CVE-2018-1000888
- EPSS 19.21%
- Veröffentlicht 28.12.2018 16:29:01
- Zuletzt bearbeitet 21.11.2024 03:40:35
PEAR Archive_Tar version 1.4.3 and earlier contains a CWE-502, CWE-915 vulnerability in the Archive_Tar class. There are several file operations with `$v_header['filename']` as parameter (such as file_exists, is_file, is_dir, etc). When extract is ca...
CVE-2018-19873
- EPSS 3.38%
- Veröffentlicht 26.12.2018 21:29:02
- Zuletzt bearbeitet 11.02.2025 20:11:38
An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data.
CVE-2018-20481
- EPSS 3.42%
- Veröffentlicht 26.12.2018 04:29:00
- Zuletzt bearbeitet 21.11.2024 04:01:34
XRef::getEntry in XRef.cc in Poppler 0.72.0 mishandles unallocated XRef entries, which allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted PDF document, when XRefEntry::setFlag in XRef.h is called from Parser...
CVE-2018-20467
- EPSS 3.1%
- Veröffentlicht 26.12.2018 03:29:00
- Zuletzt bearbeitet 21.11.2024 04:01:32
In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and hang, with high CPU and memory consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.
CVE-2018-20124
- EPSS 0.49%
- Veröffentlicht 20.12.2018 23:29:02
- Zuletzt bearbeitet 21.11.2024 04:00:54
hw/rdma/rdma_backend.c in QEMU allows guest OS users to trigger out-of-bounds access via a PvrdmaSqWqe ring element with a large num_sge value.
CVE-2018-20191
- EPSS 3.73%
- Veröffentlicht 20.12.2018 23:29:02
- Zuletzt bearbeitet 21.11.2024 04:01:03
hw/rdma/vmw/pvrdma_main.c in QEMU does not implement a read operation (such as uar_read by analogy to uar_write), which allows attackers to cause a denial of service (NULL pointer dereference).
CVE-2018-20216
- EPSS 3.88%
- Veröffentlicht 20.12.2018 21:29:01
- Zuletzt bearbeitet 21.11.2024 04:01:05
QEMU can have an infinite loop in hw/rdma/vmw/pvrdma_dev_ring.c because return values are not checked (and -1 is mishandled).
CVE-2018-20125
- EPSS 3.68%
- Veröffentlicht 20.12.2018 21:29:00
- Zuletzt bearbeitet 21.11.2024 04:00:54
hw/rdma/vmw/pvrdma_cmd.c in QEMU allows attackers to cause a denial of service (NULL pointer dereference or excessive memory allocation) in create_cq_ring or create_qp_rings.
CVE-2018-20126
- EPSS 0.49%
- Veröffentlicht 20.12.2018 21:29:00
- Zuletzt bearbeitet 21.11.2024 04:00:54
hw/rdma/vmw/pvrdma_cmd.c in QEMU allows create_cq and create_qp memory leaks because errors are mishandled.
CVE-2018-1000876
- EPSS 0.66%
- Veröffentlicht 20.12.2018 17:29:01
- Zuletzt bearbeitet 21.11.2024 03:40:33
binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_dynamic_reloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows executi...