| Max CVSS | 7.5 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-1000140 | 7.5 |
rsyslog librelp version 1.2.14 and earlier contains a Buffer Overflow vulnerability in the checking of x509 certificates from a peer that can result in Remote code execution. This attack appear to be exploitable a remote attacker that can connect to
|
12-06-2023 - 07:15 | 23-03-2018 - 21:29 | |
| CVE-2017-3738 | 4.3 |
There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult
|
19-08-2022 - 11:49 | 07-12-2017 - 16:29 | |
| CVE-2018-0739 | 4.3 |
Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used w
|
20-07-2021 - 23:15 | 27-03-2018 - 21:29 | |
| CVE-2018-1000116 | 7.5 |
NET-SNMP version 5.7.2 contains a heap corruption vulnerability in the UDP protocol handler that can result in command execution.
|
24-08-2020 - 17:37 | 07-03-2018 - 14:29 | |
| CVE-2018-6544 | 4.3 |
pdf_load_obj_stm in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 could reference the object stream recursively and therefore run out of error stack, which allows remote attackers to cause a denial of service via a crafted PDF document.
|
03-10-2019 - 00:03 | 02-02-2018 - 09:29 | |
| CVE-2018-1000051 | 6.8 |
Artifex Mupdf version 1.12.0 contains a Use After Free vulnerability in fz_keep_key_storable that can result in DOS / Possible code execution. This attack appear to be exploitable via Victim opens a specially crafted PDF.
|
14-03-2019 - 17:24 | 09-02-2018 - 23:29 | |
| CVE-2018-5145 | 7.5 |
Memory safety bugs were reported in Firefox ESR 52.6. These bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 52.7 an
|
13-03-2019 - 13:44 | 11-06-2018 - 21:29 | |
| CVE-2018-5146 | 6.8 |
An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest. This vulnerability affects Firefox < 59.0.1, Firefox ESR < 52.7.2, and Thunderbird < 52.7.
|
11-03-2019 - 19:33 | 11-06-2018 - 21:29 | |
| CVE-2018-5127 | 6.8 |
A buffer overflow can occur when manipulating the SVG "animatedPathSegList" through script. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.7, Firefox ESR < 52.7, and Firefox < 59.
|
08-03-2019 - 14:22 | 11-06-2018 - 21:29 | |
| CVE-2018-5125 | 6.8 |
Memory safety bugs were reported in Firefox 58 and Firefox ESR 52.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affect
|
08-03-2019 - 14:22 | 11-06-2018 - 21:29 | |
| CVE-2018-5129 | 5.0 |
A lack of parameter validation on IPC messages results in a potential out-of-bounds write through malformed IPC messages. This can potentially allow for sandbox escape through memory corruption in the parent process. This vulnerability affects Thunde
|
08-03-2019 - 14:22 | 11-06-2018 - 21:29 | |
| CVE-2018-5144 | 7.5 |
An integer overflow can occur during conversion of text to some Unicode character sets due to an unchecked length parameter. This vulnerability affects Firefox ESR < 52.7 and Thunderbird < 52.7.
|
08-03-2019 - 14:21 | 11-06-2018 - 21:29 | |
| CVE-2018-7600 | 7.5 |
Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.
|
01-03-2019 - 18:04 | 29-03-2018 - 07:29 | |
| CVE-2017-15422 | 4.3 |
Integer overflow in international date handling in International Components for Unicode (ICU) for C/C++ before 60.1, as used in V8 in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to perform an out of bounds memory
|
07-11-2018 - 17:54 | 28-08-2018 - 19:29 | |
| CVE-2015-5621 | 7.5 |
The snmp_pdu_parse function in snmp_api.c in net-snmp 5.7.2 and earlier does not remove the varBind variable in a netsnmp_variable_list item when parsing of the SNMP PDU fails, which allows remote attackers to cause a denial of service (crash) and po
|
10-10-2018 - 10:29 | 19-08-2015 - 15:59 | |
| CVE-2018-5148 | 7.5 |
A use-after-free vulnerability can occur in the compositor during certain graphics operations when a raw pointer is used instead of a reference counted one. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR < 52.
|
09-08-2018 - 14:26 | 11-06-2018 - 21:29 | |
| CVE-2018-0493 | 6.5 |
remctld in remctl before 3.14, when an attacker is authorized to execute a command that uses the sudo option, has a use-after-free that leads to a daemon crash, memory corruption, or arbitrary command execution.
|
21-05-2018 - 13:03 | 03-04-2018 - 07:29 | |
| CVE-2003-0858 | 2.1 |
Zebra 0.93b and earlier, and quagga before 0.95, allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.
|
11-10-2017 - 01:29 | 15-12-2003 - 05:00 | |
| CVE-2003-0795 | 5.0 |
The vty layer in Quagga before 0.96.4, and Zebra 0.93b and earlier, does not verify that sub-negotiation is taking place when processing the SE marker, which allows remote attackers to cause a denial of service (crash) via a malformed telnet command
|
18-10-2016 - 02:37 | 15-12-2003 - 05:00 |