Max CVSS 10.0 Min CVSS 1.2 Total Count9077
IDCVSSSummaryLast (major) updatePublished
CVE-2018-6128 4.3
Incorrect URL parsing in WebKit in Google Chrome on iOS prior to 67.0.3396.62 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
27-06-2019 - 13:26 27-06-2019 - 13:15
CVE-2018-6121 6.8
Insufficient validation of input in Blink in Google Chrome prior to 66.0.3359.170 allowed a remote attacker to perform privilege escalation via a crafted HTML page.
27-06-2019 - 13:26 27-06-2019 - 13:15
CVE-2018-6118 6.8
A double-eviction in the Incognito mode cache that lead to a user-after-free in cache in Google Chrome prior to 66.0.3359.139 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.
27-06-2019 - 13:26 27-06-2019 - 13:15
CVE-2018-17479 6.8
Incorrect object lifetime calculations in GPU code in Google Chrome prior to 70.0.3538.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
27-06-2019 - 13:26 27-06-2019 - 13:15
CVE-2018-17478 6.8
Incorrect array position calculations in V8 in Google Chrome prior to 70.0.3538.102 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page.
27-06-2019 - 13:26 27-06-2019 - 13:15
CVE-2018-16086 5.8
Insufficient policy enforcement in extensions API in Google Chrome prior to 69.0.3497.81 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.
27-06-2019 - 13:26 27-06-2019 - 13:15
CVE-2018-16077 4.3
Object lifecycle issue in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to bypass content security policy via a crafted HTML page.
27-06-2019 - 13:26 27-06-2019 - 13:15
CVE-2018-16075 2.6
Insufficient file type enforcement in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to obtain local file data via a crafted HTML page.
27-06-2019 - 13:26 27-06-2019 - 13:15
CVE-2018-16074 4.3
Insufficient policy enforcement in site isolation in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to bypass site isolation via a crafted HTML page.
27-06-2019 - 13:26 27-06-2019 - 13:15
CVE-2018-16073 4.3
Insufficient policy enforcement in site isolation in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to bypass site isolation via a crafted HTML page.
27-06-2019 - 13:26 27-06-2019 - 13:15
CVE-2018-16070 6.8
Integer overflows in Skia in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
27-06-2019 - 13:26 27-06-2019 - 13:15
CVE-2018-16069 4.3
Unintended floating-point error accumulation in SwiftShader in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
27-06-2019 - 13:26 27-06-2019 - 13:15
CVE-2018-6171 2.9
Use after free in Bluetooth in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension.
27-06-2019 - 13:26 27-06-2019 - 13:15
CVE-2018-6168 4.3
Information leak in media engine in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
27-06-2019 - 13:26 27-06-2019 - 13:15
CVE-2018-6161 6.8
Insufficient policy enforcement in Blink in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to bypass same origin policy via a crafted HTML page.
27-06-2019 - 13:26 27-06-2019 - 13:15
CVE-2018-6159 4.3
Insufficient policy enforcement in ServiceWorker in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
27-06-2019 - 13:26 27-06-2019 - 13:15
CVE-2018-6157 6.8
Type confusion in WebRTC in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted video file.
27-06-2019 - 13:26 27-06-2019 - 13:15
CVE-2018-6156 6.8
Incorect derivation of a packet length in WebRTC in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted video file.
27-06-2019 - 13:26 27-06-2019 - 13:15
CVE-2018-6155 4.3
Incorrect handling of frames in the VP8 parser in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted video file.
27-06-2019 - 13:26 27-06-2019 - 13:15
CVE-2018-6154 6.8
Insufficient data validation in WebGL in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
27-06-2019 - 13:26 27-06-2019 - 13:15
CVE-2018-6150 4.3
Incorrect handling of CORS in ServiceWorker in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
27-06-2019 - 13:26 27-06-2019 - 13:15
CVE-2018-6149 6.8
Type confusion in JavaScript in Google Chrome prior to 67.0.3396.87 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.
