Max CVSS 10.0 Min CVSS 2.1 Total Count70
IDCVSSSummaryLast (major) updatePublished
CVE-2018-5122 7.5
A potential integer overflow in the "DoCrypt" function of WebCrypto was identified. If a means was found of exploiting it, it could result in an out-of-bounds write. This vulnerability affects Firefox < 58.
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2018-5102 7.5
A use-after-free vulnerability can occur when manipulating HTML media elements with media streams, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58.
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2018-4096 6.8
An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. Safari before 11.0.3 is affected. iCloud before 7.3 on Windows is affected. iTunes before 12.7.3 on Windows is affected. tvOS before 1
03-04-2018 - 02:29 03-04-2018 - 02:29
CVE-2018-4088 6.8
An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. Safari before 11.0.3 is affected. iCloud before 7.3 on Windows is affected. iTunes before 12.7.3 on Windows is affected. tvOS before 1
03-04-2018 - 02:29 03-04-2018 - 02:29
CVE-2017-7165 6.8
An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. watchOS before 4.2
03-04-2018 - 02:29 03-04-2018 - 02:29
CVE-2017-7161 6.8
An issue was discovered in certain Apple products. Safari before 11.0.2 is affected. The issue involves the "WebKit Web Inspector" component. It allows remote attackers to execute arbitrary code via special characters that trigger command injection.
03-04-2018 - 02:29 03-04-2018 - 02:29
CVE-2017-7153 5.8
An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. watchOS before 4.2
03-04-2018 - 02:29 03-04-2018 - 02:29
CVE-2017-13885 6.8
An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves
03-04-2018 - 02:29 03-04-2018 - 02:29
CVE-2017-13884 6.8
An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. watchOS before 4.2
03-04-2018 - 02:29 03-04-2018 - 02:29
CVE-2018-1000027 5.0
The Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in Denial of Service to all clients of the pro
09-02-2018 - 18:29 09-02-2018 - 18:29
CVE-2018-1000024 5.0
The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This att
09-02-2018 - 18:29 09-02-2018 - 18:29
CVE-2018-4878 7.5
A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This vulnerability occurs due to a dangling pointer in the Primetime SDK related to media player handling of listener objects. A successful attack can lead to arbi
06-02-2018 - 16:29 06-02-2018 - 16:29
CVE-2018-4877 10.0
A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This vulnerability occurs due to a dangling pointer in the Primetime SDK related to media player's quality of service functionality. A successful attack can lead t
06-02-2018 - 16:29 06-02-2018 - 16:29
CVE-2018-6188 5.0
django.contrib.auth.forms.AuthenticationForm in Django 2.0 before 2.0.2, and 1.11.8 and 1.11.9, allows remote attackers to obtain potentially sensitive information by leveraging data exposure from the confirm_login_allowed() method, as demonstrated b
04-02-2018 - 22:29 04-02-2018 - 22:29
CVE-2017-18123 9.3
The call parameter of /lib/exe/ajax.php in DokuWiki through 2017-02-19e does not properly encode user input, which leads to a reflected file download vulnerability, and allows remote attackers to run arbitrary programs.
03-02-2018 - 10:29 03-02-2018 - 10:29
CVE-2018-6406 6.8
The function ParseVP9SuperFrameIndex in common/libwebm_util.cc in libwebm through 2018-01-30 does not validate the child_frame_length data obtained from a .webm file, which allows remote attackers to cause an information leak or a denial of service (
30-01-2018 - 16:29 30-01-2018 - 16:29
CVE-2017-17969 6.8
Heap-based buffer overflow in the NCompress::NShrink::CDecoder::CodeReal method in 7-Zip before 18.00 and p7zip allows remote attackers to cause a denial of service (out-of-bounds write) or potentially execute arbitrary code via a crafted ZIP archive
30-01-2018 - 11:29 30-01-2018 - 11:29
CVE-2018-5750 2.1
The acpi_smbus_hc_add function in drivers/acpi/sbshc.c in the Linux kernel through 4.14.15 allows local users to obtain sensitive address information by reading dmesg data from an SBS HC printk call.
26-01-2018 - 14:29 26-01-2018 - 14:29
CVE-2018-6198 3.3
w3m through 0.5.3 does not properly handle temporary files when the ~/.w3m directory is unwritable, which allows a local attacker to craft a symlink attack to overwrite arbitrary files.
24-01-2018 - 22:29 24-01-2018 - 22:29
CVE-2018-6197 5.0
w3m through 0.5.3 is prone to a NULL pointer dereference flaw in formUpdateBuffer in form.c.
24-01-2018 - 22:29 24-01-2018 - 22:29
CVE-2018-6196 5.0
w3m through 0.5.3 is prone to an infinite recursion flaw in HTMLlineproc0 because the feed_table_block_tag function in table.c does not prevent a negative indent value.
24-01-2018 - 22:29 24-01-2018 - 22:29
CVE-2018-1000004 7.1
In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions a race condition vulnerability exists in the sound system, this can lead to a deadlock and denial of service condition.
