Max CVSS | 10.0 | Min CVSS | 1.9 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2017-18017 | 10.0 |
The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other im
|
24-04-2024 - 13:40 | 03-01-2018 - 06:29 | |
CVE-2018-7995 | 4.7 |
Race condition in the store_int_with_restart() function in arch/x86/kernel/cpu/mcheck/mce.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (panic) by leveraging root access to write to the check_interval file in a
|
11-04-2024 - 01:02 | 09-03-2018 - 15:29 | |
CVE-2018-8822 | 7.2 |
Incorrect buffer length handling in the ncp_read_kernel function in fs/ncpfs/ncplib_kernel.c in the Linux kernel through 4.15.11, and in drivers/staging/ncpfs/ncplib_kernel.c in the Linux kernel 4.16-rc through 4.16-rc6, could be exploited by malicio
|
28-03-2024 - 16:08 | 20-03-2018 - 17:29 | |
CVE-2018-1068 | 7.2 |
A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory.
|
21-06-2023 - 15:56 | 16-03-2018 - 16:29 | |
CVE-2018-8781 | 7.2 |
The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissi
|
03-03-2023 - 19:22 | 23-04-2018 - 19:29 | |
CVE-2018-5332 | 7.2 |
In the Linux kernel through 3.2, the rds_message_alloc_sgs() function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c).
|
24-02-2023 - 18:43 | 11-01-2018 - 07:29 | |
CVE-2018-7480 | 7.2 |
The blkcg_init_queue function in block/blk-cgroup.c in the Linux kernel before 4.11 allows local users to cause a denial of service (double free) or possibly have unspecified other impact by triggering a creation failure.
|
24-02-2023 - 18:33 | 25-02-2018 - 20:29 | |
CVE-2018-1065 | 4.7 |
The netfilter subsystem in the Linux kernel through 4.15.7 mishandles the case of a rule blob that contains a jump but lacks a user-defined chain, which allows local users to cause a denial of service (NULL pointer dereference) by leveraging the CAP_
|
13-02-2023 - 04:53 | 02-03-2018 - 08:29 | |
CVE-2018-1092 | 7.1 |
The ext4_iget function in fs/ext4/inode.c in the Linux kernel through 4.15.15 mishandles the case of a root directory with a zero i_links_count, which allows attackers to cause a denial of service (ext4_process_freed_data NULL pointer dereference and
|
12-02-2023 - 23:32 | 02-04-2018 - 03:29 | |
CVE-2017-18218 | 7.2 |
In drivers/net/ethernet/hisilicon/hns/hns_enet.c in the Linux kernel before 4.13, local users can cause a denial of service (use-after-free and BUG) or possibly have unspecified other impact by leveraging differences in skb handling between hns_nic_n
|
07-02-2023 - 22:01 | 05-03-2018 - 20:29 | |
CVE-2018-3838 | 4.3 |
An exploitable information vulnerability exists in the XCF image rendering functionality of Simple DirectMedia Layer SDL2_image-2.0.2. A specially crafted XCF image can cause an out-of-bounds read on the heap, resulting in information disclosure. An
|
04-02-2023 - 01:08 | 10-04-2018 - 21:29 | |
CVE-2017-14448 | 6.8 |
An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.2. A specially crafted XCF image can cause a heap overflow resulting in code execution. An attacker can display a specially crafted image to
|
27-01-2023 - 20:58 | 24-04-2018 - 19:29 | |
CVE-2017-16526 | 7.2 |
drivers/uwb/uwbd.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (general protection fault and system crash) or possibly have unspecified other impact via a crafted USB device.
