp in Exiv2 through 0.26 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file. | ||||
| CVE-2018-10771 | 3 Debian, Fedoraproject, Moinejf | 3 Debian Linux, Fedora, Abcm2ps | 2024-11-21 | 9.8 Critical |
| Stack-based buffer overflow in the get_key function in parse.c in abcm2ps through 8.13.20 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. | ||||
| CVE-2018-10770 | 1 Annigroup | 2 5 In 1 Xvr, 5 In 1 Xvr Firmware | 2024-11-21 | N/A |
| download.rsp on ShenZhen Anni "5 in 1 XVR" devices allows remote attackers to download the configuration (without a login) to discover the password. | ||||
| CVE-2018-10769 | 6 First Project, Gg Token Project, Mesh Project and 3 more | 6 First, Gg Token, Mesh and 3 more | 2024-11-21 | N/A |
| The transferProxy and approveProxy functions of a smart contract implementation for SmartMesh (SMT), an Ethereum ERC20 token, allow attackers to accomplish an unauthorized transfer of digital assets because replay attacks can occur with the same-named functions (with the same signatures) in other tokens: First (FST), GG Token (GG), M2C Mesh Network (MTC), M2C Mesh Network (mesh), and UG Token (UGT). | ||||
| CVE-2018-10768 | 4 Canonical, Debian, Freedesktop and 1 more | 8 Ubuntu Linux, Debian Linux, Poppler and 5 more | 2024-11-21 | N/A |
| There is a NULL pointer dereference in the AnnotPath::getCoordsLength function in Annot.h in an Ubuntu package for Poppler 0.24.5. A crafted input will lead to a remote denial of service attack. Later Ubuntu packages such as for Poppler 0.41.0 are not affected. | ||||
| CVE-2018-10767 | 2 Gnome, Redhat | 6 Libgxps, Ansible Tower, Enterprise Linux and 3 more | 2024-11-21 | N/A |
| There is a stack-based buffer over-read in calling GLib in the function gxps_images_guess_content_type of gxps-images.c in libgxps through 0.3.0 because it does not reject negative return values from a g_input_stream_read call. A crafted input will lead to a remote denial of service attack. | ||||
| CVE-2018-10763 | 1 Synametrics | 1 Synaman | 2024-11-21 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Synametrics SynaMan 4.0 build 1488 via the (1) Main heading or (2) Sub heading fields in the Partial Branding configuration page. | ||||
| CVE-2018-10760 | 1 Projectpier | 1 Projectpier | 2024-11-21 | N/A |
| Unrestricted file upload vulnerability in the Files plugin in ProjectPier 0.88 and earlier allows remote authenticated users to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request to the file in the tmp directory under the document root. | ||||
| CVE-2018-10759 | 1 Projectpier | 1 Projectpier | 2024-11-21 | 9.8 Critical |
| PHP remote file inclusion vulnerability in public/patch/patch.php in Project Pier 0.8.8 and earlier allows remote attackers to execute arbitrary commands or SQL statements via the id parameter. | ||||
| CVE-2018-10758 | 1 Datenstrom | 1 Yellow | 2024-11-21 | N/A |
| The edit/ URI in Datenstrom Yellow 0.7.3 has CSRF via a delete action that can delete articles. | ||||
| CVE-2018-10757 | 1 Csp Mysql User Manager Project | 1 Csp Mysql User Manager | 2024-11-21 | N/A |
| CSP MySQL User Manager 2.3.1 allows SQL injection, and resultant Authentication Bypass, via a crafted username during a login attempt. | ||||
| CVE-2018-10756 | 3 Debian, Fedoraproject, Transmissionbt | 3 Debian Linux, Fedora, Transmission | 2024-11-21 | 7.8 High |
| Use-after-free in libtransmission/variant.c in Transmission before 3.00 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted torrent file. | ||||
| CVE-2018-10753 | 3 Debian, Fedoraproject, Moinejf | 3 Debian Linux, Fedora, Abcm2ps | 2024-11-21 | 9.8 Critical |
| Stack-based buffer overflow in the delayed_output function in music.c in abcm2ps through 8.13.20 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. | ||||