Max CVSS 9.3 Min CVSS 1.9 Total Count20
IDCVSSSummaryLast (major) updatePublished
CVE-2018-5740 5.0
"deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feat
16-01-2019 - 15:29 16-01-2019 - 15:29
CVE-2018-5925 9.3
A security vulnerability has been identified with certain HP Inkjet printers. A maliciously crafted file sent to an affected device can cause a static buffer overflow, which could allow remote code execution.
13-08-2018 - 11:29 13-08-2018 - 11:29
CVE-2018-5924 7.5
A security vulnerability has been identified with certain HP Inkjet printers. A maliciously crafted file sent to an affected device can cause a stack buffer overflow, which could allow remote code execution.
13-08-2018 - 11:29 13-08-2018 - 11:29
CVE-2018-10925 5.5
It was discovered that PostgreSQL versions before 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24 failed to properly check authorization on certain statements involved with "INSERT ... ON CONFLICT DO UPDATE". An attacker with "CREATE TABLE" privileges could
09-08-2018 - 17:29 09-08-2018 - 17:29
CVE-2018-10915 6.0
A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with "host" or "hostaddr" connection parameters from untru
09-08-2018 - 16:29 09-08-2018 - 16:29
CVE-2018-14681 6.8
An issue was discovered in kwajd_read_headers in mspack/kwajd.c in libmspack before 0.7alpha. Bad KWAJ file header extensions could cause a one or two byte overwrite.
28-07-2018 - 19:29 28-07-2018 - 19:29
CVE-2018-14679 4.3
An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the CHM PMGI/PMGL chunk number validity checks, which could lead to denial of service (uninitialized data dereference and application crash).
28-07-2018 - 19:29 28-07-2018 - 19:29
CVE-2018-0498 1.9
ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows local users to achieve partial plaintext recovery (for a CBC based ciphersuite) via a cache-based side-channel attack.
28-07-2018 - 13:29 28-07-2018 - 13:29
CVE-2018-0497 4.3
ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows remote attackers to achieve partial plaintext recovery (for a CBC based ciphersuite) via a timing-based side-channel attack. This vulnerability exists because of an incorrect fix (wit
28-07-2018 - 13:29 28-07-2018 - 13:29
CVE-2018-10900 7.2
Network Manager VPNC plugin (aka networkmanager-vpnc) before version 1.2.6 is vulnerable to a privilege escalation attack. A new line character can be used to inject a Password helper parameter into the configuration data passed to VPNC, allowing an
26-07-2018 - 11:29 26-07-2018 - 11:29
CVE-2018-2952 4.3
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171; JRockit: R28.3.18. Difficult t
18-07-2018 - 09:29 18-07-2018 - 09:29
CVE-2018-2893 7.5
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1.3. Easily exploitable vulnerability allows unauthe
18-07-2018 - 09:29 18-07-2018 - 09:29
CVE-2018-12601 7.5
There is a heap-based buffer overflow in ReadImage in input-tga.ci in sam2p 0.49.4 that leads to a denial of service or possibly unspecified other impact.
20-06-2018 - 14:29 20-06-2018 - 14:29
CVE-2018-12578 7.5
There is a heap-based buffer overflow in bmp_compress1_row in appliers.cpp in sam2p 0.49.4 that leads to a denial of service or possibly unspecified other impact.
19-06-2018 - 11:29 19-06-2018 - 11:29
CVE-2018-3639 4.9
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access vi
22-05-2018 - 08:29 22-05-2018 - 08:29
CVE-2018-11236 7.5
stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer over
18-05-2018 - 12:29 18-05-2018 - 12:29
CVE-2017-11343 5.0
Due to an incomplete fix for CVE-2012-6125, all versions of CHICKEN Scheme up to and including 4.12.0 are vulnerable to an algorithmic complexity attack. An attacker can provide crafted input which, when inserted into the symbol table, will result in
17-07-2017 - 09:18 17-07-2017 - 09:18
CVE-2017-9334 5.0
An incorrect "pair?" check in the Scheme "length" procedure results in an unsafe pointer dereference in all CHICKEN Scheme versions prior to 4.13, which allows an attacker to cause a denial of service by passing an improper list to an application tha
01-06-2017 - 01:29 01-06-2017 - 01:29
CVE-2017-6949 6.8
An issue was discovered in CHICKEN Scheme through 4.12.0. When using a nonstandard CHICKEN-specific extension to allocate an SRFI-4 vector in unmanaged memory, the vector size would be used in unsanitised form as an argument to malloc(). With an unex
04-04-2017 - 21:59 16-03-2017 - 13:59
CVE-2016-2317 4.3
Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTr
07-02-2017 - 16:39 03-02-2017 - 10:59
Back to Top Mark selected
Back to Top