|
19-01-2023 - 15:46 | 04-11-2017 - 01:29 | |
CVE-2017-12122 | 6.8 |
An exploitable code execution vulnerability exists in the ILBM image rendering functionality of SDL2_image-2.0.2. A specially crafted ILBM image can cause a heap overflow resulting in code execution. An attacker can display a specially crafted image
|
14-12-2022 - 15:56 | 24-04-2018 - 19:29 | |
CVE-2017-14442 | 6.8 |
An exploitable code execution vulnerability exists in the BMP image rendering functionality of SDL2_image-2.0.2. A specially crafted BMP image can cause a stack overflow resulting in code execution. An attacker can display a specially crafted image t
|
09-12-2022 - 02:10 | 24-04-2018 - 19:29 | |
CVE-2017-14441 | 6.8 |
An exploitable code execution vulnerability exists in the ICO image rendering functionality of SDL2_image-2.0.2. A specially crafted ICO image can cause an integer overflow, cascading to a heap overflow resulting in code execution. An attacker can di
|
09-12-2022 - 02:10 | 24-04-2018 - 19:29 | |
CVE-2017-14440 | 6.8 |
An exploitable code execution vulnerability exists in the ILBM image rendering functionality of SDL2_image-2.0.2. A specially crafted ILBM image can cause a stack overflow resulting in code execution. An attacker can display a specially crafted image
|
09-12-2022 - 02:07 | 24-04-2018 - 19:29 | |
CVE-2018-1108 | 4.3 |
kernel drivers before version 4.17-rc1 are vulnerable to a weakness in the Linux kernel's implementation of random seed data. Programs, early in the boot sequence, could use the data allocated for the seed before it was sufficiently generated.
|
29-11-2022 - 18:45 | 21-05-2018 - 21:29 | |
CVE-2018-3837 | 4.3 |
An exploitable information disclosure vulnerability exists in the PCX image rendering functionality of Simple DirectMedia Layer SDL2_image-2.0.2. A specially crafted PCX image can cause an out-of-bounds read on the heap, resulting in information disc
|
25-10-2022 - 16:54 | 10-04-2018 - 21:29 | |
CVE-2018-3839 | 6.8 |
An exploitable code execution vulnerability exists in the XCF image rendering functionality of Simple DirectMedia Layer SDL2_image-2.0.2. A specially crafted XCF image can cause an out-of-bounds write on the heap, resulting in code execution. An atta
|
25-10-2022 - 16:53 | 10-04-2018 - 21:29 | |
CVE-2018-2799 | 5.0 |
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerabil
|
06-10-2022 - 18:56 | 19-04-2018 - 02:29 | |
CVE-2017-2887 | 6.8 |
An exploitable buffer overflow vulnerability exists in the XCF property handling functionality of SDL_image 2.0.1. A specially crafted xcf file can cause a stack-based buffer overflow resulting in potential code execution. An attacker can provide a s
|
07-06-2022 - 17:39 | 11-10-2017 - 18:29 | |
CVE-2018-2797 | 5.0 |
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JMX). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vuln
|
13-05-2022 - 14:57 | 19-04-2018 - 02:29 | |
CVE-2018-2815 | 5.0 |
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploi
|
13-05-2022 - 14:57 | 19-04-2018 - 02:29 | |
CVE-2018-2798 | 5.0 |
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vuln
|
13-05-2022 - 14:57 | 19-04-2018 - 02:29 | |
CVE-2018-2790 | 2.6 |
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161. Difficult to exploit vulnerability allows unau
|
13-05-2022 - 14:57 | 19-04-2018 - 02:29 | |
CVE-2018-2814 | 5.1 |
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161. Difficult to exploit vulnerability allows unaut
|
13-05-2022 - 14:57 | 19-04-2018 - 02:29 | |
CVE-2018-2796 | 5.0 |
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vul
|
13-05-2022 - 14:57 | 19-04-2018 - 02:29 | |
CVE-2018-2794 | 3.7 |
Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162, 10 and JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated att
|
13-05-2022 - 14:57 | 19-04-2018 - 02:29 | |
CVE-2018-2795 | 5.0 |
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable
|
13-05-2022 - 14:57 | 19-04-2018 - 02:29 | |
CVE-2018-2800 | 4.0 |
Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u181, 7u171 and 8u162; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker wit
|
13-05-2022 - 14:57 | 19-04-2018 - 02:29 | |
CVE-2017-14450 | 5.8 |
A buffer overflow vulnerability exists in the GIF image parsing functionality of SDL2_image-2.0.2. A specially crafted GIF image can lead to a buffer overflow on a global section. An attacker can display an image to trigger this vulnerability.
