Total
12847 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-7851 | 1 Schneider-electric | 41 140cra312xxx, 140cra312xxx Firmware, Bmeh582040 and 38 more | 2024-11-21 | 6.5 Medium |
| CWE-119: Buffer errors vulnerability exists in Modicon M580 with firmware prior to V2.50, Modicon M340 with firmware prior to V3.01, BMxCRA312xx with firmware prior to V2.40, All firmware versions of Modicon Premium and 140CRA312xxx when sending a specially crafted Modbus packet, which could cause a denial of service to the device that would force a restart to restore availability. | ||||
| CVE-2018-7838 | 1 Schneider-electric | 36 Bmeh582040, Bmeh582040 Firmware, Bmeh582040c and 33 more | 2024-11-21 | 7.5 High |
| A CWE-119 Buffer Errors vulnerability exists in Modicon M580 CPU - BMEP582040, all versions before V2.90, and Modicon Ethernet Module BMENOC0301, all versions before V2.16, which could cause denial of service on the FTP service of the controller or the Ethernet BMENOC module when it receives a FTP CWD command with a data length greater than 1020 bytes. A power cycle is then needed to reactivate the FTP service. | ||||
| CVE-2018-7796 | 1 Schneider-electric | 1 Powersuite 2 | 2024-11-21 | N/A |
| A Buffer Error vulnerability exists in PowerSuite 2, all released versions (VW3A8104 & Patches), which could cause an overflow in the memcpy function, leading to corruption of data and program instability. | ||||
| CVE-2018-7780 | 1 Schneider-electric | 40 Ibp1110-1er, Ibp1110-1er Firmware, Ibp219-1er and 37 more | 2024-11-21 | N/A |
| In Schneider Electric Pelco Sarix Professional 1st generation cameras with firmware versions prior to 3.29.69, a buffer overflow vulnerability exist in cgi program "set". | ||||
| CVE-2018-7762 | 1 Schneider-electric | 114 140cpu31110, 140cpu31110 Firmware, 140cpu31110c and 111 more | 2024-11-21 | N/A |
| A vulnerability exists in the web services to process SOAP requests in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow result in a buffer overflow. | ||||
| CVE-2018-7759 | 1 Schneider-electric | 114 140cpu31110, 140cpu31110 Firmware, 140cpu31110c and 111 more | 2024-11-21 | N/A |
| A buffer overflow vulnerability exists in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200. The buffer overflow vulnerability is caused by the length of the source string specified (instead of the buffer size) as the number of bytes to be copied. | ||||
| CVE-2018-7752 | 3 Canonical, Debian, Gpac | 3 Ubuntu Linux, Debian Linux, Gpac | 2024-11-21 | N/A |
| GPAC through 0.7.1 has a Buffer Overflow in the gf_media_avc_read_sps function in media_tools/av_parsers.c, a different vulnerability than CVE-2018-1000100. | ||||
| CVE-2018-7740 | 4 Canonical, Debian, Linux and 1 more | 9 Ubuntu Linux, Debian Linux, Linux Kernel and 6 more | 2024-11-21 | N/A |
| The resv_map_release function in mm/hugetlb.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (BUG) via a crafted application that makes mmap system calls and has a large pgoff argument to the remap_file_pages system call. | ||||
| CVE-2018-7726 | 3 Canonical, Redhat, Zziplib Project | 6 Ubuntu Linux, Enterprise Linux, Enterprise Linux Desktop and 3 more | 2024-11-21 | N/A |
| An issue was discovered in ZZIPlib 0.13.68. There is a bus error caused by the __zzip_parse_root_directory function of zip.c. Attackers could leverage this vulnerability to cause a denial of service via a crafted zip file. | ||||
| CVE-2018-7725 | 3 Canonical, Redhat, Zziplib Project | 6 Ubuntu Linux, Enterprise Linux, Enterprise Linux Desktop and 3 more | 2024-11-21 | N/A |
| An issue was discovered in ZZIPlib 0.13.68. An invalid memory address dereference was discovered in zzip_disk_fread in mmapped.c. The vulnerability causes an application crash, which leads to denial of service. | ||||
| CVE-2018-7687 | 1 Microfocus | 1 Client | 2024-11-21 | N/A |
| The Micro Focus Client for OES before version 2 SP4 IR8a has a vulnerability that could allow a local attacker to elevate privileges via a buffer overflow in ncfsd.sys. | ||||
| CVE-2018-7648 | 1 Uclouvain | 1 Openjpeg | 2024-11-21 | 9.8 Critical |
| An issue was discovered in mj2/opj_mj2_extract.c in OpenJPEG 2.3.0. The output prefix was not checked for length, which could overflow a buffer, when providing a prefix with 50 or more characters on the command line. | ||||
| CVE-2018-7632 | 1 Adbglobal | 1 Epicentro | 2024-11-21 | N/A |
| Buffer Overflow in httpd in EpiCentro E_7.3.2+ allows attackers to cause a denial of service attack remotely via a specially crafted GET request with a leading "/" in the URL. | ||||
| CVE-2018-7631 | 1 Adbglobal | 1 Epicentro | 2024-11-21 | N/A |
| Buffer Overflow in httpd in EpiCentro E_7.3.2+ allows attackers to execute code remotely via a specially crafted GET request without a leading "/" and without authentication. | ||||
| CVE-2018-7587 | 1 Cimg | 1 Cimg | 2024-11-21 | N/A |
| An issue was discovered in CImg v.220. DoS occurs when loading a crafted bmp image that triggers an allocation failure in load_bmp in CImg.h. | ||||
| CVE-2018-7584 | 4 Canonical, Debian, Php and 1 more | 5 Ubuntu Linux, Debian Linux, Php and 2 more | 2024-11-21 | N/A |
| In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and 7.2.x through 7.2.2, there is a stack-based buffer under-read while parsing an HTTP response in the php_stream_url_wrap_http_ex function in ext/standard/http_fopen_wrapper.c. This subsequently results in copying a large string. | ||||
| CVE-2018-7573 | 1 Ftpshell | 1 Ftpshell Client | 2024-11-21 | N/A |
| An issue was discovered in FTPShell Client 6.7. A remote FTP server can send 400 characters of 'F' in conjunction with the FTP 220 response code to crash the application; after this overflow, one can run arbitrary code on the victim machine. This is similar to CVE-2009-3364 and CVE-2017-6465. | ||||
| CVE-2018-7566 | 6 Canonical, Debian, Linux and 3 more | 16 Ubuntu Linux, Debian Linux, Linux Kernel and 13 more | 2024-11-21 | N/A |
| The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user. | ||||
| CVE-2018-7552 | 2 Debian, Sam2p Project | 2 Debian Linux, Sam2p | 2024-11-21 | N/A |
| There is an invalid free in Mapping::DoubleHash::clear in mapping.cpp that leads to a Segmentation fault in sam2p 0.49.4. A crafted input will lead to a denial of service or possibly unspecified other impact. | ||||
| CVE-2018-7546 | 1 Kingsoft | 2 Jinshan Pdf, Wps Office | 2024-11-21 | N/A |
| wpsmain.dll in Kingsoft WPS Office 2016 and Jinshan PDF 10.1.0.6621 allows remote attackers to cause a denial of service via a crafted pdf file. | ||||