Total
12847 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-7527 | 1 We-con | 3 Levistudio Hmi Editor, Levistudiou, Pi Studio Hmi Project Programmer | 2024-11-21 | N/A |
| A buffer overflow can be triggered in LeviStudio HMI Editor, Version 1.10 part of Wecon LeviStudioU 1.8.29, and PI Studio HMI Project Programmer, Build: November 11, 2017 and prior by opening a specially crafted file. | ||||
| CVE-2018-7522 | 1 Schneider-electric | 2 Triconex Tricon Mp 3008, Triconex Tricon Mp 3008 Firmware | 2024-11-21 | N/A |
| In Schneider Electric Triconex Tricon MP model 3008 firmware versions 10.0-10.4, when a system call is made, registers are stored to a fixed memory location. Modifying the data in this location could allow attackers to gain supervisor-level access and control system states. | ||||
| CVE-2018-7511 | 1 Eaton | 1 Elcsoft | 2024-11-21 | N/A |
| In Eaton ELCSoft versions 2.04.02 and prior, there are multiple cases where specially crafted files could cause a buffer overflow which, in turn, may allow remote execution of arbitrary code. | ||||
| CVE-2018-7507 | 1 Deltaww | 1 Wplsoft | 2024-11-21 | N/A |
| WPLSoft in Delta Electronics versions 2.45.0 and prior utilizes a fixed length heap buffer where a value larger than the buffer can be read from a file into the buffer, causing the buffer to be overwritten, which may allow remote code execution or cause the application to crash. | ||||
| CVE-2018-7494 | 1 Deltaww | 1 Wplsoft | 2024-11-21 | N/A |
| WPLSoft in Delta Electronics versions 2.45.0 and prior utilizes a fixed length stack buffer where a value larger than the buffer can be read from a file into the buffer, causing the buffer to be overwritten, which may allow remote code execution or cause the application to crash. | ||||
| CVE-2018-7485 | 2 Redhat, Unixodbc | 3 Enterprise Linux, Rhel Eus, Unixodbc | 2024-11-21 | N/A |
| The SQLWriteFileDSN function in odbcinst/SQLWriteFileDSN.c in unixODBC 2.3.5 has strncpy arguments in the wrong order, which allows attackers to cause a denial of service or possibly have unspecified other impact. | ||||
| CVE-2018-7470 | 1 Imagemagick | 1 Imagemagick | 2024-11-21 | N/A |
| An issue was discovered in ImageMagick 7.0.7-22 Q16. The IsWEBPImageLossless function in coders/webp.c allows attackers to cause a denial of service (segmentation violation) via a crafted file. | ||||
| CVE-2018-7409 | 2 Redhat, Unixodbc | 3 Enterprise Linux, Rhel Eus, Unixodbc | 2024-11-21 | N/A |
| In unixODBC before 2.3.5, there is a buffer overflow in the unicode_to_ansi_copy() function in DriverManager/__info.c. | ||||
| CVE-2018-7339 | 1 Mp4v2 Project | 1 Mp4v2 | 2024-11-21 | N/A |
| The MP4Atom class in mp4atom.cpp in MP4v2 through 2.0.0 mishandles Entry Number validation for the MP4 Table Property, which allows remote attackers to cause a denial of service (overflow, insufficient memory allocation, and segmentation fault) or possibly have unspecified other impact via a crafted mp4 file. | ||||
| CVE-2018-7284 | 2 Debian, Digium | 3 Debian Linux, Asterisk, Certified Asterisk | 2024-11-21 | N/A |
| A Buffer Overflow issue was discovered in Asterisk through 13.19.1, 14.x through 14.7.5, and 15.x through 15.2.1, and Certified Asterisk through 13.18-cert2. When processing a SUBSCRIBE request, the res_pjsip_pubsub module stores the accepted formats present in the Accept headers of the request. This code did not limit the number of headers it processed, despite having a fixed limit of 32. If more than 32 Accept headers were present, the code would write outside of its memory and cause a crash. | ||||
| CVE-2018-7247 | 1 Leptonica | 1 Leptonica | 2024-11-21 | N/A |
