CVE-2018-17963
- EPSS 4.78%
- Veröffentlicht 09.10.2018 22:29:01
- Zuletzt bearbeitet 21.11.2024 03:55:17
qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact.
CVE-2018-17958
- EPSS 6.17%
- Veröffentlicht 09.10.2018 22:29:00
- Zuletzt bearbeitet 28.04.2026 16:16:03
Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used.
CVE-2018-17962
- EPSS 4.5%
- Veröffentlicht 09.10.2018 22:29:00
- Zuletzt bearbeitet 21.11.2024 03:55:17
Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used.
CVE-2018-18088
- EPSS 2.11%
- Veröffentlicht 09.10.2018 20:29:00
- Zuletzt bearbeitet 21.11.2024 03:55:27
OpenJPEG 2.3.0 has a NULL pointer dereference for "red" in the imagetopnm function of jp2/convert.c
CVE-2018-18065
- EPSS 17.19%
- Veröffentlicht 08.10.2018 18:29:00
- Zuletzt bearbeitet 21.11.2024 03:55:25
_set_key in agent/helpers/table_container.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an authenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
CVE-2018-1000805
- EPSS 4.41%
- Veröffentlicht 08.10.2018 15:29:00
- Zuletzt bearbeitet 21.11.2024 03:40:23
Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 contains a Incorrect Access Control vulnerability in SSH server that can result in RCE. This attack appear to be exploitable via network connectivity.
CVE-2018-18025
- EPSS 2.54%
- Veröffentlicht 07.10.2018 18:29:00
- Zuletzt bearbeitet 21.11.2024 03:55:23
In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in the EncodeImage function of coders/pict.c, which allows attackers to cause a denial of service via a crafted SVG image file.
CVE-2018-18021
- EPSS 0.57%
- Veröffentlicht 07.10.2018 06:29:00
- Zuletzt bearbeitet 21.11.2024 03:55:23
arch/arm64/kvm/guest.c in KVM in the Linux kernel before 4.18.12 on the arm64 platform mishandles the KVM_SET_ON_REG ioctl. This is exploitable by attackers who can create virtual machines. An attacker can arbitrarily redirect the hypervisor flow of ...
CVE-2018-17456
- EPSS 97.36%
- Veröffentlicht 06.10.2018 14:29:00
- Zuletzt bearbeitet 21.11.2024 03:54:27
Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive "git clone" of a superproject if a .gitmodules file has ...
CVE-2018-0503
- EPSS 1.53%
- Veröffentlicht 04.10.2018 20:29:00
- Zuletzt bearbeitet 21.11.2024 03:38:22
Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a flaw where contrary to the documentation, $wgRateLimits entry for 'user' overrides that for 'newbie'.