Total
324387 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-11383 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A |
| The r_strbuf_fini() function in radare2 2.5.0 allows remote attackers to cause a denial of service (invalid free and application crash) via a crafted ELF file because of an uninitialized variable in the CPSE handler in libr/anal/p/anal_avr.c. | ||||
| CVE-2018-11382 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A |
| The _inst__sts() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file. | ||||
| CVE-2018-11381 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A |
| The string_scan_range() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file. | ||||
| CVE-2018-11380 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A |
| The parse_import_ptr() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted Mach-O file. | ||||
| CVE-2018-11379 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A |
| The get_debug_info() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted PE file. | ||||
| CVE-2018-11378 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A |
| The wasm_dis() function in libr/asm/arch/wasm/wasm.c in or possibly have unspecified other impact via a crafted WASM file. | ||||
| CVE-2018-11377 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A |
| The avr_op_analyze() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file. | ||||
| CVE-2018-11376 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A |
| The r_read_le32() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted ELF file. | ||||
| CVE-2018-11375 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A |
| The _inst__lds() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file. | ||||
| CVE-2018-11373 | 1 Iscripts | 1 Eswap | 2024-11-21 | N/A |
| iScripts eSwap v2.4 has SQL injection via the "salelistdetailed.php" User Panel ToId parameter. | ||||
| CVE-2018-11372 | 1 Iscripts | 1 Eswap | 2024-11-21 | N/A |
| iScripts eSwap v2.4 has SQL injection via the wishlistdetailed.php User Panel ToId parameter. | ||||
| CVE-2018-11371 | 1 Skycaiji | 1 Skycaiji | 2024-11-21 | N/A |
| SkyCaiji 1.2 allows CSRF to add an Administrator user. | ||||
| CVE-2018-11369 | 1 Pbootcms | 1 Pbootcms | 2024-11-21 | N/A |
| An issue was discovered in PbootCMS v1.0.9. There is a SQL Injection that can get important information from the database via the \apps\home\controller\ParserController.php scode parameter. | ||||
| CVE-2018-11367 | 1 Cppcms | 1 Cppcms | 2024-11-21 | N/A |
| An issue was discovered in CppCMS before 1.2.1. There is a denial of service in the JSON parser module. | ||||
| CVE-2018-11366 | 1 Loginizer | 1 Loginizer | 2024-11-21 | N/A |
| init.php in the Loginizer plugin 1.3.8 through 1.3.9 for WordPress has Unauthenticated Stored Cross-Site Scripting (XSS) because logging is mishandled. This is fixed in 1.4.0. | ||||
| CVE-2018-11365 | 1 Wizardmac | 1 Readstat | 2024-11-21 | N/A |
| sas/readstat_sas7bcat_read.c in libreadstat.a in ReadStat 0.1.1 has an infinite loop. | ||||
| CVE-2018-11364 | 1 Wizardmac | 1 Readstat | 2024-11-21 | N/A |
| sav_parse_machine_integer_info_record in spss/readstat_sav_read.c in libreadstat.a in ReadStat 0.1.1 has a memory leak related to an iconv_open call. | ||||
| CVE-2018-11363 | 1 Pdfgen | 1 Pdfgen | 2024-11-21 | N/A |
| jpeg_size in pdfgen.c in PDFGen before 2018-04-09 has a heap-based buffer over-read. | ||||
| CVE-2018-11362 | 3 Debian, Redhat, Wireshark | 3 Debian Linux, Enterprise Linux, Wireshark | 2024-11-21 | N/A |
| In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by avoiding a buffer over-read upon encountering a missing '\0' character. | ||||
| CVE-2018-11361 | 1 Wireshark | 1 Wireshark | 2024-11-21 | N/A |
| In Wireshark 2.6.0, the IEEE 802.11 protocol dissector could crash. This was addressed in epan/crypt/dot11decrypt.c by avoiding a buffer overflow during FTE processing in Dot11DecryptTDLSDeriveKey. | ||||