|
19-04-2022 - 19:15 | 24-04-2018 - 19:29 | |
CVE-2017-5753 | 4.7 |
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
|
23-11-2021 - 22:14 | 04-01-2018 - 13:29 | |
CVE-2018-6097 | 4.3 |
Incorrect handling of asynchronous methods in Fullscreen in Google Chrome on macOS prior to 66.0.3359.117 allowed a remote attacker to enter full screen without showing a warning via a crafted HTML page.
|
08-09-2021 - 17:21 | 09-01-2019 - 19:29 | |
CVE-2018-6113 | 4.3 |
Improper handling of pending navigation entries in Navigation in Google Chrome on iOS prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
|
08-09-2021 - 17:21 | 09-01-2019 - 19:29 | |
CVE-2017-5715 | 1.9 |
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
|
16-08-2021 - 09:15 | 04-01-2018 - 13:29 | |
CVE-2018-7602 | 7.5 |
A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being compromised. This vulnerability
|
20-04-2021 - 12:52 | 19-07-2018 - 17:29 | |
CVE-2018-1000178 | 7.5 |
A heap corruption of type CWE-120 exists in quassel version 0.12.4 in quasselcore in void DataStreamPeer::processMessage(const QByteArray &msg) datastreampeer.cpp line 62 that allows an attacker to execute code remotely.
|
26-10-2020 - 22:15 | 08-05-2018 - 15:29 | |
CVE-2018-1000179 | 5.0 |
A NULL Pointer Dereference of CWE-476 exists in quassel version 0.12.4 in the quasselcore void CoreAuthHandler::handle(const Login &msg) coreauthhandler.cpp line 235 that allows an attacker to cause a denial of service.
|
26-10-2020 - 22:15 | 08-05-2018 - 15:29 | |
CVE-2018-10323 | 4.9 |
The xfs_bmap_extents_to_btree function in fs/xfs/libxfs/xfs_bmap.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_bmapi_write NULL pointer dereference) via a crafted xfs image.
|
08-09-2020 - 19:15 | 24-04-2018 - 06:29 | |
CVE-2018-6103 | 4.3 |
A stagnant permission prompt in Prompts in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to bypass permission policy via a crafted HTML page.
|
24-08-2020 - 17:37 | 04-12-2018 - 17:29 | |
CVE-2018-6069 | 4.3 |
Stack buffer overflow in Skia in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
|
24-08-2020 - 17:37 | 14-11-2018 - 15:29 | |
CVE-2018-6073 | 6.8 |
A heap buffer overflow in WebGL in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.
|
24-08-2020 - 17:37 | 14-11-2018 - 15:29 | |
CVE-2018-6094 | 6.8 |
Inline metadata in GarbageCollection in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
24-08-2020 - 17:37 | 04-12-2018 - 17:29 | |
CVE-2018-6065 | 6.8 |
Integer overflow in computing the required allocation size when instantiating a new javascript object in V8 in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
24-08-2020 - 17:37 | 14-11-2018 - 15:29 | |
CVE-2018-6071 | 6.8 |
An integer overflow in Skia in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
|
24-08-2020 - 17:37 | 14-11-2018 - 15:29 | |
CVE-2018-6072 | 6.8 |
An integer overflow leading to use after free in PDFium in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
|
24-08-2020 - 17:37 | 14-11-2018 - 15:29 | |
CVE-2018-7566 | 4.6 |
The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user.
|
24-08-2020 - 17:37 | 30-03-2018 - 21:29 | |
CVE-2018-1000199 | 4.9 |
The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptra
|
24-08-2020 - 17:37 | 24-05-2018 - 13:29 | |
CVE-2018-1000004 | 7.1 |
In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions a race condition vulnerability exists in the sound system, this can lead to a deadlock and denial of service condition.
