Export limit exceeded: 42539 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (42539 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-11379 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A |
| The get_debug_info() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted PE file. | ||||
| CVE-2018-11378 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A |
| The wasm_dis() function in libr/asm/arch/wasm/wasm.c in or possibly have unspecified other impact via a crafted WASM file. | ||||
| CVE-2018-11377 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A |
| The avr_op_analyze() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file. | ||||
| CVE-2018-11376 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A |
| The r_read_le32() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted ELF file. | ||||
| CVE-2018-11375 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A |
| The _inst__lds() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file. | ||||
| CVE-2018-11363 | 1 Pdfgen | 1 Pdfgen | 2024-11-21 | N/A |
| jpeg_size in pdfgen.c in PDFGen before 2018-04-09 has a heap-based buffer over-read. | ||||
| CVE-2018-11362 | 3 Debian, Redhat, Wireshark | 3 Debian Linux, Enterprise Linux, Wireshark | 2024-11-21 | N/A |
| In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by avoiding a buffer over-read upon encountering a missing '\0' character. | ||||
| CVE-2018-11361 | 1 Wireshark | 1 Wireshark | 2024-11-21 | N/A |
| In Wireshark 2.6.0, the IEEE 802.11 protocol dissector could crash. This was addressed in epan/crypt/dot11decrypt.c by avoiding a buffer overflow during FTE processing in Dot11DecryptTDLSDeriveKey. | ||||
| CVE-2018-11360 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2024-11-21 | N/A |
| In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the GSM A DTAP dissector could crash. This was addressed in epan/dissectors/packet-gsm_a_dtap.c by fixing an off-by-one error that caused a buffer overflow. | ||||
| CVE-2018-11359 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2024-11-21 | N/A |
| In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the RRC dissector and other dissectors could crash. This was addressed in epan/proto.c by avoiding a NULL pointer dereference. | ||||
| CVE-2018-11356 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2024-11-21 | N/A |
| In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the DNS dissector could crash. This was addressed in epan/dissectors/packet-dns.c by avoiding a NULL pointer dereference for an empty name in an SRV record. | ||||
| CVE-2018-11355 | 1 Wireshark | 1 Wireshark | 2024-11-21 | N/A |
| In Wireshark 2.6.0, the RTCP dissector could crash. This was addressed in epan/dissectors/packet-rtcp.c by avoiding a buffer overflow for packet status chunks. | ||||
| CVE-2018-11354 | 1 Wireshark | 1 Wireshark | 2024-11-21 | N/A |
| In Wireshark 2.6.0, the IEEE 1905.1a dissector could crash. This was addressed in epan/dissectors/packet-ieee1905.c by making a certain correction to string handling. | ||||
| CVE-2018-11347 | 1 Yunohost | 1 Yunohost | 2024-11-21 | N/A |
| The YunoHost 2.7.2 through 2.7.14 web application is affected by one HTTP Response Header Injection. This flaw allows an attacker to inject, into the response from the server, one or several HTTP Header. It requires an interaction with the user to send him the malicious link. It could be used to perform other attacks such as user redirection to a malicious website, HTTP response splitting, or HTTP cache poisoning. | ||||
| CVE-2018-11335 | 1 Genesis Vision | 1 Gvtoken | 2024-11-21 | N/A |
| GVToken Genesis Vision (GVT) is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner. | ||||
| CVE-2018-11304 | 1 Google | 1 Android | 2024-11-21 | N/A |
| Possible buffer overflow in msm_adsp_stream_callback_put due to lack of input validation of user-provided data that leads to integer overflow in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel. | ||||
| CVE-2018-11301 | 1 Google | 1 Android | 2024-11-21 | N/A |
| In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check on buffer length while processing debug log event from firmware can lead to an integer overflow. | ||||
| CVE-2018-11299 | 1 Google | 1 Android | 2024-11-21 | N/A |
| In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, when WLAN FW has not filled the vdev id correctly in stats events then WLAN host driver tries to access interface array without proper bound check which can lead to invalid memory access and as a side effect kernel panic or page fault. | ||||
| CVE-2018-11298 | 1 Google | 1 Android | 2024-11-21 | N/A |
| In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing SET_PASSPOINT_LIST vendor command HDD does not make sure that the realm string that gets passed by upper-layer is NULL terminated. This may lead to buffer overflow as strlen is used to get realm string length to construct the PASSPOINT WMA command. | ||||
| CVE-2018-11297 | 1 Google | 1 Android | 2024-11-21 | N/A |
| In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, a buffer over-read can occur In the WMA NDP event handler functions due to lack of validation of input value event_info which is received from FW. | ||||