27-06-2019 - 13:26 27-06-2019 - 13:15
CVE-2018-6148 4.3
Incorrect implementation in Content Security Policy in Google Chrome prior to 67.0.3396.79 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
27-06-2019 - 13:26 27-06-2019 - 13:15
CVE-2018-6145 4.3
Insufficient data validation in HTML parser in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to bypass same origin policy via a crafted HTML page.
27-06-2019 - 13:26 27-06-2019 - 13:15
CVE-2018-6142 4.3
Array bounds check failure in V8 in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file.
27-06-2019 - 13:26 27-06-2019 - 13:15
CVE-2018-6138 5.8
Insufficient policy enforcement in Extensions API in Google Chrome prior to 67.0.3396.62 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.
27-06-2019 - 13:26 27-06-2019 - 13:15
CVE-2018-6136 4.3
Missing type check in V8 in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
27-06-2019 - 13:26 27-06-2019 - 13:15
CVE-2018-6134 4.3
Information leak in Blink in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to bypass no-referrer policy via a crafted HTML page.
27-06-2019 - 13:26 27-06-2019 - 13:15
CVE-2018-6132 4.3
Uninitialized data in WebRTC in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file.
27-06-2019 - 13:26 27-06-2019 - 13:15
CVE-2018-6131 6.8
Object lifecycle issue in WebAssembly in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
27-06-2019 - 13:26 27-06-2019 - 13:15
CVE-2018-6130 4.3
Incorrect handling of object lifetimes in WebRTC in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
27-06-2019 - 13:26 27-06-2019 - 13:15
CVE-2018-6129 4.3
Out of bounds array access in WebRTC in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
27-06-2019 - 13:26 27-06-2019 - 13:15
CVE-2018-6177 4.3
Information leak in media engine in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
27-06-2019 - 13:25 27-06-2019 - 13:15
CVE-2018-6176 4.6
Insufficient file type enforcement in Extensions API in Google Chrome prior to 68.0.3440.75 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted Chrome Extension.
27-06-2019 - 13:25 27-06-2019 - 13:15
CVE-2013-7285 7.5
Xstream API versions up to 1.4.6 and version 1.4.10, if the security framework has not been initialized, may allow a remote attacker to run arbitrary shell commands by manipulating the processed input stream when unmarshaling XML or any supported for
15-05-2019 - 13:29 15-05-2019 - 13:29
CVE-2019-7443 9.3
KDE KAuth before 5.55 allows the passing of parameters with arbitrary types to helpers running as root over DBus via DBusHelperProxy.cpp. Certain types can cause crashes, and trigger the decoding of arbitrary images with dynamically loaded plugins. I
07-05-2019 - 15:29 07-05-2019 - 15:29
CVE-2018-12404 4.3
A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant of the Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) and affects all NSS versions prior to NSS
02-05-2019 - 13:29 02-05-2019 - 13:29
CVE-2018-5123 6.8
A third party website can access information available to a user with access to a restricted bug entry using the image generation in report.cgi in all Bugzilla versions prior to 4.4.
29-04-2019 - 12:29 29-04-2019 - 12:29
CVE-2018-12384 4.3
When handling a SSLv2-compatible ClientHello request, the server doesn't generate a new random value but sends an all-zero value instead. This results in full malleability of the ClientHello for SSLv2 used for TLS 1.2 in all versions prior to NSS 3.3
29-04-2019 - 11:29 29-04-2019 - 11:29
CVE-2018-5179 5.0
A service worker can send the activate event on itself periodically which allows it to run perpetually, allowing it to monitor activity by users. Affects all versions prior to Firefox 60.
26-04-2019 - 10:29 26-04-2019 - 10:29
CVE-2015-1326 9.3
python-dbusmock before version 0.15.1 AddTemplate() D-Bus method call or DBusTestCase.spawn_server_template() method could be tricked into executing malicious code if an attacker supplies a .pyc file.
