Total
7228 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-20570 | 2 Debian, Jasper Project | 2 Debian Linux, Jasper | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| jp2_encode in jp2/jp2_enc.c in JasPer 2.0.14 has a heap-based buffer over-read. | |||||
| CVE-2018-20553 | 1 Broadcom | 1 Tcpreplay | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Tcpreplay before 4.3.1 has a heap-based buffer over-read in get_l2len in common/get.c. | |||||
| CVE-2018-20552 | 1 Broadcom | 1 Tcpreplay | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Tcpreplay before 4.3.1 has a heap-based buffer over-read in packet2tree in tree.c. | |||||
| CVE-2018-20536 | 1 Liblas | 1 Liblas | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| There is a heap-based buffer over-read at liblas::SpatialReference::GetGTIF() (spatialreference.cpp) in libLAS 1.8.1 that will cause a denial of service. | |||||
| CVE-2018-20461 | 1 Radare | 1 Radare2 | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| In radare2 prior to 3.1.1, core_anal_bytes in libr/core/cmd_anal.c allows attackers to cause a denial-of-service (application crash caused by out-of-bounds read) by crafting a binary file. | |||||
| CVE-2018-20459 | 1 Radare | 1 Radare2 | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| In radare2 through 3.1.3, the armass_assemble function in libr/asm/arch/arm/armass.c allows attackers to cause a denial-of-service (application crash by out-of-bounds read) by crafting an arm assembly input because a loop uses an incorrect index in armass.c and certain length validation is missing in armass64.c, a related issue to CVE-2018-20457. | |||||
| CVE-2018-20458 | 1 Radare | 1 Radare2 | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| In radare2 prior to 3.1.1, r_bin_dyldcache_extract in libr/bin/format/mach0/dyldcache.c may allow attackers to cause a denial-of-service (application crash caused by out-of-bounds read) by crafting an input file. | |||||
| CVE-2018-20457 | 1 Radare | 1 Radare2 | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| In radare2 through 3.1.3, the assemble function inside libr/asm/p/asm_arm_cs.c allows attackers to cause a denial-of-service (application crash via an r_num_calc out-of-bounds read) by crafting an arm assembly input because a loop uses an incorrect index in armass.c and certain length validation is missing in armass64.c, a related issue to CVE-2018-20459. | |||||
| CVE-2018-20456 | 1 Radare | 1 Radare2 | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| In radare2 prior to 3.1.1, the parseOperand function inside libr/asm/p/asm_x86_nz.c may allow attackers to cause a denial of service (application crash in libr/util/strbuf.c via a stack-based buffer over-read) by crafting an input file, a related issue to CVE-2018-20455. | |||||
| CVE-2018-20453 | 1 Libdoc Project | 1 Libdoc | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| The getlong function in numutils.c in libdoc through 2017-10-23 has a heap-based buffer over-read that allows attackers to cause a denial of service (application crash) via a crafted file. | |||||
| CVE-2018-20451 | 1 Libdoc Project | 1 Libdoc | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| The process_file function in reader.c in libdoc through 2017-10-23 has a heap-based buffer over-read that allows attackers to cause a denial of service (application crash) via a crafted file. | |||||
| CVE-2018-20430 | 2 Debian, Gnu | 2 Debian Linux, Libextractor | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| GNU Libextractor through 1.8 has an out-of-bounds read vulnerability in the function history_extract() in plugins/ole2_extractor.c, related to EXTRACTOR_common_convert_to_utf8 in common/convert.c. | |||||
| CVE-2018-20409 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Bento4 1.5.1-627. There is a heap-based buffer over-read in AP4_AvccAtom::Create in Core/Ap4AvccAtom.cpp, as demonstrated by mp42hls. | |||||
| CVE-2018-20316 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyDoAction race condition that can cause a stack-based buffer overflow or an out-of-bounds read, a different issue than CVE-2018-20310 because of a different opcode. | |||||
| CVE-2018-20314 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyCheckLicence race condition that can cause a stack-based buffer overflow or an out-of-bounds read. | |||||
| CVE-2018-20313 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyPreviewAction race condition that can cause a stack-based buffer overflow or an out-of-bounds read. | |||||
| CVE-2018-20312 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyDoAction race condition that can cause a stack-based buffer overflow or an out-of-bounds read, a different issue than CVE-2018-20310 because of a different opcode. | |||||
| CVE-2018-20311 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyCPDFAction race condition that can cause a stack-based buffer overflow or an out-of-bounds read. | |||||
| CVE-2018-20310 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyDoAction race condition that can cause a stack-based buffer overflow or an out-of-bounds read. | |||||
| CVE-2018-20309 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyGetAppEdition race condition that can cause a stack-based buffer overflow or an out-of-bounds read. | |||||