Max CVSS 10.0 Min CVSS 0.0 Total Count5446
IDCVSSSummaryLast (major) updatePublished
CVE-2019-5785 4.3
Incorrect convexity calculations in Skia in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.
27-06-2019 - 13:25 27-06-2019 - 13:15
CVE-2018-12384 4.3
When handling a SSLv2-compatible ClientHello request, the server doesn't generate a new random value but sends an all-zero value instead. This results in full malleability of the ClientHello for SSLv2 used for TLS 1.2 in all versions prior to NSS 3.3
29-04-2019 - 11:29 29-04-2019 - 11:29
CVE-2011-3145 7.5
When mount.ecrpytfs_private before version 87-0ubuntu1.2 calls setreuid() it doesn't also set the effective group id. So when it creates the new version, mtab.tmp, it's created with the group id of the user running mount.ecryptfs_private.
22-04-2019 - 12:29 22-04-2019 - 12:29
CVE-2017-7777 6.8
Use of uninitialized memory in Graphite2 library in Firefox before 54 in graphite2::GlyphCache::Loader::read_glyph function.
15-04-2019 - 08:31 15-04-2019 - 08:31
CVE-2017-7776 5.8
Heap-based Buffer Overflow read in Graphite2 library in Firefox before 54 in graphite2::Silf::getClassGlyph.
15-04-2019 - 08:31 15-04-2019 - 08:31
CVE-2017-7774 6.4
Out-of-bounds read in Graphite2 Library in Firefox before 54 in graphite2::Silf::readGraphite function.
15-04-2019 - 08:31 15-04-2019 - 08:31
CVE-2017-7773 6.8
Heap-based Buffer Overflow write in Graphite2 library in Firefox before 54 in lz4::decompress src/Decompressor.
15-04-2019 - 08:31 15-04-2019 - 08:31
CVE-2017-7771 5.8
Out-of-bounds read in Graphite2 Library in Firefox before 54 in graphite2::Pass::readPass function.
15-04-2019 - 08:31 15-04-2019 - 08:31
CVE-2017-7772 6.8
Heap-based Buffer Overflow in Graphite2 library in Firefox before 54 in lz4::decompress function.
12-04-2019 - 14:29 12-04-2019 - 14:29
CVE-2017-3139 5.0
A denial of service flaw was found in the way BIND handled DNSSEC validation. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response.
09-04-2019 - 14:29 09-04-2019 - 14:29
CVE-2019-6116 6.8
In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution.
21-03-2019 - 13:29 21-03-2019 - 12:01
CVE-2019-6454 4.9
An issue was discovered in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An unprivileged local user can expl
21-03-2019 - 12:01 21-03-2019 - 12:01
CVE-2018-18498 7.5
A potential vulnerability leading to an integer overflow can occur during buffer size calculations for images when a raw value is used instead of the checked value. This leads to a possible out-of-bounds write. This vulnerability affects Thunderbird
28-02-2019 - 13:29 28-02-2019 - 13:29
CVE-2018-18494 4.3
A same-origin policy violation allowing the theft of cross-origin URL entries when using the Javascript location property to cause a redirection to another site using performance.getEntries(). This is a same-origin policy violation and could allow fo
28-02-2019 - 13:29 28-02-2019 - 13:29
CVE-2018-18493 7.5
A buffer overflow can occur in the Skia library during buffer offset calculations with hardware accelerated canvas 2D actions due to the use of 32-bit calculations instead of 64-bit. This results in a potentially exploitable crash. This vulnerability
28-02-2019 - 13:29 28-02-2019 - 13:29
CVE-2018-18492 7.5
A use-after-free vulnerability can occur after deleting a selection element due to a weak reference to the select element in the options collection. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.4, Firef
28-02-2019 - 13:29 28-02-2019 - 13:29
CVE-2018-12405 7.5
Mozilla developers and community members reported memory safety bugs present in Firefox 63 and Firefox ESR 60.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to r
28-02-2019 - 13:29 28-02-2019 - 13:29
CVE-2018-12397 3.6
A WebExtension can request access to local files without the warning prompt stating that the extension will "Access your data for all websites" being displayed to the user. This allows extensions to run content scripts in local pages without permissi
28-02-2019 - 13:29 28-02-2019 - 13:29
CVE-2018-12396 4.3
A vulnerability where a WebExtension can run content scripts in disallowed contexts following navigation or other events. This allows for potential privilege escalation by the WebExtension on sites where content scripts should not be run. This vulner
28-02-2019 - 13:29 28-02-2019 - 13:29
CVE-2018-12395 5.0
By rewriting the Host: request headers using the webRequest API, a WebExtension can bypass domain restrictions through domain fronting. This would allow access to domains that share a host that are otherwise restricted. This vulnerability affects Fir
28-02-2019 - 13:29 28-02-2019 - 13:29
CVE-2018-12393 5.0
A potential vulnerability was found in 32-bit builds where an integer overflow during the conversion of scripts to an internal UTF-16 representation could result in allocating a buffer too small for the conversion. This leads to a possible out-of-bou
28-02-2019 - 13:29 28-02-2019 - 13:29
CVE-2018-12392 7.5
When manipulating user events in nested loops while opening a document through script, it is possible to trigger a potentially exploitable crash due to poor event handling. This vulnerability affects Firefox < 63, Firefox ESR < 60.3, and Thunderbird
28-02-2019 - 13:29 28-02-2019 - 13:29
CVE-2018-12390 7.5
Mozilla developers and community members reported memory safety bugs present in Firefox 62 and Firefox ESR 60.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to r
28-02-2019 - 13:29 28-02-2019 - 13:29
CVE-2018-12389 6.8
Mozilla developers and community members reported memory safety bugs present in Firefox ESR 60.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary co
28-02-2019 - 13:29 28-02-2019 - 13:29
CVE-2019-8308 4.4
Flatpak before 1.0.7, and 1.1.x and 1.2.x before 1.2.3, exposes /proc in the apply_extra script sandbox, which allows attackers to modify a host-side executable file.