22-04-2019 - 12:29 22-04-2019 - 12:29
CVE-2011-3145 7.5
When mount.ecrpytfs_private before version 87-0ubuntu1.2 calls setreuid() it doesn't also set the effective group id. So when it creates the new version, mtab.tmp, it's created with the group id of the user running mount.ecryptfs_private.
22-04-2019 - 12:29 22-04-2019 - 12:29
CVE-2019-3460 3.3
A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux kernel before 5.1-rc1.
11-04-2019 - 12:29 11-04-2019 - 12:29
CVE-2019-3459 3.3
A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel before 5.1-rc1.
11-04-2019 - 12:29 11-04-2019 - 12:29
CVE-2014-3603 4.3
The (1) HttpResource and (2) FileBackedHttpResource implementations in Shibboleth Identity Provider (IdP) before 2.4.1 and OpenSAML Java 2.6.2 do not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAl
04-04-2019 - 10:29 04-04-2019 - 10:29
CVE-2018-4437 6.8
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.
03-04-2019 - 14:29 03-04-2019 - 14:29
CVE-2018-4345 4.3
A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
03-04-2019 - 14:29 03-04-2019 - 14:29
CVE-2018-12551 6.8
When Eclipse Mosquitto version 1.0 to 1.5.5 (inclusive) is configured to use a password file for authentication, any malformed data in the password file will be treated as valid. This typically means that the malformed data becomes a username and no
27-03-2019 - 14:29 27-03-2019 - 14:29
CVE-2018-12550 6.8
When Eclipse Mosquitto version 1.0 to 1.5.5 (inclusive) is configured to use an ACL file, and that ACL file is empty, or contains only comments or blank lines, then Mosquitto will treat this as though no ACL file has been defined and use a default al
27-03-2019 - 14:29 27-03-2019 - 14:29
CVE-2018-12546 4.0
In Eclipse Mosquitto version 1.0 to 1.5.5 (inclusive) when a client publishes a retained message to a topic, then has its access to that topic revoked, the retained message will still be published to clients that subscribe to that topic in the future
27-03-2019 - 14:29 27-03-2019 - 14:29
CVE-2019-3810 5.0
A flaw was found in moodle versions 3.6 to 3.6.1, 3.5 to 3.5.3, 3.4 to 3.4.6, 3.1 to 3.1.15 and earlier unsupported versions. The /userpix/ page did not escape users' full names, which are included as text when hovering over profile images. Note this
25-03-2019 - 14:29 25-03-2019 - 14:29
CVE-2019-3809 7.5
A flaw was found in Moodle versions 3.1 to 3.1.15 and earlier unsupported versions. The mybackpack functionality allowed setting the URL of badges, when it should be restricted to the Mozilla Open Badges backpack URL. This resulted in the possibility
25-03-2019 - 14:29 25-03-2019 - 14:29
CVE-2019-3808 4.0
A flaw was found in Moodle versions 3.6 to 3.6.1, 3.5 to 3.5.3, 3.4 to 3.4.6, 3.1 to 3.1.15 and earlier unsupported versions. The 'manage groups' capability did not have the 'XSS risk' flag assigned to it, but does have that access in certain places.
25-03-2019 - 14:29 25-03-2019 - 14:29
CVE-2018-16858 7.5
It was found that libreoffice before versions 6.0.7 and 6.1.3 was vulnerable to a directory traversal attack which could be used to execute arbitrary macros bundled with a document. An attacker could craft a document, which when opened by LibreOffice
25-03-2019 - 14:29 25-03-2019 - 14:29
CVE-2019-7222 2.1
The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.
21-03-2019 - 12:01 21-03-2019 - 12:01
CVE-2019-7221 4.6
The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.
21-03-2019 - 12:01 21-03-2019 - 12:01
CVE-2019-6454 4.9
An issue was discovered in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An unprivileged local user can expl
21-03-2019 - 12:01 21-03-2019 - 12:01
CVE-2019-5885 5.0
Matrix Synapse before 0.34.0.1, when the macaroon_secret_key authentication parameter is not set, uses a predictable value to derive a secret key and other secrets which could allow remote attackers to impersonate users.
