Total
9113 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-14346 | 2 Debian, Gnu | 2 Debian Linux, Libextractor | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| GNU Libextractor before 1.7 has a stack-based buffer overflow in ec_read_file_func (unzip.c). | |||||
| CVE-2018-14343 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ASN.1 BER dissector could crash. This was addressed in epan/dissectors/packet-ber.c by ensuring that length values do not exceed the maximum signed integer. | |||||
| CVE-2018-14342 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the BGP protocol dissector could go into a large loop. This was addressed in epan/dissectors/packet-bgp.c by validating Path Attribute lengths. | |||||
| CVE-2018-14341 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the DICOM dissector could go into a large or infinite loop. This was addressed in epan/dissectors/packet-dcm.c by preventing an offset overflow. | |||||
| CVE-2018-14340 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, dissectors that support zlib decompression could crash. This was addressed in epan/tvbuff_zlib.c by rejecting negative lengths to avoid a buffer over-read. | |||||
| CVE-2018-14339 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the MMSE dissector could go into an infinite loop. This was addressed in epan/proto.c by adding offset and length validation. | |||||
| CVE-2018-14337 | 2 Debian, Mruby | 2 Debian Linux, Mruby | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The CHECK macro in mrbgems/mruby-sprintf/src/sprintf.c in mruby 1.4.1 contains a signed integer overflow, possibly leading to out-of-bounds memory access because the mrb_str_resize function in string.c does not check for a negative length. | |||||
| CVE-2018-14056 | 2 Debian, Znc | 2 Debian Linux, Znc | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| ZNC before 1.7.1-rc1 is prone to a path traversal flaw via ../ in a web skin name to access files outside of the intended skins directories. | |||||
| CVE-2018-14055 | 2 Debian, Znc | 2 Debian Linux, Znc | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| ZNC before 1.7.1-rc1 does not properly validate untrusted lines coming from the network, allowing a non-admin user to escalate his privilege and inject rogue values into znc.conf. | |||||
| CVE-2018-14040 | 2 Debian, Getbootstrap | 2 Debian Linux, Bootstrap | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute. | |||||
| CVE-2018-13988 | 4 Canonical, Debian, Freedesktop and 1 more | 8 Ubuntu Linux, Debian Linux, Poppler and 5 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Poppler through 0.62 contains an out of bounds read vulnerability due to an incorrect memory access that is not mapped in its memory space, as demonstrated by pdfunite. This can result in memory corruption and denial of service. This may be exploitable when a victim opens a specially crafted PDF file. | |||||
| CVE-2018-13982 | 2 Debian, Smarty | 2 Debian Linux, Smarty | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Smarty_Security::isTrustedResourceDir() in Smarty before 3.1.33 is prone to a path traversal vulnerability due to insufficient template code sanitization. This allows attackers controlling the executed template code to bypass the trusted directory security restriction and read arbitrary files. | |||||
| CVE-2018-13406 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| An integer overflow in the uvesafb_setcmap function in drivers/video/fbdev/uvesafb.c in the Linux kernel before 4.17.4 could result in local attackers being able to crash the kernel or potentially elevate privileges because kmalloc_array is not used. | |||||
| CVE-2018-13405 | 6 Canonical, Debian, F5 and 3 more | 27 Ubuntu Linux, Debian Linux, Big-ip Access Policy Manager and 24 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the non-member can trigger creation of a plain file whose group ownership is that group. The intended behavior was that the non-member can trigger creation of a directory (but not a plain file) whose group ownership is that group. The non-member can escalate privileges by making the plain file executable and SGID. | |||||
| CVE-2018-13302 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| In FFmpeg 4.0.1, improper handling of frame types (other than EAC3_FRAME_TYPE_INDEPENDENT) that have multiple independent substreams in the handle_eac3 function in libavformat/movenc.c may trigger an out-of-array access while converting a crafted AVI file to MPEG4, leading to a denial of service or possibly unspecified other impact. | |||||
| CVE-2018-13300 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2024-11-21 | 5.8 MEDIUM | 8.1 HIGH |
| In FFmpeg 3.2 and 4.0.1, an improper argument (AVCodecParameters) passed to the avpriv_request_sample function in the handle_eac3 function in libavformat/movenc.c may trigger an out-of-array read while converting a crafted AVI file to MPEG4, leading to a denial of service and possibly an information disclosure. | |||||
| CVE-2018-13139 | 2 Debian, Libsndfile Project | 2 Debian Linux, Libsndfile | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| A stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted audio file. The vulnerability can be triggered by the executable sndfile-deinterleave. | |||||
| CVE-2018-13100 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.17.3, which does not properly validate secs_per_zone in a corrupted f2fs image, as demonstrated by a divide-by-zero error. | |||||
| CVE-2018-13099 | 4 Canonical, Debian, Linux and 1 more | 4 Ubuntu Linux, Debian Linux, Linux Kernel and 1 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in fs/f2fs/inline.c in the Linux kernel through 4.4. A denial of service (out-of-bounds memory access and BUG) can occur for a modified f2fs filesystem image in which an inline inode contains an invalid reserved blkaddr. | |||||
| CVE-2018-13096 | 4 Canonical, Debian, Linux and 1 more | 4 Ubuntu Linux, Debian Linux, Linux Kernel and 1 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.14. A denial of service (out-of-bounds memory access and BUG) can occur upon encountering an abnormal bitmap size when mounting a crafted f2fs image. | |||||