Total
3389 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-18700 | 1 Gnu | 1 Binutils | 2024-11-21 | N/A |
| An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions d_name(), d_encoding(), and d_local_name() in cp-demangle.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via an ELF file, as demonstrated by nm. | ||||
| CVE-2018-18544 | 4 Graphicsmagick, Imagemagick, Opensuse and 1 more | 4 Graphicsmagick, Imagemagick, Leap and 1 more | 2024-11-21 | N/A |
| There is a memory leak in the function WriteMSLImage of coders/msl.c in ImageMagick 7.0.8-13 Q16, and the function ProcessMSLScript of coders/msl.c in GraphicsMagick before 1.3.31. | ||||
| CVE-2018-18484 | 1 Gnu | 1 Binutils | 2024-11-21 | N/A |
| An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there is a stack consumption problem caused by recursive stack frames: cplus_demangle_type, d_bare_function_type, d_function_type. | ||||
| CVE-2018-18483 | 1 Gnu | 1 Binutils | 2024-11-21 | N/A |
| The get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service (malloc called with the result of an integer-overflowing calculation) or possibly have unspecified other impact via a crafted string, as demonstrated by c++filt. | ||||
| CVE-2018-18020 | 1 Qpdf Project | 1 Qpdf | 2024-11-21 | N/A |
| In QPDF 8.2.1, in libqpdf/QPDFWriter.cc, QPDFWriter::unparseObject and QPDFWriter::unparseChild have recursive calls for a long time, which allows remote attackers to cause a denial of service via a crafted PDF file. | ||||
| CVE-2018-18016 | 2 Imagemagick, Redhat | 2 Imagemagick, Enterprise Linux | 2024-11-21 | N/A |
| ImageMagick 7.0.7-28 has a memory leak vulnerability in WritePCXImage in coders/pcx.c. | ||||
| CVE-2018-17985 | 1 Gnu | 1 Binutils | 2024-11-21 | N/A |
| An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption problem caused by the cplus_demangle_type function making recursive calls to itself in certain scenarios involving many 'P' characters. | ||||
| CVE-2018-17977 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A |
| The Linux kernel 4.14.67 mishandles certain interaction among XFRM Netlink messages, IPPROTO_AH packets, and IPPROTO_IP packets, which allows local users to cause a denial of service (memory consumption and system hang) by leveraging root access to execute crafted applications, as demonstrated on CentOS 7. | ||||
| CVE-2018-17967 | 2 Imagemagick, Redhat | 2 Imagemagick, Enterprise Linux | 2024-11-21 | N/A |
| ImageMagick 7.0.7-28 has a memory leak vulnerability in ReadBGRImage in coders/bgr.c. | ||||
| CVE-2018-17966 | 2 Imagemagick, Redhat | 2 Imagemagick, Enterprise Linux | 2024-11-21 | N/A |
| ImageMagick 7.0.7-28 has a memory leak vulnerability in WritePDBImage in coders/pdb.c. | ||||
| CVE-2018-17965 | 1 Imagemagick | 1 Imagemagick | 2024-11-21 | N/A |
| ImageMagick 7.0.7-28 has a memory leak vulnerability in WriteSGIImage in coders/sgi.c. | ||||
| CVE-2018-17898 | 1 Yokogawa | 8 Fcj, Fcj Firmware, Fcn-100 and 5 more | 2024-11-21 | N/A |
| Yokogawa STARDOM Controllers FCJ,FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The controller application fails to prevent memory exhaustion by unauthorized requests. This could allow an attacker to cause the controller to become unstable. | ||||
| CVE-2018-17581 | 4 Canonical, Debian, Exiv2 and 1 more | 7 Ubuntu Linux, Debian Linux, Exiv2 and 4 more | 2024-11-21 | 6.5 Medium |
| CiffDirectory::readDirectory() at crwimage_int.cpp in Exiv2 0.26 has excessive stack consumption due to a recursive function, leading to Denial of service. | ||||
| CVE-2018-17437 | 1 Hdfgroup | 1 Hdf5 | 2024-11-21 | N/A |
| Memory leak in the H5O_dtype_decode_helper() function in H5Odtype.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (memory consumption) via a crafted HDF5 file. | ||||
| CVE-2018-17281 | 2 Debian, Digium | 3 Debian Linux, Asterisk, Certified Asterisk | 2024-11-21 | N/A |
| There is a stack consumption vulnerability in the res_http_websocket.so module of Asterisk through 13.23.0, 14.7.x through 14.7.7, and 15.x through 15.6.0 and Certified Asterisk through 13.21-cert2. It allows an attacker to crash Asterisk via a specially crafted HTTP request to upgrade the connection to a websocket. | ||||
| CVE-2018-17234 | 1 Hdfgroup | 1 Hdf5 | 2024-11-21 | N/A |
| Memory leak in the H5O__chunk_deserialize() function in H5Ocache.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (memory consumption) via a crafted HDF5 file. | ||||
| CVE-2018-17189 | 7 Apache, Canonical, Debian and 4 more | 14 Http Server, Ubuntu Linux, Debian Linux and 11 more | 2024-11-21 | 5.3 Medium |
| In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only HTTP/2 (mod_http2) connections. | ||||
| CVE-2018-17159 | 1 Freebsd | 1 Freebsd | 2024-11-21 | N/A |
| In FreeBSD before 11.2-STABLE(r340854) and 11.2-RELEASE-p5, the NFS server lacks a bounds check in the READDIRPLUS NFS request. Unprivileged remote users with access to the NFS server can cause a resource exhaustion by forcing the server to allocate an arbitrarily large memory allocation. | ||||
| CVE-2018-17145 | 7 Bcoin, Bitcoin, Bitcoinknots and 4 more | 7 Bcoin, Bitcoin Core, Bitcoin Knots and 4 more | 2024-11-21 | 7.5 High |
| Bitcoin Core 0.16.x before 0.16.2 and Bitcoin Knots 0.16.x before 0.16.2 allow remote denial of service via a flood of multiple transaction inv messages with random hashes, aka INVDoS. NOTE: this can also affect other cryptocurrencies, e.g., if they were forked from Bitcoin Core after 2017-11-15. | ||||
| CVE-2018-16949 | 2 Debian, Openafs | 2 Debian Linux, Openafs | 2024-11-21 | N/A |
| An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8.2. Several data types used as RPC input variables were implemented as unbounded array types, limited only by the inherent 32-bit length field to 4 GB. An unauthenticated attacker could send, or claim to send, large input values and consume server resources waiting for those inputs, denying service to other valid connections. | ||||