12-02-2019 - 18:29 12-02-2019 - 18:29
CVE-2018-18505 7.5
An earlier fix for an Inter-process Communication (IPC) vulnerability, CVE-2011-3079, added authentication to communication between IPC endpoints and server parents during IPC process creation. This authentication is insufficient for channels created
05-02-2019 - 16:29 05-02-2019 - 16:29
CVE-2018-18501 7.5
Mozilla developers and community members reported memory safety bugs present in Firefox 64 and Firefox ESR 60.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to r
05-02-2019 - 16:29 05-02-2019 - 16:29
CVE-2018-18500 7.5
A use-after-free vulnerability can occur while parsing an HTML5 stream in concert with custom HTML elements. This results in the stream parser object being freed while still in use, leading to a potentially exploitable crash. This vulnerability affec
05-02-2019 - 16:29 05-02-2019 - 16:29
CVE-2019-3813 5.4
Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read due to an off-by-one error in memslot_get_virt. This may lead to a denial of service, or, in the worst case, code-execution by unauthenticated attackers.
04-02-2019 - 13:29 04-02-2019 - 13:29
CVE-2019-3815 2.1
A memory leak was discovered in the backport of fixes for CVE-2018-16864 in Red Hat Enterprise Linux. Function dispatch_message_real() in journald-server.c does not free the memory allocated by set_iovec_field_free() to store the `_CMDLINE=` entry. A
28-01-2019 - 10:29 28-01-2019 - 10:29
CVE-2018-5740 5.0
"deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feat
16-01-2019 - 15:29 16-01-2019 - 15:29
CVE-2018-5733 5.0
A malicious client which is allowed to send very large amounts of traffic (billions of packets) to a DHCP server can eventually overflow a 32-bit reference counter, potentially causing dhcpd to crash. Affects ISC DHCP 4.1.0 -> 4.1-ESV-R15, 4.2.0 -> 4
16-01-2019 - 15:29 16-01-2019 - 15:29
CVE-2017-3145 5.0
BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. Affects BIND 9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to
16-01-2019 - 15:29 16-01-2019 - 15:29
CVE-2017-3144 5.0
A vulnerability stemming from failure to properly clean up closed OMAPI connections can lead to exhaustion of the pool of socket descriptors available to the DHCP server. Affects ISC DHCP 4.1.0 to 4.1-ESV-R15, 4.2.0 to 4.2.8, 4.3.0 to 4.3.6. Older ve
16-01-2019 - 15:29 16-01-2019 - 15:29
CVE-2017-3143 4.3
An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name for the zone and service being targeted may be able to manipulate BIND into accepting an unauthorized dynamic update. A
16-01-2019 - 15:29 16-01-2019 - 15:29
CVE-2017-3142 4.3
An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name may be able to circumvent TSIG authentication of AXFR requests via a carefully constructed request packet. A server tha
16-01-2019 - 15:29 16-01-2019 - 15:29
CVE-2017-3137 5.0
Mistaken assumptions about the ordering of records in the answer section of a response containing CNAME or DNAME resource records could lead to a situation in which named would exit with an assertion failure when processing a response in which record
16-01-2019 - 15:29 16-01-2019 - 15:29
CVE-2017-3136 4.3
A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service against a server if it was configured to use
16-01-2019 - 15:29 16-01-2019 - 15:29
CVE-2017-3135 4.3
Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3
16-01-2019 - 15:29 16-01-2019 - 15:29
CVE-2018-16865 4.6
An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. A local attacker, or a remote one if systemd-journal-remo
11-01-2019 - 16:29 11-01-2019 - 16:29
CVE-2018-16864 4.6
An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash s
11-01-2019 - 15:29 11-01-2019 - 15:29
CVE-2019-6133 4.4
In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendin
11-01-2019 - 09:29 11-01-2019 - 09:29
CVE-2018-6126 6.8
A precision error in Skia in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.
