Total
3123 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-1324 | 2 Apache, Oracle | 3 Commons Compress, Mysql Cluster, Weblogic Server | 2024-11-21 | 5.5 Medium |
| A specially crafted ZIP archive can be used to cause an infinite loop inside of Apache Commons Compress' extra field parser used by the ZipFile and ZipArchiveInputStream classes in versions 1.11 to 1.15. This can be used to mount a denial of service attack against services that use Compress' zip package. | ||||
| CVE-2018-1126 | 5 Canonical, Debian, Procps-ng Project and 2 more | 13 Ubuntu Linux, Debian Linux, Procps-ng and 10 more | 2024-11-21 | N/A |
| procps-ng before version 3.3.15 is vulnerable to an incorrect integer size in proc/alloc.* leading to truncation/integer overflow issues. This flaw is related to CVE-2018-1124. | ||||
| CVE-2018-1124 | 6 Canonical, Debian, Opensuse and 3 more | 13 Ubuntu Linux, Debian Linux, Leap and 10 more | 2024-11-21 | 7.8 High |
| procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or arbitrary code execution in proc utilities run by other users. | ||||
| CVE-2018-1084 | 4 Canonical, Corosync, Debian and 1 more | 5 Ubuntu Linux, Corosync, Debian Linux and 2 more | 2024-11-21 | 7.5 High |
| corosync before version 2.4.4 is vulnerable to an integer overflow in exec/totemcrypto.c. | ||||
| CVE-2018-19932 | 2 Gnu, Netapp | 3 Binutils, Cluster Data Ontap, Vasa Provider | 2024-11-21 | N/A |
| An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is an integer overflow and infinite loop caused by the IS_CONTAINED_BY_LMA macro in elf.c. | ||||
| CVE-2018-19665 | 2 Opensuse, Qemu | 2 Leap, Qemu | 2024-11-21 | 5.7 Medium |
| The Bluetooth subsystem in QEMU mishandles negative values for length variables, leading to memory corruption. | ||||
| CVE-2018-19662 | 3 Debian, Libsndfile Project, Redhat | 3 Debian Linux, Libsndfile, Enterprise Linux | 2024-11-21 | N/A |
| An issue was discovered in libsndfile 1.0.28. There is a buffer over-read in the function i2alaw_array in alaw.c that will lead to a denial of service. | ||||
| CVE-2018-19661 | 2 Debian, Libsndfile Project | 2 Debian Linux, Libsndfile | 2024-11-21 | N/A |
| An issue was discovered in libsndfile 1.0.28. There is a buffer over-read in the function i2ulaw_array in ulaw.c that will lead to a denial of service. | ||||
| CVE-2018-19199 | 3 Debian, Redhat, Uriparser Project | 3 Debian Linux, Enterprise Linux, Uriparser | 2024-11-21 | N/A |
| An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an integer overflow via a uriComposeQuery* or uriComposeQueryEx* function because of an unchecked multiplication. | ||||
| CVE-2018-19108 | 4 Canonical, Debian, Exiv2 and 1 more | 7 Ubuntu Linux, Debian Linux, Exiv2 and 4 more | 2024-11-21 | 6.5 Medium |
| In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD image reader may suffer from a denial of service (infinite loop) caused by an integer overflow via a crafted PSD image file. | ||||
| CVE-2018-19107 | 4 Canonical, Debian, Exiv2 and 1 more | 7 Ubuntu Linux, Debian Linux, Exiv2 and 4 more | 2024-11-21 | 6.5 Medium |
| In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called from psdimage.cpp in the PSD image reader) may suffer from a denial of service (heap-based buffer over-read) caused by an integer overflow via a crafted PSD image file. | ||||
| CVE-2018-18928 | 1 Icu-project | 1 International Components For Unicode | 2024-11-21 | N/A |
| International Components for Unicode (ICU) for C/C++ 63.1 has an integer overflow in number::impl::DecimalQuantity::toScientificString() in i18n/number_decimalquantity.cpp. | ||||
| CVE-2018-18749 | 1 Data Tools Project | 1 Data Tools | 2024-11-21 | 5.5 Medium |
| data-tools through 2017-07-26 has an Integer Overflow leading to an incorrect end value for the write_wchars function. | ||||
| CVE-2018-18667 | 1 Pylon-network | 1 Pylontoken | 2024-11-21 | N/A |
| The mintToken function of Pylon (PYLNT) aka PylonToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value, a related issue to CVE-2018-11812. | ||||
| CVE-2018-18666 | 1 Swft | 1 Swftcoin | 2024-11-21 | N/A |
| The mintToken function of SwftCoin (SWFTC) aka SwftCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | ||||
| CVE-2018-18665 | 1 Nexxuscoin | 1 Nexxustoken | 2024-11-21 | N/A |
| The mintToken function of Nexxus (NXX) aka NexxusToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | ||||
| CVE-2018-18650 | 1 Xpdfreader | 1 Xpdf | 2024-11-21 | N/A |
| An issue was discovered in Xpdf 4.00. XRef::readXRefStream in XRef.cc allows attackers to launch a denial of service (Integer Overflow) via a crafted /Size value in a pdf file, as demonstrated by pdftohtml. This is mainly caused by the program attempting a malloc operation for a large amount of memory. | ||||
| CVE-2018-18498 | 4 Canonical, Debian, Mozilla and 1 more | 12 Ubuntu Linux, Debian Linux, Firefox and 9 more | 2024-11-21 | N/A |
| A potential vulnerability leading to an integer overflow can occur during buffer size calculations for images when a raw value is used instead of the checked value. This leads to a possible out-of-bounds write. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox < 64. | ||||
| CVE-2018-18483 | 1 Gnu | 1 Binutils | 2024-11-21 | N/A |
| The get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service (malloc called with the result of an integer-overflowing calculation) or possibly have unspecified other impact via a crafted string, as demonstrated by c++filt. | ||||
| CVE-2018-18438 | 2 Qemu, Redhat | 3 Qemu, Enterprise Linux, Openstack | 2024-11-21 | N/A |
| Qemu has integer overflows because IOReadHandler and its associated functions use a signed integer data type for a size value. | ||||