Total
12211 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-7873 | 2 Debian, Libming | 2 Debian Linux, Libming | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| There is a heap-based buffer overflow in the getString function of util/decompile.c in libming 0.4.8 for INTEGER data. A Crafted input will lead to a denial of service attack. | |||||
| CVE-2018-7867 | 2 Debian, Libming | 2 Debian Linux, Libming | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| There is a heap-based buffer overflow in the getString function of util/decompile.c in libming 0.4.8 during a RegisterNumber sprintf. A Crafted input will lead to a denial of service attack. | |||||
| CVE-2018-7814 | 1 Schneider-electric | 1 Guicon | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A Stack-based Buffer Overflow (CWE-121) vulnerability exists in Eurotherm by Schneider Electric GUIcon V2.0 (Gold Build 683.0) which could cause remote code to be executed when parsing a GD1 file | |||||
| CVE-2018-7561 | 2 Tenda, Tendacn | 2 Ac9, Ac9 Firmware | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Stack-based Buffer Overflow in httpd on Tenda AC9 devices V15.03.05.14_EN allows remote attackers to cause a denial of service or possibly have unspecified other impact. | |||||
| CVE-2018-7553 | 2 Debian, Sam2p Project | 2 Debian Linux, Sam2p | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| There is a heap-based buffer overflow in the pcxLoadRaster function of in_pcx.cpp in sam2p 0.49.4. A crafted input will lead to a denial of service or possibly unspecified other impact. | |||||
| CVE-2018-7550 | 4 Canonical, Debian, Qemu and 1 more | 9 Ubuntu Linux, Debian Linux, Qemu and 6 more | 2024-11-21 | 4.6 MEDIUM | 8.8 HIGH |
| The load_multiboot function in hw/i386/multiboot.c in Quick Emulator (aka QEMU) allows local guest OS users to execute arbitrary code on the QEMU host via a mh_load_end_addr value greater than mh_bss_end_addr, which triggers an out-of-bounds read or write memory access. | |||||
| CVE-2018-7519 | 1 Omron | 1 Cx-supervisor | 2024-11-21 | 4.6 MEDIUM | 5.3 MEDIUM |
| In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause a heap-based buffer overflow. | |||||
| CVE-2018-7517 | 1 Omron | 1 Cx-supervisor | 2024-11-21 | 4.6 MEDIUM | 5.3 MEDIUM |
| In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause an out of bounds vulnerability. | |||||
| CVE-2018-7514 | 1 Omron | 7 Cx-flnet, Cx-one, Cx-programmer and 4 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Parsing malformed project files in Omron CX-One versions 4.42 and prior, including the following applications: CX-FLnet versions 1.00 and prior, CX-Protocol versions 1.992 and prior, CX-Programmer versions 9.65 and prior, CX-Server versions 5.0.22 and prior, Network Configurator versions 3.63 and prior, and Switch Box Utility versions 1.68 and prior, may cause a stack-based buffer overflow. | |||||
| CVE-2018-7513 | 1 Omron | 1 Cx-supervisor | 2024-11-21 | 4.6 MEDIUM | 5.3 MEDIUM |
| In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause a stack-based buffer overflow. | |||||
| CVE-2018-7509 | 1 Deltaww | 1 Wplsoft | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| WPLSoft in Delta Electronics versions 2.45.0 and prior writes data from a file outside the bounds of the intended buffer space, which could cause memory corruption or may allow remote code execution. | |||||
| CVE-2018-7499 | 1 Advantech | 4 Webaccess, Webaccess\/nms, Webaccess Dashboard and 1 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, several stack-based buffer overflow vulnerabilities have been identified, which may allow an attacker to execute arbitrary code. | |||||
| CVE-2018-7487 | 2 Debian, Sam2p Project | 2 Debian Linux, Sam2p | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| There is a heap-based buffer overflow in the LoadPCX function of in_pcx.cpp in sam2p 0.49.4. A Crafted input will lead to a denial of service or possibly unspecified other impact. | |||||
| CVE-2018-7359 | 1 Zte | 2 Zxhn F670, Zxhn F670 Firmware | 2024-11-21 | 7.5 HIGH | 9.0 CRITICAL |
| All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by heap-based buffer overflow vulnerability, which may allow an attacker to execute arbitrary code. | |||||
| CVE-2018-7264 | 1 Activepdf | 1 Activepdf Toolkit | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The Pictview image processing library embedded in the ActivePDF toolkit through 2018.1.0.18321 is prone to multiple out of bounds write and sign errors, allowing a remote attacker to execute arbitrary code on vulnerable applications using the ActivePDF Toolkit to process untrusted images. | |||||
| CVE-2018-7240 | 1 Schneider-electric | 26 140cpu31110, 140cpu31110 Firmware, 140cpu31110c and 23 more | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| A vulnerability exists in Schneider Electric's Modicon Quantum in all versions of the communication modules which could allow arbitrary code execution. An FTP command used to upgrade the firmware of the module can be misused to cause a denial of service, or in extreme cases, to load a malicious firmware. | |||||
| CVE-2018-7186 | 2 Debian, Leptonica | 2 Debian Linux, Leptonica | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Leptonica before 1.75.3 does not limit the number of characters in a %s format argument to fscanf or sscanf, which allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a long string, as demonstrated by the gplotRead and ptaReadStream functions. | |||||
| CVE-2018-7183 | 4 Canonical, Freebsd, Netapp and 1 more | 4 Ubuntu Linux, Freebsd, Element Software and 1 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer overflow in the decodearr function in ntpq in ntp 4.2.8p6 through 4.2.8p10 allows remote attackers to execute arbitrary code by leveraging an ntpq query and sending a response with a crafted array. | |||||
| CVE-2018-6973 | 1 Vmware | 2 Fusion, Workstation | 2024-11-21 | 7.2 HIGH | 8.8 HIGH |
| VMware Workstation (14.x before 14.1.3) and Fusion (10.x before 10.1.3) contain an out-of-bounds write vulnerability in the e1000 device. This issue may allow a guest to execute code on the host. | |||||
| CVE-2018-6913 | 3 Canonical, Debian, Perl | 3 Ubuntu Linux, Debian Linux, Perl | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Heap-based buffer overflow in the pack function in Perl before 5.26.2 allows context-dependent attackers to execute arbitrary code via a large item count. | |||||