Total
11158 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-11314 | 1 Roku | 2 Roku, Roku Firmware | 2024-11-21 | 9.3 HIGH | 9.6 CRITICAL |
| The External Control API in Roku and Roku TV products allow unauthorized access via a DNS Rebind attack. This can result in remote device control and privileged device and network information to be exfiltrated by an attacker. | |||||
| CVE-2018-11302 | 1 Google | 1 Android | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check of input received from userspace before copying into buffer can lead to potential array overflow in WLAN. | |||||
| CVE-2018-11294 | 1 Google | 1 Android | 2024-11-21 | 5.8 MEDIUM | 8.0 HIGH |
| In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, WLAN handler indication from the firmware gets the information for 4 access categories. While processing this information only the first 3 AC information is copied due to the improper conditional logic used to compare with the max number of categories. | |||||
| CVE-2018-11287 | 1 Qualcomm | 58 Mdm9206, Mdm9206 Firmware, Mdm9607 and 55 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016, incorrect control flow implementation in Video while checking buffer sufficiency. | |||||
| CVE-2018-11280 | 1 Google | 1 Android | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing user-space there is no size validation of the NAT entry input. If the user input size of the NAT entry is greater than the max allowed size, memory exhaustion will occur. | |||||
| CVE-2018-11266 | 1 Google | 1 Android | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper input validation can lead to an improper access to already freed up dci client entries while closing dci client. | |||||
| CVE-2018-11232 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| The etm_setup_aux function in drivers/hwtracing/coresight/coresight-etm-perf.c in the Linux kernel before 4.10.2 allows attackers to cause a denial of service (panic) because a parameter is incorrectly used as a local variable. | |||||
| CVE-2018-11222 | 1 Artica | 1 Pandora Fms | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Local File Inclusion (LFI) in Artica Pandora FMS through version 7.23 allows an attacker to call any php file via the /pandora_console/ajax.php ajax endpoint. | |||||
| CVE-2018-11071 | 1 Emc | 2 Isilon Onefs, Isilonsd Edge | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Dell EMC Isilon OneFS versions 7.1.1.x, 7.2.1.x, 8.0.0.x, 8.0.1.x, 8.1.0.x and 8.1.x prior to 8.1.2 and Dell EMC IsilonSD Edge versions 8.0.0.x, 8.0.1.x, 8.1.0.x and 8.1.x prior to 8.1.2 contain a remote process crash vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to crash the isi_drive_d process by sending specially crafted input data to the affected system. This process will then be restarted. | |||||
| CVE-2018-11046 | 1 Pivotal Software | 1 Operations Manager | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Pivotal Operations Manager, versions 2.1.x prior to 2.1.6 and version 2.0.14, includes NGINX packages that lacks security vulnerability patches. An attacker with access to the NGINX processes and knowledge of how to exploit the unpatched vulnerabilities may be able to impact Operations Manager | |||||
| CVE-2018-11044 | 1 Pivotal Software | 1 Pivotal Application Service | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Pivotal Apps Manager included in Pivotal Application Service, versions 2.2.x prior to 2.2.1 and 2.1.x prior to 2.1.8 and 2.0.x prior to 2.0.17 and 1.12.x prior to 1.12.26, does not escape all user-provided content when sending invitation emails. A malicious authenticated user can inject content into an invite to another user, exploiting the trust implied by the source of the email. | |||||
| CVE-2018-11035 | 1 2345.cc | 1 Security Guard | 2024-11-21 | 6.1 MEDIUM | 7.8 HIGH |
| In 2345 Security Guard 3.7, the driver file (2345NsProtect.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x80002019. | |||||
| CVE-2018-11034 | 1 2345.cc | 1 Security Guard | 2024-11-21 | 6.1 MEDIUM | 7.8 HIGH |
| In 2345 Security Guard 3.7, the driver file (2345NsProtect.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x8000200D. | |||||
| CVE-2018-10995 | 2 Debian, Schedmd | 2 Debian Linux, Slurm | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| SchedMD Slurm before 17.02.11 and 17.1x.x before 17.11.7 mishandles user names (aka user_name fields) and group ids (aka gid fields). | |||||
| CVE-2018-10977 | 1 2345.cc | 1 Security Guard | 2024-11-21 | 6.1 MEDIUM | 7.8 HIGH |
| In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x002220E4. | |||||
| CVE-2018-10976 | 1 2345.cc | 1 Security Guard | 2024-11-21 | 6.1 MEDIUM | 7.8 HIGH |
| In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x00222050. | |||||
| CVE-2018-10975 | 1 2345.cc | 1 Security Guard | 2024-11-21 | 6.1 MEDIUM | 7.8 HIGH |
| In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x00222104. | |||||
| CVE-2018-10974 | 1 2345.cc | 1 Security Guard | 2024-11-21 | 6.1 MEDIUM | 7.8 HIGH |
| In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x00222100. | |||||
| CVE-2018-10955 | 1 2345 Security Guard Project | 1 2345 Security Guard | 2024-11-21 | 6.1 MEDIUM | 7.8 HIGH |
| In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x00222548. | |||||
| CVE-2018-10954 | 1 2345 Security Guard Project | 1 2345 Security Guard | 2024-11-21 | 6.1 MEDIUM | 7.8 HIGH |
| In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x00222550. | |||||