09-01-2019 - 14:29 09-01-2019 - 14:29
CVE-2018-19134 6.8
In Artifex Ghostscript through 9.25, the setpattern operator did not properly validate certain types. A specially crafted PostScript document could exploit this to crash Ghostscript or, possibly, execute arbitrary code in the context of the Ghostscri
20-12-2018 - 18:29 20-12-2018 - 18:29
CVE-2018-15127 7.5
LibVNC before commit 502821828ed00b4a2c4bef90683d0fd88ce495de contains heap out-of-bound write vulnerability in server code of file transfer extension that can result remote code execution
19-12-2018 - 11:29 19-12-2018 - 11:29
CVE-2018-18397 2.1
The userfaultfd implementation in the Linux kernel before 4.19.7 mishandles access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that fil
12-12-2018 - 05:29 12-12-2018 - 05:29
CVE-2018-18356 6.8
An integer overflow in path handling lead to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
11-12-2018 - 11:29 11-12-2018 - 11:29
CVE-2018-5806 4.3
An error within the "leaf_hdr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to trigger a NULL pointer dereference.
07-12-2018 - 17:29 07-12-2018 - 17:29
CVE-2018-5805 6.8
A boundary error within the "quicktake_100_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to cause a stack-based buffer overflow and subsequently cause a crash.
07-12-2018 - 17:29 07-12-2018 - 17:29
CVE-2018-5802 6.8
An error within the "kodak_radc_load_raw()" function (internal/dcraw_common.cpp) related to the "buf" variable in LibRaw versions prior to 0.18.7 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash.
07-12-2018 - 17:29 07-12-2018 - 17:29
CVE-2018-5801 4.3
An error within the "LibRaw::unpack()" function (src/libraw_cxx.cpp) in LibRaw versions prior to 0.18.7 can be exploited to trigger a NULL pointer dereference.
07-12-2018 - 17:29 07-12-2018 - 17:29
CVE-2018-5800 4.3
An off-by-one error within the "LibRaw::kodak_ycbcr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.7 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash.
07-12-2018 - 17:29 07-12-2018 - 17:29
CVE-2018-18311 7.5
Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
07-12-2018 - 16:29 07-12-2018 - 16:29
CVE-2018-16863 9.3
It was found that RHSA-2018:2918 did not fully fix CVE-2018-16509. An attacker could possibly exploit another variant of the flaw and bypass the -dSAFER protection to, for example, execute arbitrary shell commands via a specially crafted PostScript d
03-12-2018 - 12:29 03-12-2018 - 12:29
CVE-2018-14646 4.9
The Linux kernel before 4.15-rc8 was found to be vulnerable to a NULL pointer dereference bug in the __netlink_ns_capable() function in the net/netlink/af_netlink.c file. A local attacker could exploit this when a net namespace with a netnsid is assi
26-11-2018 - 14:29 26-11-2018 - 14:29
CVE-2018-19477 6.8
psi/zfjbig2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a JBIG2Decode type confusion.
23-11-2018 - 00:29 23-11-2018 - 00:29
CVE-2018-19476 6.8
psi/zicc.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a setcolorspace type confusion.
23-11-2018 - 00:29 23-11-2018 - 00:29
CVE-2018-19475 6.8
psi/zdevice2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because available stack space is not checked when the device remains the same.
23-11-2018 - 00:29 23-11-2018 - 00:29
CVE-2018-19409 7.5
An issue was discovered in Artifex Ghostscript before 9.26. LockSafetyParams is not checked correctly if another device is used.
21-11-2018 - 11:29 21-11-2018 - 11:29
CVE-2018-16395 7.5
An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. When two OpenSSL::X509::Name objects are compared using ==, depending on the ordering, non-equal objects may
16-11-2018 - 13:29 16-11-2018 - 13:29
CVE-2018-17466 6.8
Incorrect texture handling in Angle in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
14-11-2018 - 10:29 14-11-2018 - 10:29
CVE-2018-19115 7.5
keepalived before 2.0.7 has a heap-based buffer overflow when parsing HTTP status codes resulting in DoS or possibly unspecified other impact, because extract_status_code in lib/html.c has no validation of the status code and instead writes an unlimi
08-11-2018 - 15:29 08-11-2018 - 15:29
CVE-2016-2125 3.3
It was found that Samba before versions 4.5.3, 4.4.8, 4.3.13 always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticated using Kerberos could subsequently use the ticket to impersonate Samba to othe
31-10-2018 - 16:29 31-10-2018 - 16:29
CVE-2018-15688 7.5
A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. Affected releases are systemd: versions up to and including 239.