21-03-2019 - 12:01 21-03-2019 - 12:01
CVE-2018-18898 5.0
The email-ingestion feature in Best Practical Request Tracker 4.1.13 through 4.4 allows denial of service by remote attackers via an algorithmic complexity attack on email address parsing.
21-03-2019 - 12:00 21-03-2019 - 12:00
CVE-2018-18849 2.1
In Qemu 3.0.0, lsi_do_msgin in hw/scsi/lsi53c895a.c allows out-of-bounds access by triggering an invalid msg_len value.
21-03-2019 - 12:00 21-03-2019 - 12:00
CVE-2018-12023 5.1
An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled (either globally or for a specific property), the service has the Oracle JDBC jar in the classpath, and an attacker can provid
21-03-2019 - 12:00 21-03-2019 - 12:00
CVE-2018-12022 5.1
An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled (either globally or for a specific property), the service has the Jodd-db jar (for database access for the Jodd framework) in
21-03-2019 - 12:00 21-03-2019 - 12:00
CVE-2018-20182 7.5
rdesktop versions up to and including v1.8.3 contain a Buffer Overflow over the global variables in the function seamless_process_line() that results in memory corruption and probably even a remote code execution.
15-03-2019 - 14:29 15-03-2019 - 14:29
CVE-2018-20181 7.5
rdesktop versions up to and including v1.8.3 contain an Integer Underflow that leads to a Heap-Based Buffer Overflow in the function seamless_process() and results in memory corruption and probably even a remote code execution.
15-03-2019 - 14:29 15-03-2019 - 14:29
CVE-2018-20180 7.5
rdesktop versions up to and including v1.8.3 contain an Integer Underflow that leads to a Heap-Based Buffer Overflow in the function rdpsnddbg_process() and results in memory corruption and probably even a remote code execution.
15-03-2019 - 14:29 15-03-2019 - 14:29
CVE-2018-20179 7.5
rdesktop versions up to and including v1.8.3 contain an Integer Underflow that leads to a Heap-Based Buffer Overflow in the function lspci_process() and results in memory corruption and probably even a remote code execution.
15-03-2019 - 14:29 15-03-2019 - 14:29
CVE-2018-20178 5.0
rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in the function process_demand_active() that results in a Denial of Service (segfault).
15-03-2019 - 14:29 15-03-2019 - 14:29
CVE-2018-20177 7.5
rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in the function rdp_in_unistr() and results in memory corruption and possibly even a remote code execution.
15-03-2019 - 14:29 15-03-2019 - 14:29
CVE-2018-20176 5.0
rdesktop versions up to and including v1.8.3 contain several Out-Of- Bounds Reads in the file secure.c that result in a Denial of Service (segfault).
15-03-2019 - 14:29 15-03-2019 - 14:29
CVE-2018-20175 5.0
rdesktop versions up to and including v1.8.3 contains several Integer Signedness errors that lead to Out-Of-Bounds Reads in the file mcs.c and result in a Denial of Service (segfault).
15-03-2019 - 14:29 15-03-2019 - 14:29
CVE-2018-20174 5.0
rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in the function ui_clip_handle_data() that results in an information leak.
15-03-2019 - 14:29 15-03-2019 - 14:29
CVE-2018-20187 4.3
A side-channel issue was discovered in Botan before 2.9.0. An attacker capable of precisely measuring the time taken for ECC key generation may be able to derive information about the high bits of the secret key, as the function to derive the public
08-03-2019 - 14:29 08-03-2019 - 14:29
CVE-2019-6215 6.8
A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary co
05-03-2019 - 11:29 05-03-2019 - 11:29
CVE-2019-6212 6.8
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to
05-03-2019 - 11:29 05-03-2019 - 11:29
CVE-2018-20030 7.8
An error when processing the EXIF_IFD_INTEROPERABILITY and EXIF_IFD_EXIF tags within libexif version 0.6.21 can be exploited to exhaust available CPU resources.