|
15-07-2020 - 03:15 | 16-01-2018 - 20:29 | |
CVE-2017-0861 | 4.6 |
Use-after-free vulnerability in the snd_pcm_info function in the ALSA subsystem in the Linux kernel allows attackers to gain privileges via unspecified vectors.
|
15-07-2020 - 03:15 | 16-11-2017 - 23:29 | |
CVE-2018-5333 | 4.9 |
In the Linux kernel through 4.14.13, the rds_cmsg_atomic function in net/rds/rdma.c mishandles cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference.
|
22-01-2020 - 19:15 | 11-01-2018 - 07:29 | |
CVE-2018-6107 | 4.3 |
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
|
03-10-2019 - 00:03 | 04-12-2018 - 17:29 | |
CVE-2018-6080 | 4.3 |
Lack of access control checks in Instrumentation in Google Chrome prior to 65.0.3325.146 allowed a remote attacker who had compromised the renderer process to obtain memory metadata from privileged processes .
|
03-10-2019 - 00:03 | 14-11-2018 - 15:29 | |
CVE-2018-6112 | 4.3 |
Making URLs clickable and allowing them to be styled in DevTools in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
|
03-10-2019 - 00:03 | 09-01-2019 - 19:29 | |
CVE-2018-6083 | 6.8 |
Failure to disallow PWA installation from CSP sandboxed pages in AppManifest in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to access privileged APIs via a crafted HTML page.
|
03-10-2019 - 00:03 | 14-11-2018 - 15:29 | |
CVE-2018-6098 | 4.3 |
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
|
03-10-2019 - 00:03 | 04-12-2018 - 17:29 | |
CVE-2018-6104 | 4.3 |
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
|
03-10-2019 - 00:03 | 04-12-2018 - 17:29 | |
CVE-2018-8087 | 4.9 |
Memory leak in the hwsim_new_radio_nl function in drivers/net/wireless/mac80211_hwsim.c in the Linux kernel through 4.15.9 allows local users to cause a denial of service (memory consumption) by triggering an out-of-array error case.
|
03-10-2019 - 00:03 | 13-03-2018 - 06:29 | |
CVE-2018-6108 | 4.3 |
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted HTML page.
|
03-10-2019 - 00:03 | 04-12-2018 - 17:29 | |
CVE-2018-6067 | 6.8 |
Incorrect IPC serialization in Skia in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
03-10-2019 - 00:03 | 14-11-2018 - 15:29 | |
CVE-2018-6105 | 4.3 |
Incorrect handling of confusable characters in Omnibox in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
|
03-10-2019 - 00:03 | 04-12-2018 - 17:29 | |
CVE-2018-6070 | 4.3 |
Lack of CSP enforcement on WebUI pages in Bink in Google Chrome prior to 65.0.3325.146 allowed an attacker who convinced a user to install a malicious extension to bypass content security policy via a crafted Chrome Extension.
|
03-10-2019 - 00:03 | 14-11-2018 - 15:29 | |
CVE-2018-7757 | 2.1 |
Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (memory consumption) via many read accesses to files in the /sys/class/sas_phy
|
03-10-2019 - 00:03 | 08-03-2018 - 14:29 | |
CVE-2018-6057 | 6.8 |
Lack of special casing of Android ashmem in Google Chrome prior to 65.0.3325.146 allowed a remote attacker who had compromised the renderer process to bypass inter-process read only guarantees via a crafted HTML page.
|
03-10-2019 - 00:03 | 14-11-2018 - 15:29 | |
CVE-2017-18232 | 2.1 |
The Serial Attached SCSI (SAS) implementation in the Linux kernel through 4.15.9 mishandles a mutex within libsas, which allows local users to cause a denial of service (deadlock) by triggering certain error-handling code.
|
03-10-2019 - 00:03 | 15-03-2018 - 04:29 | |
CVE-2017-13166 | 4.6 |
An elevation of privilege vulnerability in the kernel v4l2 video driver. Product: Android. Versions: Android kernel. Android ID A-34624167.
|
03-10-2019 - 00:03 | 06-12-2017 - 14:29 | |
CVE-2017-13220 | 4.6 |
An elevation of privilege vulnerability in the Upstream kernel bluez. Product: Android. Versions: Android kernel. Android ID: A-63527053.