16-01-2018 - 15:29 16-01-2018 - 15:29
CVE-2018-5712 4.3
An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. There is Reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file.
16-01-2018 - 04:29 16-01-2018 - 04:29
CVE-2018-5711 4.3
gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, has an integer signedness error that leads to an infinite loop via a crafted GIF file, as demonstrated
16-01-2018 - 04:29 16-01-2018 - 04:29
CVE-2018-5685 4.3
In GraphicsMagick 1.3.27, there is an infinite loop and application hang in the ReadBMPImage function (coders/bmp.c). Remote attackers could leverage this vulnerability to cause a denial of service via an image file with a crafted bit-field mask valu
13-01-2018 - 21:29 13-01-2018 - 21:29
CVE-2017-18029 4.3
In ImageMagick 7.0.6-10 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file.
12-01-2018 - 15:29 12-01-2018 - 15:29
CVE-2017-18027 4.3
In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file.
12-01-2018 - 15:29 12-01-2018 - 15:29
CVE-2018-5344 4.6
In the Linux kernel through 4.14.13, drivers/block/loop.c mishandles lo_release serialization, which allows attackers to cause a denial of service (__lock_acquire use-after-free) or possibly have unspecified other impact.
12-01-2018 - 04:29 12-01-2018 - 04:29
CVE-2018-5246 4.3
In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadPATTERNImage in coders/pattern.c.
05-01-2018 - 14:29 05-01-2018 - 14:29
CVE-2017-5754 4.7
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.
04-01-2018 - 08:29 04-01-2018 - 08:29
CVE-2017-5753 4.7
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
04-01-2018 - 08:29 04-01-2018 - 08:29
CVE-2017-5715 4.7
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
04-01-2018 - 08:29 04-01-2018 - 08:29
CVE-2017-18008 4.3
In ImageMagick 7.0.7-17 Q16, there is a Memory Leak in ReadPWPImage in coders/pwp.c.
01-01-2018 - 03:29 01-01-2018 - 03:29
CVE-2017-7160 6.8
An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves
27-12-2017 - 12:08 27-12-2017 - 12:08
CVE-2017-17914 7.1
In ImageMagick 7.0.7-16 Q16, a vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service (ReadOneMNGImage large loop) via a crafted mng image file.
27-12-2017 - 12:08 27-12-2017 - 12:08
CVE-2017-17884 4.3
In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in the function WriteOnePNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted PNG image file.
27-12-2017 - 12:08 27-12-2017 - 12:08
CVE-2017-17879 6.8
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a heap-based buffer over-read in ReadOneMNGImage in coders/png.c, related to length calculation and caused by an off-by-one error.
27-12-2017 - 12:08 27-12-2017 - 12:08
CVE-2017-17681 7.1
In ImageMagick 7.0.7-12 Q16, an infinite loop vulnerability was found in the function ReadPSDChannelZip in coders/psd.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted psd image file.
14-12-2017 - 01:29 14-12-2017 - 01:29
CVE-2017-17504 4.3
ImageMagick before 7.0.7-12 has a coders/png.c Magick_png_read_raw_profile heap-based buffer over-read via a crafted file, related to ReadOneMNGImage.
10-12-2017 - 21:29 10-12-2017 - 21:29
CVE-2017-16942 4.3
In libsndfile 1.0.25 (fixed in 1.0.26), a divide-by-zero error exists in the function wav_w64_read_fmt_chunk() in wav_w64.c, which may lead to DoS when playing a crafted audio file.
25-11-2017 - 12:29 25-11-2017 - 12:29
CVE-2017-15218 4.3
ImageMagick 7.0.7-2 has a memory leak in ReadOneJNGImage in coders/png.c.
10-10-2017 - 16:29 10-10-2017 - 16:29
CVE-2017-14649 4.3
ReadOneJNGImage in coders/png.c in GraphicsMagick version 1.3.26 does not properly validate JNG data, leading to a denial of service (assertion failure in magick/pixel_cache.c, and application crash).
21-09-2017 - 13:29 21-09-2017 - 13:29
CVE-2017-14246 5.8
An out of bounds read in the function d2ulaw_array() in ulaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values.
21-09-2017 - 09:29 21-09-2017 - 09:29
CVE-2017-14245 5.8
An out of bounds read in the function d2alaw_array() in alaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values.
21-09-2017 - 09:29 21-09-2017 - 09:29
CVE-2017-14634 4.3
In libsndfile 1.0.28, a divide-by-zero error exists in the function double64_init() in double64.c, which may lead to DoS when playing a crafted audio file.
21-09-2017 - 03:29 21-09-2017 - 03:29
CVE-2017-14103 6.8
The ReadJNGImage and ReadOneJNGImage functions in coders/png.c in GraphicsMagick 1.3.26 do not properly manage image pointers after certain error conditions, which allows remote attackers to conduct use-after-free attacks via a crafted file, related
01-09-2017 - 09:29 01-09-2017 - 09:29
CVE-2017-13147 6.8
In GraphicsMagick 1.3.26, an allocation failure vulnerability was found in the function ReadMNGImage in coders/png.c when a small MNG file has a MEND chunk with a large length value.