20-02-2019 - 12:29 20-02-2019 - 12:29
CVE-2019-6974 6.8
In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free.
15-02-2019 - 11:12 15-02-2019 - 10:29
CVE-2019-5736 9.3
runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types
11-02-2019 - 14:29 11-02-2019 - 14:29
CVE-2019-7665 4.3
In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32_xlatetom in elf32_xlatetom.c in libelf. A crafted ELF input can cause a segmentation fault leading to denial of service (program crash) because ebl_core_note does n
09-02-2019 - 11:29 09-02-2019 - 11:29
CVE-2019-7664 4.3
In elfutils 0.175, a negative-sized memcpy is attempted in elf_cvt_note in libelf/note_xlate.h because of an incorrect overflow check. Crafted elf input causes a segmentation fault, leading to denial of service (program crash).
09-02-2019 - 11:29 09-02-2019 - 11:29
CVE-2019-7663 4.3
An Invalid Address dereference was discovered in TIFFWriteDirectoryTagTransferfunction in libtiff/tif_dirwrite.c in LibTIFF 4.0.10, affecting the cpSeparateBufToContigBuf function in tiffcp.c. Remote attackers could leverage this vulnerability to cau
09-02-2019 - 11:29 09-02-2019 - 11:29
CVE-2019-3823 5.0
libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to `smtp_endofresp()` isn't NUL terminated and contains no character ending the parsed n
09-02-2019 - 06:29 06-02-2019 - 15:29
CVE-2019-3822 7.5
libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header (`lib/vauth/ntlm.c:Curl_auth_create_ntlm_type3_message()`), generates the request HTTP header contents
09-02-2019 - 06:29 06-02-2019 - 15:29
CVE-2018-16890 5.0
libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages (`lib/vauth/ntlm.c:ntlm_decode_type2_target`) does not validate incoming data correctly and is subjec
09-02-2019 - 06:29 06-02-2019 - 15:29
CVE-2019-7639 4.3
An issue was discovered in gsi-openssh-server 7.9p1 on Fedora 29. If PermitPAMUserChange is set to yes in the /etc/gsissh/sshd_config file, logins succeed with a valid username and an incorrect password, even though a failure entry is recorded in the
08-02-2019 - 06:29 08-02-2019 - 06:29
CVE-2018-8800 7.5
rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function ui_clip_handle_data() that results in a memory corruption and probably even a remote code execution.
05-02-2019 - 15:29 05-02-2019 - 15:29
CVE-2018-8799 5.0
rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function process_secondary_order() that results in a Denial of Service (segfault).
05-02-2019 - 15:29 05-02-2019 - 15:29
CVE-2018-8798 5.0
rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function rdpsnd_process_ping() that results in an information leak.
05-02-2019 - 15:29 05-02-2019 - 15:29
CVE-2018-8797 7.5
rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function process_plane() that results in a memory corruption and probably even a remote code execution.
05-02-2019 - 15:29 05-02-2019 - 15:29
CVE-2018-8796 5.0
rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function process_bitmap_updates() that results in a Denial of Service (segfault).
05-02-2019 - 15:29 05-02-2019 - 15:29
CVE-2018-8795 7.5
rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in function process_bitmap_updates() and results in a memory corruption and probably even a remote code execution.
05-02-2019 - 15:29 05-02-2019 - 15:29
CVE-2018-8794 7.5
rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to an Out-Of-Bounds Write in function process_bitmap_updates() and results in a memory corruption and possibly even a remote code execution.
05-02-2019 - 15:29 05-02-2019 - 15:29
CVE-2018-8793 7.5
rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function cssp_read_tsrequest() that results in a memory corruption and probably even a remote code execution.
05-02-2019 - 15:29 05-02-2019 - 15:29
CV