|
03-10-2019 - 00:03 | 12-01-2018 - 23:29 | |
CVE-2018-1000164 | 5.0 |
gunicorn version 19.4.5 contains a CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers vulnerability in "process_headers" function in "gunicorn/http/wsgi.py" that can result in an attacker causing the server to return arbitrary HTTP he
|
19-06-2019 - 22:15 | 18-04-2018 - 19:29 | |
CVE-2018-6064 | 6.8 |
Type Confusion in the implementation of __defineGetter__ in V8 in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
02-05-2019 - 15:50 | 14-11-2018 - 15:29 | |
CVE-2018-0490 | 5.0 |
An issue was discovered in Tor before 0.2.9.15, 0.3.1.x before 0.3.1.10, and 0.3.2.x before 0.3.2.10. The directory-authority protocol-list subprotocol implementation allows remote attackers to cause a denial of service (NULL pointer dereference and
|
30-04-2019 - 14:58 | 05-03-2018 - 15:29 | |
CVE-2018-1066 | 7.1 |
The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() that allows an attacker controlling a CIFS server to kernel panic a client that has this server mounted, because an empty Tar
|
23-04-2019 - 13:37 | 02-03-2018 - 08:29 | |
CVE-2018-5803 | 4.9 |
In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash.
|
27-03-2019 - 16:17 | 12-06-2018 - 16:29 | |
CVE-2018-7492 | 4.9 |
A NULL pointer dereference was found in the net/rds/rdma.c __rds_rdma_map() function in the Linux kernel before 4.14.7 allowing local attackers to cause a system panic and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST.
|
26-03-2019 - 18:46 | 26-02-2018 - 20:29 | |
CVE-2018-7740 | 4.9 |
The resv_map_release function in mm/hugetlb.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (BUG) via a crafted application that makes mmap system calls and has a large pgoff argument to the remap_file_pages syste
|
18-03-2019 - 19:31 | 07-03-2018 - 08:29 | |
CVE-2017-18241 | 4.9 |
fs/f2fs/segment.c in the Linux kernel before 4.13 allows local users to cause a denial of service (NULL pointer dereference and panic) by using a noflush_merge option that triggers a NULL value for a flush_cmd_control data structure.
|
18-03-2019 - 15:20 | 21-03-2018 - 16:29 | |
CVE-2018-5750 | 2.1 |
The acpi_smbus_hc_add function in drivers/acpi/sbshc.c in the Linux kernel through 4.14.15 allows local users to obtain sensitive address information by reading dmesg data from an SBS HC printk call.
|
07-03-2019 - 20:46 | 26-01-2018 - 19:29 | |
CVE-2018-6927 | 4.6 |
The futex_requeue function in kernel/futex.c in the Linux kernel before 4.14.15 might allow attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact by triggering a negative wake or requeue value.
|
06-03-2019 - 21:38 | 12-02-2018 - 19:29 | |
CVE-2018-6099 | 4.3 |
A lack of CORS checks in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak limited cross-origin data via a crafted HTML page.
|
01-03-2019 - 20:36 | 04-12-2018 - 17:29 | |
CVE-2018-6086 | 6.8 |
A double-eviction in the Incognito mode cache that lead to a user-after-free in Networking Disk Cache in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code via a crafted HTML page.
|
01-03-2019 - 20:33 | 04-12-2018 - 17:29 | |
CVE-2018-6089 | 4.3 |
A lack of CORS checks, after a Service Worker redirected to a cross-origin PDF, in Service Worker in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak limited cross-origin data via a crafted HTML page.
|
01-03-2019 - 20:31 | 04-12-2018 - 17:29 | |
CVE-2018-6090 | 6.8 |
An integer overflow that lead to a heap buffer-overflow in Skia in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
|
01-03-2019 - 20:27 | 04-12-2018 - 17:29 | |
CVE-2018-6085 | 6.8 |
Re-entry of a destructor in Networking Disk Cache in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code via a crafted HTML page.
