CVE-2018-6869
- EPSS 2.85%
- Veröffentlicht 09.02.2018 06:29:00
- Zuletzt bearbeitet 10.07.2025 15:44:54
In ZZIPlib 0.13.68, there is an uncontrolled memory allocation and a crash in the __zzip_parse_root_directory function of zzip/zip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file.
CVE-2018-6871
- EPSS 23.2%
- Veröffentlicht 09.02.2018 06:29:00
- Zuletzt bearbeitet 21.11.2024 04:11:20
LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attackers to read arbitrary files via =WEBSERVICE calls in a document, which use the COM.MICROSOFT.WEBSERVICE function.
CVE-2018-6789
- EPSS 82.24%
- Veröffentlicht 08.02.2018 23:29:01
- Zuletzt bearbeitet 07.11.2025 19:04:28
An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely.
CVE-2017-5125
- EPSS 1.73%
- Veröffentlicht 07.02.2018 23:29:01
- Zuletzt bearbeitet 21.11.2024 03:27:06
Heap buffer overflow in Skia in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2017-5126
- EPSS 1.36%
- Veröffentlicht 07.02.2018 23:29:01
- Zuletzt bearbeitet 21.11.2024 03:27:06
A use after free in PDFium in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
CVE-2017-5127
- EPSS 1.67%
- Veröffentlicht 07.02.2018 23:29:01
- Zuletzt bearbeitet 21.11.2024 03:27:06
Use after free in PDFium in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
CVE-2017-5128
- EPSS 1.59%
- Veröffentlicht 07.02.2018 23:29:01
- Zuletzt bearbeitet 21.11.2024 03:27:06
Heap buffer overflow in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, related to WebGL.
CVE-2017-5129
- EPSS 1.46%
- Veröffentlicht 07.02.2018 23:29:01
- Zuletzt bearbeitet 21.11.2024 03:27:07
A use after free in WebAudio in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
CVE-2017-5130
- EPSS 2.77%
- Veröffentlicht 07.02.2018 23:29:01
- Zuletzt bearbeitet 03.12.2025 22:15:48
An integer overflow in xmlmemory.c in libxml2 before 2.9.5, as used in Google Chrome prior to 62.0.3202.62 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted XML file.
CVE-2017-5131
- EPSS 1.41%
- Veröffentlicht 07.02.2018 23:29:01
- Zuletzt bearbeitet 21.11.2024 03:27:07
An integer overflow in Skia in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka an out-of-bounds write.