Total
12890 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-21010 | 2 Debian, Uclouvain | 2 Debian Linux, Openjpeg | 2024-11-21 | 8.8 High |
| OpenJPEG before 2.3.1 has a heap buffer overflow in color_apply_icc_profile in bin/common/color.c. | ||||
| CVE-2018-20819 | 1 Dropbox | 1 Lepton | 2024-11-21 | N/A |
| io/ZlibCompression.cc in the decompression component in Dropbox Lepton 1.2.1 allows attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact by crafting a jpg image file. The root cause is a missing check of header payloads that may be (incorrectly) larger than the maximum file size. | ||||
| CVE-2018-20763 | 3 Canonical, Debian, Gpac Project | 3 Ubuntu Linux, Debian Linux, Gpac | 2024-11-21 | N/A |
| In GPAC 0.7.1 and earlier, gf_text_get_utf8_line in media_tools/text_import.c in libgpac_static.a allows an out-of-bounds write because of missing szLineConv bounds checking. | ||||
| CVE-2018-20760 | 3 Canonical, Debian, Gpac | 3 Ubuntu Linux, Debian Linux, Gpac | 2024-11-21 | N/A |
| In GPAC 0.7.1 and earlier, gf_text_get_utf8_line in media_tools/text_import.c in libgpac_static.a allows an out-of-bounds write because a certain -1 return value is mishandled. | ||||
| CVE-2018-20750 | 4 Canonical, Debian, Libvnc Project and 1 more | 15 Ubuntu Linux, Debian Linux, Libvncserver and 12 more | 2024-11-21 | 9.8 Critical |
| LibVNC through 0.9.12 contains a heap out-of-bounds write vulnerability in libvncserver/rfbserver.c. The fix for CVE-2018-15127 was incomplete. | ||||
| CVE-2018-20749 | 4 Canonical, Debian, Libvnc Project and 1 more | 15 Ubuntu Linux, Debian Linux, Libvncserver and 12 more | 2024-11-21 | 9.8 Critical |
| LibVNC before 0.9.12 contains a heap out-of-bounds write vulnerability in libvncserver/rfbserver.c. The fix for CVE-2018-15127 was incomplete. | ||||
| CVE-2018-20748 | 4 Canonical, Debian, Libvnc Project and 1 more | 15 Ubuntu Linux, Debian Linux, Libvncserver and 12 more | 2024-11-21 | 9.8 Critical |
| LibVNC before 0.9.12 contains multiple heap out-of-bounds write vulnerabilities in libvncclient/rfbproto.c. The fix for CVE-2018-20019 was incomplete. | ||||
| CVE-2018-20742 | 1 Ucbrise | 1 Opaque | 2024-11-21 | N/A |
| An issue was discovered in UC Berkeley RISE Opaque before 2018-12-01. There is no boundary check on ocall_malloc. The return value could be a pointer to enclave memory. It could cause an arbitrary enclave memory write. | ||||
| CVE-2018-20673 | 2 Gnu, Redhat | 2 Binutils, Enterprise Linux | 2024-11-21 | N/A |
| The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow vulnerability (for "Create an array for saving the template argument values") that can trigger a heap-based buffer overflow, as demonstrated by nm. | ||||
| CVE-2018-20671 | 1 Gnu | 1 Binutils | 2024-11-21 | N/A |
| load_specific_debug_section in objdump.c in GNU Binutils through 2.31.1 contains an integer overflow vulnerability that can trigger a heap-based buffer overflow via a crafted section size. | ||||
| CVE-2018-20655 | 1 Whatsapp | 1 Whatsapp | 2024-11-21 | 9.8 Critical |
| When receiving calls using WhatsApp for iOS, a missing size check when parsing a sender-provided packet allowed for a stack-based overflow. This issue affects WhatsApp for iOS prior to v2.18.90.24 and WhatsApp Business for iOS prior to v2.18.90.24. | ||||
| CVE-2018-20617 | 1 Ok-file-formats Project | 1 Ok-file-formats | 2024-11-21 | N/A |
| ok-file-formats through 2018-10-16 has a heap-based buffer overflow in the ok_csv_decode2 function in ok_csv.c. | ||||
| CVE-2018-20616 | 1 Ok-file-formats Project | 1 Ok-file-formats | 2024-11-21 | N/A |
| ok-file-formats through 2018-10-16 has a heap-based buffer overflow in the ok_wav_decode_ms_adpcm_data function in ok_wav.c. | ||||
| CVE-2018-20593 | 2 Fedoraproject, Msweet | 2 Fedora, Mini-xml | 2024-11-21 | N/A |
| In Mini-XML (aka mxml) v2.12, there is stack-based buffer overflow in the scan_file function in mxmldoc.c. | ||||
| CVE-2018-20579 | 1 Contiki-ng Project | 1 Contiki-ng | 2024-11-21 | N/A |
| Contiki-NG before 4.2 has a stack-based buffer overflow in the push function in os/lib/json/jsonparse.c that allows an out-of-bounds write of an '{' or '[' character. | ||||
| CVE-2018-20541 | 1 Libxsmm Project | 1 Libxsmm | 2024-11-21 | N/A |
| There is a heap-based buffer overflow in libxsmm_sparse_csc_reader at generator_spgemm_csc_reader.c in LIBXSMM 1.10, a different vulnerability than CVE-2018-20542 (which is in a different part of the source code and is seen at different addresses). | ||||
| CVE-2018-20460 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A |
| In radare2 prior to 3.1.2, the parseOperands function in libr/asm/arch/arm/armass64.c allows attackers to cause a denial-of-service (application crash caused by stack-based buffer overflow) by crafting an input file. | ||||
| CVE-2018-20455 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A |
| In radare2 prior to 3.1.1, the parseOperand function inside libr/asm/p/asm_x86_nz.c may allow attackers to cause a denial of service (application crash via a stack-based buffer overflow) by crafting an input file, a related issue to CVE-2018-20456. | ||||
| CVE-2018-20410 | 1 Wellintech | 1 Kingscada | 2024-11-21 | N/A |
| WellinTech KingSCADA before 3.7.0.0.1 contains a stack-based buffer overflow. The vulnerability is triggered when sending a specially crafted packet to the AlarmServer (AEserver.exe) service listening on TCP port 12401. | ||||
| CVE-2018-20376 | 1 Tinycc | 1 Tinycc | 2024-11-21 | N/A |
| An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. Compiling a crafted source file leads to an 8 byte out of bounds write in the asm_parse_directive function in tccasm.c. | ||||