|
01-03-2019 - 20:03 | 04-12-2018 - 17:29 | |
CVE-2018-6101 | 5.1 |
A lack of host validation in DevTools in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code via a crafted HTML page, if the user is running a remote DevTools debugging server.
|
01-03-2019 - 19:55 | 04-12-2018 - 17:29 | |
CVE-2018-6088 | 6.8 |
An iterator-invalidation bug in PDFium in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file.
|
01-03-2019 - 19:54 | 04-12-2018 - 17:29 | |
CVE-2018-6095 | 4.3 |
Inappropriate dismissal of file picker on keyboard events in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to read local files via a crafted HTML page.
|
01-03-2019 - 19:50 | 04-12-2018 - 17:29 | |
CVE-2018-6087 | 6.8 |
A use-after-free in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
|
01-03-2019 - 19:45 | 04-12-2018 - 17:29 | |
CVE-2018-6092 | 6.8 |
An integer overflow on 32-bit systems in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
|
01-03-2019 - 19:39 | 04-12-2018 - 17:29 | |
CVE-2018-6102 | 4.3 |
Missing confusable characters in Internationalization in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
|
01-03-2019 - 19:26 | 04-12-2018 - 17:29 | |
CVE-2018-6116 | 4.3 |
A nullptr dereference in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
|
01-03-2019 - 19:20 | 04-12-2018 - 17:29 | |
CVE-2018-6091 | 4.3 |
Service Workers can intercept any request made by an <embed> or <object> tag in Fetch API in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
|
30-01-2019 - 18:27 | 09-01-2019 - 19:29 | |
CVE-2018-6096 | 4.3 |
A JavaScript focused window could overlap the fullscreen notification in Fullscreen in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to obscure the full screen warning via a crafted HTML page.
|
30-01-2019 - 18:16 | 09-01-2019 - 19:29 | |
CVE-2018-6100 | 4.3 |
Incorrect handling of confusable characters in URL Formatter in Google Chrome on macOS prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
|
30-01-2019 - 18:01 | 09-01-2019 - 19:29 | |
CVE-2018-6106 | 6.8 |
An asynchronous generator may return an incorrect state in V8 in Google Chrome prior to 66.0.3359.117 allowing a remote attacker to potentially exploit object corruption via a crafted HTML page.
|
30-01-2019 - 17:12 | 09-01-2019 - 19:29 | |
CVE-2018-6109 | 4.3 |
readAsText() can indefinitely read the file picked by the user, rather than only once at the time the file is picked in File API in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to access data on the user file system without explicit
|
30-01-2019 - 17:02 | 09-01-2019 - 19:29 | |
CVE-2018-6110 | 5.8 |
Parsing documents as HTML in Downloads in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to cause Chrome to execute scripts via a local non-HTML page.
|
30-01-2019 - 16:47 | 09-01-2019 - 19:29 | |
CVE-2018-6093 | 4.3 |
Insufficient origin checks in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
|
29-01-2019 - 20:01 | 09-01-2019 - 19:29 | |
CVE-2018-6056 | 6.8 |
Type confusion could lead to a heap out-of-bounds write in V8 in Google Chrome prior to 64.0.3282.168 allowing a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
|
29-01-2019 - 19:41 | 09-01-2019 - 19:29 | |
CVE-2018-6111 | 6.8 |
An object lifetime issue in the developer tools network handler in Google Chrome prior to 66.0.3359.117 allowed a local attacker to execute arbitrary code via a crafted HTML page.
|
16-01-2019 - 16:41 | 09-01-2019 - 19:29 | |
CVE-2018-6114 | 4.3 |
Incorrect enforcement of CSP for <object> tags in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to bypass content security policy via a crafted HTML page.
|
16-01-2019 - 15:22 | 09-01-2019 - 19:29 | |
CVE-2018-6117 | 4.3 |
Confusing settings in Autofill in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
|
15-01-2019 - 20:57 | 09-01-2019 - 19:29 | |
CVE-2018-6082 | 4.3 |
Including port 22 in the list of allowed FTP ports in Networking in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially enumerate internal host services via a crafted HTML page.