| An issue was discovered in pixHtmlViewer in prog/htmlviewer.c in Leptonica before 1.75.3. Unsanitized input (rootname) can overflow a buffer, leading potentially to arbitrary code execution or possibly unspecified other impact. | ||||
| CVE-2018-7183 | 4 Canonical, Freebsd, Netapp and 1 more | 4 Ubuntu Linux, Freebsd, Element Software and 1 more | 2024-11-21 | N/A |
| Buffer overflow in the decodearr function in ntpq in ntp 4.2.8p6 through 4.2.8p10 allows remote attackers to execute arbitrary code by leveraging an ntpq query and sending a response with a crafted array. | ||||
| CVE-2018-7182 | 3 Canonical, Netapp, Ntp | 3 Ubuntu Linux, Element Software, Ntp | 2024-11-21 | N/A |
| The ctl_getitem method in ntpd in ntp-4.2.8p6 before 4.2.8p11 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mode 6 packet with a ntpd instance from 4.2.8p6 through 4.2.8p10. | ||||
| CVE-2018-7167 | 2 Nodejs, Redhat | 2 Node.js, Rhel Software Collections | 2024-11-21 | 7.5 High |
| Calling Buffer.fill() or Buffer.alloc() with some parameters can lead to a hang which could result in a Denial of Service. In order to address this vulnerability, the implementations of Buffer.alloc() and Buffer.fill() were updated so that they zero fill instead of hanging in these cases. All versions of Node.js 6.x (LTS "Boron"), 8.x (LTS "Carbon"), and 9.x are vulnerable. All versions of Node.js 10.x (Current) are NOT vulnerable. | ||||
| CVE-2018-7116 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | N/A |
| HPE Intelligent Management Center (IMC) prior to IMC PLAT 7.3 (E0605P06) is vulnerable to a remote denial of service via dbman Opcode 10003 'Filename'. This problem is resolved in IMC PLAT 7.3 (E0605P06) or subsequent versions. | ||||
| CVE-2018-7115 | 2 Hp, Microsoft | 2 Intelligent Management Center, Windows | 2024-11-21 | N/A |
| HPE Intelligent Management Center (IMC) prior to IMC PLAT 7.3 (E0605P06) is vulnerable to a remote buffer overflow in dbman.exe opcode 10001 on Windows. This problem is resolved in IMC PLAT 7.3 (E0605P06) or subsequent versions. | ||||
| CVE-2018-7114 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | N/A |
| HPE Intelligent Management Center (IMC) prior to IMC PLAT 7.3 (E0605P06) is vulnerable to remote buffer overflow in dbman leading to code execution. This problem is resolved in IMC PLAT 7.3 (E0605P06) or subsequent versions. | ||||
| CVE-2018-7039 | 1 Ccn-lite | 1 Ccn-lite | 2024-11-21 | N/A |
| CCN-lite 2.0.0 Beta allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact because the ccnl_ndntlv_prependBlob function in ccnl-pkt-ndntlv.c can be called with wrong arguments. Specifically, there is an incorrect integer data type causing a negative third argument in some cases of crafted TLV data with inconsistent length information. | ||||
| CVE-2018-6953 | 1 Ccn-lite | 1 Ccn-lite | 2024-11-21 | N/A |
| In CCN-lite 2, the Parser of NDNTLV does not verify whether a certain component's length field matches the actual component length, which has a resultant buffer overflow and out-of-bounds memory accesses. | ||||
| CVE-2018-6948 | 1 Ccn-lite | 1 Ccn-lite | 2024-11-21 | N/A |
| In CCN-lite 2, the function ccnl_prefix_to_str_detailed can cause a buffer overflow, when writing a prefix to the buffer buf. The maximal size of the prefix is CCNL_MAX_PREFIX_SIZE; the buffer has the size CCNL_MAX_PREFIX_SIZE. However, when NFN is enabled, additional characters are written to the buffer (e.g., the "NFN" and "R2C" tags). Therefore, sending an NFN-R2C packet with a prefix of size CCNL_MAX_PREFIX_SIZE can cause an overflow of buf inside ccnl_prefix_to_str_detailed. | ||||