29-10-2018 - 08:29 26-10-2018 - 10:29
CVE-2018-14665 7.2
A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate the
29-10-2018 - 08:29 25-10-2018 - 16:29
CVE-2018-18559 6.8
In the Linux kernel through 4.19, a use-after-free can occur due to a race condition between fanout_add from setsockopt and bind on an AF_PACKET socket. This issue exists because of the 15fe076edea787807a7cdc168df832544b58eba6 incomplete fix for a ra
22-10-2018 - 12:29 22-10-2018 - 12:29
CVE-2018-18284 6.8
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving the 1Policy operator.
19-10-2018 - 18:29 19-10-2018 - 18:29
CVE-2018-5188 7.5
Memory safety bugs present in Firefox 60, Firefox ESR 60, and Firefox ESR 52.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerabi
18-10-2018 - 09:29 18-10-2018 - 09:29
CVE-2018-5156 7.5
A vulnerability can occur when capturing a media stream when the media source type is changed as the capture is occurring. This can result in stream data being cast to the wrong type causing a potentially exploitable crash. This vulnerability affects
18-10-2018 - 09:29 18-10-2018 - 09:29
CVE-2018-12387 6.4
A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes after a bailout. This leaks a memory address to the calling function which can be used as pa
18-10-2018 - 09:29 18-10-2018 - 09:29
CVE-2018-12386 5.8
A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process when triggered. This vulnerability affects Firefox ESR
18-10-2018 - 09:29 18-10-2018 - 09:29
CVE-2018-12385 4.4
A potentially exploitable crash in TransportSecurityInfo used for SSL can be triggered by data stored in the local cache in the user profile directory. This issue is only exploitable in combination with another vulnerability allowing an attacker to w
18-10-2018 - 09:29 18-10-2018 - 09:29
CVE-2018-12383 2.1
If a user saved passwords before Firefox 58 and then later set a master password, an unencrypted copy of these passwords is still accessible. This is because the older stored password file was not deleted when the data was copied to a new format star
18-10-2018 - 09:29 18-10-2018 - 09:29
CVE-2018-12379 4.6
When the Mozilla Updater opens a MAR format file which contains a very long item filename, an out-of-bounds write can be triggered, leading to a potentially exploitable crash. This requires running the Mozilla Updater manually on the local system wit
18-10-2018 - 09:29 18-10-2018 - 09:29
CVE-2018-12378 7.5
A use-after-free vulnerability can occur when an IndexedDB index is deleted while still in use by JavaScript code that is providing payload values to be stored. This results in a potentially exploitable crash. This vulnerability affects Firefox < 62,
18-10-2018 - 09:29 18-10-2018 - 09:29
CVE-2018-12377 7.5
A use-after-free vulnerability can occur when refresh driver timers are refreshed in some circumstances during shutdown when the timer is deleted while still in use. This results in a potentially exploitable crash. This vulnerability affects Firefox
18-10-2018 - 09:29 18-10-2018 - 09:29
CVE-2018-12376 7.5
Memory safety bugs present in Firefox 61 and Firefox ESR 60.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Fire
18-10-2018 - 09:29 18-10-2018 - 09:29
CVE-2018-12374 4.3
Plaintext of decrypted emails can leak through by user submitting an embedded form by pressing enter key within a text input field. This vulnerability affects Thunderbird < 52.9.
18-10-2018 - 09:29 18-10-2018 - 09:29
CVE-2018-12373 4.3
dDecrypted S/MIME parts hidden with CSS or the plaintext HTML tag can leak plaintext when included in a HTML reply/forward. This vulnerability affects Thunderbird < 52.9.
18-10-2018 - 09:29 18-10-2018 - 09:29
CVE-2018-12372 4.3
Decrypted S/MIME parts, when included in HTML crafted for an attack, can leak plaintext when included in a a HTML reply/forward. This vulnerability affects Thunderbird < 52.9.
18-10-2018 - 09:29 18-10-2018 - 09:29
CVE-2018-12366 4.3
An invalid grid size during QCMS (color profile) transformations can result in the out-of-bounds read interpreted as a float value. This could leak private data into the output. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox
18-10-2018 - 09:29 18-10-2018 - 09:29
CVE-2018-12365 4.3
A compromised IPC child process can escape the content sandbox