|
27-12-2018 - 18:39 | 14-11-2018 - 15:29 | |
CVE-2018-6079 | 4.3 |
Inappropriate sharing of TEXTURE_2D_ARRAY/TEXTURE_3D data between tabs in WebGL in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
|
26-12-2018 - 14:37 | 14-11-2018 - 15:29 | |
CVE-2018-6078 | 4.3 |
Incorrect handling of confusable characters in Omnibox in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
|
26-12-2018 - 14:23 | 14-11-2018 - 15:29 | |
CVE-2018-6063 | 6.8 |
Incorrect use of mojo::WrapSharedMemoryHandle in Mojo in Google Chrome prior to 65.0.3325.146 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page.
|
26-12-2018 - 14:12 | 14-11-2018 - 15:29 | |
CVE-2018-6060 | 6.8 |
Use after free in WebAudio in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
21-12-2018 - 20:54 | 14-11-2018 - 15:29 | |
CVE-2018-6077 | 4.3 |
Displacement map filters being applied to cross-origin images in Blink SVG rendering in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
|
21-12-2018 - 20:42 | 14-11-2018 - 15:29 | |
CVE-2018-6062 | 6.8 |
Heap overflow write in Skia in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.
|
21-12-2018 - 20:35 | 14-11-2018 - 15:29 | |
CVE-2018-6061 | 5.1 |
A race in the handling of SharedArrayBuffers in WebAssembly in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
19-12-2018 - 20:26 | 14-11-2018 - 15:29 | |
CVE-2018-6066 | 4.3 |
Lack of CORS checking by ResourceFetcher/ResourceLoader in Blink in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
|
19-12-2018 - 18:21 | 14-11-2018 - 15:29 | |
CVE-2018-6068 | 4.3 |
Object lifecycle issue in Chrome Custom Tab in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
|
19-12-2018 - 18:14 | 14-11-2018 - 15:29 | |
CVE-2018-6074 | 6.8 |
Failure to apply Mark-of-the-Web in Downloads in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to bypass OS level controls via a crafted HTML page.
|
19-12-2018 - 18:02 | 14-11-2018 - 15:29 | |
CVE-2018-6075 | 4.3 |
Incorrect handling of specified filenames in file downloads in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to leak cross-origin data via a crafted HTML page and user interaction.
|
19-12-2018 - 16:21 | 14-11-2018 - 15:29 | |
CVE-2018-6076 | 4.3 |
Insufficient encoding of URL fragment identifiers in Blink in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to perform a DOM based XSS attack via a crafted HTML page.
|
19-12-2018 - 16:20 | 14-11-2018 - 15:29 | |
CVE-2018-6081 | 4.3 |
XSS vulnerabilities in Interstitials in Google Chrome prior to 65.0.3325.146 allowed an attacker who convinced a user to install a malicious extension or open Developer Console to inject arbitrary scripts or HTML via a crafted HTML page.
|
14-12-2018 - 19:52 | 14-11-2018 - 15:29 | |
CVE-2017-18216 | 2.1 |
In fs/ocfs2/cluster/nodemanager.c in the Linux kernel before 4.15, local users can cause a denial of service (NULL pointer dereference and BUG) because a required mutex is not used.
|
30-10-2018 - 10:29 | 05-03-2018 - 18:29 | |
CVE-2018-1093 | 7.1 |
The ext4_valid_block_bitmap function in fs/ext4/balloc.c in the Linux kernel through 4.15.15 allows attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 image because balloc.c and ialloc.c do not validate bi
|
29-08-2018 - 10:29 | 02-04-2018 - 03:29 | |
CVE-2017-16914 | 7.1 |
The "stub_send_ret_submit()" function (drivers/usb/usbip/stub_tx.c) in the Linux Kernel before version 4.14.8, 4.9.71, 4.1.49, and 4.4.107 allows attackers to cause a denial of service (NULL pointer dereference) via a specially crafted USB over IP pa
|
24-08-2018 - 10:29 | 31-01-2018 - 22:29 | |
CVE-2017-16913 | 7.1 |
The "stub_recv_cmd_submit()" function (drivers/usb/usbip/stub_rx.c) in the Linux Kernel before version 4.14.8, 4.9.71, and 4.4.114 when handling CMD_SUBMIT packets allows attackers to cause a denial of service (arbitrary memory allocation) via a spec
|
24-08-2018 - 10:29 | 31-01-2018 - 22:29 | |
CVE-2017-16912 | 7.1 |
The "get_pipe()" function (drivers/usb/usbip/stub_rx.c) in the Linux Kernel before version 4.14.8, 4.9.71, and 4.4.114 allows attackers to cause a denial of service (out-of-bounds read) via a specially crafted USB over IP packet.
