Total
8530 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-14532 | 1 Axiosys | 1 Bento4 | 2024-11-21 | N/A |
| An issue was discovered in Bento4 1.5.1-624. There is a heap-based buffer over-read in AP4_Mpeg2TsVideoSampleStream::WriteSample in Core/Ap4Mpeg2Ts.cpp after a call from Mp42Hls.cpp, a related issue to CVE-2018-13846. | ||||
| CVE-2018-14523 | 3 Aubio, Opensuse, Suse | 3 Aubio, Leap, Linux Enterprise | 2024-11-21 | N/A |
| An issue was discovered in aubio 0.4.6. A buffer over-read can occur in new_aubio_pitchyinfft in pitch/pitchyinfft.c, as demonstrated by aubionotes. | ||||
| CVE-2018-14498 | 6 Debian, Fedoraproject, Libjpeg-turbo and 3 more | 6 Debian Linux, Fedora, Libjpeg-turbo and 3 more | 2024-11-21 | N/A |
| get_8bit_row in rdbmp.c in libjpeg-turbo through 1.5.90 and MozJPEG through 3.3.1 allows attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted 8-bit BMP in which one or more of the color indices is out of range for the number of palette entries. | ||||
| CVE-2018-14469 | 7 Apple, Debian, F5 and 4 more | 7 Mac Os X, Debian Linux, Traffix Signaling Delivery Controller and 4 more | 2024-11-21 | 7.5 High |
| The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print(). | ||||
| CVE-2018-14466 | 6 Apple, Debian, Fedoraproject and 3 more | 6 Mac Os X, Debian Linux, Fedora and 3 more | 2024-11-21 | 7.5 High |
| The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert(). | ||||
| CVE-2018-14465 | 7 Apple, Debian, F5 and 4 more | 7 Mac Os X, Debian Linux, Traffix Signaling Delivery Controller and 4 more | 2024-11-21 | 7.5 High |
| The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print(). | ||||
| CVE-2018-14464 | 6 Apple, Debian, Fedoraproject and 3 more | 6 Mac Os X, Debian Linux, Fedora and 3 more | 2024-11-21 | 7.5 High |
| The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs(). | ||||
| CVE-2018-14463 | 7 Apple, Debian, F5 and 4 more | 7 Mac Os X, Debian Linux, Traffix Signaling Delivery Controller and 4 more | 2024-11-21 | 7.5 High |
| The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 2, a different vulnerability than CVE-2019-15167. | ||||
| CVE-2018-14460 | 1 Hdfgroup | 1 Hdf5 | 2024-11-21 | N/A |
| An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_sdspace_decode in H5Osdspace.c. | ||||
| CVE-2018-14454 | 1 Linuxsampler | 1 Libgig | 2024-11-21 | N/A |
| An issue was discovered in libgig 4.1.0. There is an out-of-bounds read in the function RIFF::Chunk::Read in RIFF.cpp. | ||||
| CVE-2018-14452 | 1 Linuxsampler | 1 Libgig | 2024-11-21 | N/A |
| An issue was discovered in libgig 4.1.0. There is an out-of-bounds read in the "always assign the sample of the first dimension region of this region" feature of the function gig::Region::UpdateChunks in gig.cpp. | ||||
| CVE-2018-14450 | 1 Linuxsampler | 1 Libgig | 2024-11-21 | N/A |
| An issue was discovered in libgig 4.1.0. There is an out-of-bounds read in the "update dimension region's chunks" feature of the function gig::Region::UpdateChunks in gig.cpp. | ||||
| CVE-2018-14449 | 1 Linuxsampler | 1 Libgig | 2024-11-21 | N/A |
| An issue was discovered in libgig 4.1.0. There is an out of bounds read in gig::File::UpdateChunks in gig.cpp. | ||||
| CVE-2018-14447 | 2 Debian, Libconfuse Project | 2 Debian Linux, Libconfuse | 2024-11-21 | N/A |
| trim_whitespace in lexer.l in libConfuse v3.2.1 has an out-of-bounds read. | ||||
| CVE-2018-14444 | 1 Libdxfrw Project | 1 Libdxfrw | 2024-11-21 | N/A |
| libdxfrw 0.6.3 has an Integer Overflow in dwgCompressor::decompress18 in dwgutil.cpp, leading to an out-of-bounds read and application crash. | ||||
| CVE-2018-14401 | 1 Axml Parser Project | 1 Axml Parser | 2024-11-21 | N/A |
| CopyData in AxmlParser.c in AXML Parser through 2018-01-04 has an out-of-bounds read. | ||||
| CVE-2018-14370 | 1 Wireshark | 1 Wireshark | 2024-11-21 | N/A |
| In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the IEEE 802.11 protocol dissector could crash. This was addressed in epan/crypt/airpdcap.c via bounds checking that prevents a buffer over-read. | ||||
| CVE-2018-14344 | 1 Wireshark | 1 Wireshark | 2024-11-21 | N/A |
| In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ISMP dissector could crash. This was addressed in epan/dissectors/packet-ismp.c by validating the IPX address length to avoid a buffer over-read. | ||||
| CVE-2018-14340 | 3 Debian, Redhat, Wireshark | 3 Debian Linux, Enterprise Linux, Wireshark | 2024-11-21 | N/A |
| In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, dissectors that support zlib decompression could crash. This was addressed in epan/tvbuff_zlib.c by rejecting negative lengths to avoid a buffer over-read. | ||||
| CVE-2018-14316 | 2 Foxitsoftware, Microsoft | 3 Foxit Reader, Phantompdf, Windows | 2024-11-21 | N/A |
| This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of PDF documents. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6351. | ||||