23-08-2017 - 13:29 23-08-2017 - 13:29
CVE-2017-13142 4.3
In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, a crafted PNG file could trigger a crash because there was an insufficient check for short files.
23-08-2017 - 02:29 23-08-2017 - 02:29
CVE-2017-13141 4.3
In ImageMagick before 6.9.9-4 and 7.x before 7.0.6-4, a crafted file could trigger a memory leak in ReadOnePNGImage in coders/png.c.
23-08-2017 - 02:29 23-08-2017 - 02:29
CVE-2017-13059 4.3
In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function WriteOneJNGImage in coders/png.c, which allows attackers to cause a denial of service (WriteJNGImage memory consumption) via a crafted file.
22-08-2017 - 02:29 22-08-2017 - 02:29
CVE-2017-12935 6.8
The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 mishandles large MNG images, leading to an invalid memory read in the SetImageColorCallBack function in magick/image.c.
18-08-2017 - 08:29 18-08-2017 - 08:29
CVE-2017-12676 4.3
In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function ReadOneJNGImage in coders/png.c, which allows attackers to cause a denial of service.
07-08-2017 - 17:29 07-08-2017 - 17:29
CVE-2017-12673 4.3
In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function ReadOneMNGImage in coders/png.c, which allows attackers to cause a denial of service.
07-08-2017 - 17:29 07-08-2017 - 17:29
CVE-2017-12671 4.3
In ImageMagick 7.0.6-3, a missing NULL assignment was found in coders/png.c, leading to an invalid free in the function RelinquishMagickMemory in MagickCore/memory.c, which allows attackers to cause a denial of service.
07-08-2017 - 17:29 07-08-2017 - 17:29
CVE-2017-12643 7.1
ImageMagick 7.0.6-1 has a memory exhaustion vulnerability in ReadOneJNGImage in coders\png.c.
07-08-2017 - 11:29 07-08-2017 - 11:29
CVE-2017-12641 6.8
ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadOneJNGImage in coders\png.c.
07-08-2017 - 11:29 07-08-2017 - 11:29
CVE-2017-12640 6.8
ImageMagick 7.0.6-1 has an out-of-bounds read vulnerability in ReadOneMNGImage in coders/png.c.
07-08-2017 - 11:29 07-08-2017 - 11:29
CVE-2017-12565 4.3
In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the function ReadOneJNGImage in coders/png.c, which allows attackers to cause a denial of service.
05-08-2017 - 14:29 05-08-2017 - 14:29
CVE-2017-11750 4.3
The ReadOneJNGImage function in coders/png.c in ImageMagick 6.9.9-4 and 7.0.6-4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
30-07-2017 - 13:29 30-07-2017 - 13:29
CVE-2017-11639 4.3
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c, related to the GetPixelLuma function in MagickCore/pixel-accessor.h.
26-07-2017 - 04:29 26-07-2017 - 04:29
CVE-2017-11539 4.3
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the ReadOnePNGImage() function in coders/png.c.
22-07-2017 - 23:29 22-07-2017 - 23:29
CVE-2017-11526 7.1
The ReadOneMNGImage function in coders/png.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted file.
22-07-2017 - 23:29 22-07-2017 - 23:29
CVE-2017-11525 7.1
The ReadCINImage function in coders/cin.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.
22-07-2017 - 23:29 22-07-2017 - 23:29
CVE-2017-11505 7.1
The ReadOneJNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a malformed JNG file.
21-07-2017 - 12:29 21-07-2017 - 12:29
CVE-2017-10995 4.3
The mng_get_long function in coders/png.c in ImageMagick 7.0.6-0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted MNG image.
07-07-2017 - 12:29 07-07-2017 - 12:29
CVE-2017-6892 6.8
In libsndfile version 1.0.28, an error in the "aiff_read_chanmap()" function (aiff.c) can be exploited to cause an out-of-bounds read memory access via a specially crafted AIFF file.
12-06-2017 - 12:29 12-06-2017 - 12:29
CVE-2017-9262 4.3
In ImageMagick 7.0.5-6 Q16, the ReadJNGImage function in coders/png.c allows attackers to cause a denial of service (memory leak) via a crafted file.
29-05-2017 - 00:29 29-05-2017 - 00:29
CVE-2017-9261 4.3
In ImageMagick 7.0.5-6 Q16, the ReadMNGImage function in coders/png.c allows attackers to cause a denial of service (memory leak) via a crafted file.
29-05-2017 - 00:29 29-05-2017 - 00:29
CVE-2016-0778 4.6
The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when certain proxy and forward options are enabled, do not properly maintain connection file descriptors, which allows r
16-02-2017 - 21:59 14-01-2016 - 17:59
CVE-2016-0777 4.0
The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading
16-02-2017 - 21:59 14-01-2016 - 17:59
Back to Top Mark selected
Back to Top