|
24-08-2018 - 10:29 | 31-01-2018 - 22:29 | |
CVE-2017-16911 | 1.9 |
The vhci_hcd driver in the Linux Kernel before version 4.14.8 and 4.4.114 allows allows local attackers to disclose kernel memory addresses. Successful exploitation requires that a USB device is attached over IP.
|
24-08-2018 - 10:29 | 31-01-2018 - 22:29 | |
CVE-2017-18257 | 4.9 |
The __get_data_block function in fs/f2fs/data.c in the Linux kernel before 4.11 allows local users to cause a denial of service (integer overflow and loop) via crafted use of the open and fallocate system calls with an FS_IOC_FIEMAP ioctl.
|
04-07-2018 - 01:29 | 04-04-2018 - 17:29 | |
CVE-2017-18203 | 1.9 |
The dm_get_from_kobject function in drivers/md/dm.c in the Linux kernel before 4.14.3 allow local users to cause a denial of service (BUG) by leveraging a race condition with __dm_destroy during creation and removal of DM devices.
|
20-06-2018 - 01:29 | 27-02-2018 - 20:29 | |
CVE-2018-9846 | 6.8 |
In Roundcube from versions 1.2.0 to 1.3.5, with the archive plugin enabled and configured, it's possible to exploit the unsanitized, user-controlled "_uid" parameter (in an archive.php _task=mail&_mbox=INBOX&_action=plugin.move2archive request) to pe
|
24-05-2018 - 17:12 | 07-04-2018 - 21:29 | |
CVE-2017-18193 | 4.9 |
fs/f2fs/extent_cache.c in the Linux kernel before 4.13 mishandles extent trees, which allows local users to cause a denial of service (BUG) via an application with multiple threads.
|
24-05-2018 - 01:29 | 22-02-2018 - 15:29 | |
CVE-2017-17975 | 4.9 |
Use-after-free in the usbtv_probe function in drivers/media/usb/usbtv/usbtv-core.c in the Linux kernel through 4.14.10 allows attackers to cause a denial of service (system crash) or possibly have unspecified other impact by triggering failure of aud
|
24-05-2018 - 01:29 | 30-12-2017 - 01:29 | |
CVE-2017-18222 | 4.6 |
In the Linux kernel before 4.12, Hisilicon Network Subsystem (HNS) does not consider the ETH_SS_PRIV_FLAGS case when retrieving sset_count data, which allows local users to cause a denial of service (buffer overflow and memory corruption) or possibly
|
24-05-2018 - 01:29 | 08-03-2018 - 14:29 | |
CVE-2017-18224 | 1.9 |
In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service (BUG) by modify
|
03-05-2018 - 01:29 | 12-03-2018 - 03:29 | |
CVE-2015-9016 | 6.9 |
In blk_mq_tag_to_rq in blk-mq.c in the upstream kernel, there is a possible use after free due to a race condition when a request has been previously freed by blk_mq_complete_request. This could lead to local escalation of privilege. Product: Android
|
03-05-2018 - 01:29 | 05-04-2018 - 18:29 | |
CVE-2004-0015 | 7.2 |
vbox3 0.1.8 and earlier does not properly drop privileges before executing a user-provided TCL script, which allows local users to gain privileges.
|
10-10-2017 - 01:30 | 03-02-2004 - 05:00 |