CVE-2018-10548
- EPSS 8.68%
- Veröffentlicht 29.04.2018 21:29:00
- Zuletzt bearbeitet 21.11.2024 03:41:32
An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. ext/ldap/ldap.c allows remote LDAP servers to cause a denial of service (NULL pointer dereference and application crash) because of mishan...
CVE-2018-10549
- EPSS 7.16%
- Veröffentlicht 29.04.2018 21:29:00
- Zuletzt bearbeitet 21.11.2024 03:41:32
An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. exif_read_data in ext/exif/exif.c has an out-of-bounds read for crafted JPEG data because exif_iif_add_value mishandles the case of a Make...
CVE-2018-10536
- EPSS 2.03%
- Veröffentlicht 29.04.2018 15:29:00
- Zuletzt bearbeitet 21.11.2024 03:41:30
An issue was discovered in WavPack 5.1.0 and earlier. The WAV parser component contains a vulnerability that allows writing to memory because ParseRiffHeaderConfig in riff.c does not reject multiple format chunks.
CVE-2018-10537
- EPSS 2.09%
- Veröffentlicht 29.04.2018 15:29:00
- Zuletzt bearbeitet 21.11.2024 03:41:31
An issue was discovered in WavPack 5.1.0 and earlier. The W64 parser component contains a vulnerability that allows writing to memory because ParseWave64HeaderConfig in wave64.c does not reject multiple format chunks.
CVE-2018-10538
- EPSS 1.63%
- Veröffentlicht 29.04.2018 15:29:00
- Zuletzt bearbeitet 21.11.2024 03:41:31
An issue was discovered in WavPack 5.1.0 and earlier for WAV input. Out-of-bounds writes can occur because ParseRiffHeaderConfig in riff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer...
CVE-2018-10539
- EPSS 1.67%
- Veröffentlicht 29.04.2018 15:29:00
- Zuletzt bearbeitet 21.11.2024 03:41:31
An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input. Out-of-bounds writes can occur because ParseDsdiffHeaderConfig in dsdiff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of ...
CVE-2018-10540
- EPSS 1.67%
- Veröffentlicht 29.04.2018 15:29:00
- Zuletzt bearbeitet 21.11.2024 03:41:31
An issue was discovered in WavPack 5.1.0 and earlier for W64 input. Out-of-bounds writes can occur because ParseWave64HeaderConfig in wave64.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of int...
CVE-2018-10471
- EPSS 0.43%
- Veröffentlicht 27.04.2018 15:29:00
- Zuletzt bearbeitet 21.11.2024 03:41:22
An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS users to cause a denial of service (out-of-bounds zero write and hypervisor crash) via unexpected INT 80 processing, because of an incorrect fix for CVE-2017-5754.
CVE-2018-10472
- EPSS 0.37%
- Veröffentlicht 27.04.2018 15:29:00
- Zuletzt bearbeitet 21.11.2024 03:41:22
An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users (in certain configurations) to read arbitrary dom0 files via QMP live insertion of a CDROM, in conjunction with specifying the target file as the backing file of a snapshot...
- EPSS 3.8%
- Veröffentlicht 26.04.2018 19:29:00
- Zuletzt bearbeitet 21.11.2024 03:01:29
Qemu before version 2.9 is vulnerable to an improper link following when built with the VirtFS. A privileged user inside guest could use this flaw to access host file system beyond the shared folder and potentially escalating their privileges on a ho...