CVE-2018-9363
- EPSS 0.46%
- Veröffentlicht 06.11.2018 17:29:00
- Zuletzt bearbeitet 21.11.2024 04:15:24
In the hidp_process_report in bluetooth, there is an integer overflow. This could lead to an out of bounds write with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kerne...
CVE-2018-9415
- EPSS 0.25%
- Veröffentlicht 06.11.2018 17:29:00
- Zuletzt bearbeitet 21.11.2024 04:15:26
In driver_override_store and driver_override_show of bus.c, there is a possible double free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploita...
CVE-2018-16847
- EPSS 0.54%
- Veröffentlicht 02.11.2018 22:29:00
- Zuletzt bearbeitet 21.11.2024 03:53:26
An OOB heap buffer r/w access issue was found in the NVM Express Controller emulation in QEMU. It could occur in nvme_cmb_ops routines in nvme device. A guest user/process could use this flaw to crash the QEMU process resulting in DoS or potentially ...
CVE-2018-18897
- EPSS 1.96%
- Veröffentlicht 02.11.2018 07:29:00
- Zuletzt bearbeitet 21.11.2024 03:56:50
An issue was discovered in Poppler 0.71.0. There is a memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc, as demonstrated by pdftocairo.
CVE-2016-6328
- EPSS 1.53%
- Veröffentlicht 31.10.2018 22:29:00
- Zuletzt bearbeitet 21.11.2024 02:55:54
A vulnerability was found in libexif. An integer overflow when parsing the MNOTE entry data of the input file. This can cause Denial-of-Service (DoS) and Information Disclosure (disclosing some critical heap chunk metadata, even other applications' p...
CVE-2018-16842
- EPSS 2.1%
- Veröffentlicht 31.10.2018 19:29:00
- Zuletzt bearbeitet 21.11.2024 03:53:25
Curl versions 7.14.1 through 7.61.1 are vulnerable to a heap-based buffer over-read in the tool_msgs.c:voutf() function that may result in information exposure and denial of service.
CVE-2018-16839
- EPSS 5.78%
- Veröffentlicht 31.10.2018 18:29:00
- Zuletzt bearbeitet 21.11.2024 03:53:25
Curl versions 7.33.0 through 7.61.1 are vulnerable to a buffer overrun in the SASL authentication code that may lead to denial of service.
CVE-2018-16840
- EPSS 3.4%
- Veröffentlicht 31.10.2018 18:29:00
- Zuletzt bearbeitet 17.04.2025 13:05:04
A heap use-after-free flaw was found in curl versions from 7.59.0 through 7.61.1 in the code related to closing an easy handle. When closing and cleaning up an 'easy' handle in the `Curl_close()` function, the library code first frees a struct (witho...
CVE-2018-18873
- EPSS 1.37%
- Veröffentlicht 31.10.2018 16:29:00
- Zuletzt bearbeitet 21.11.2024 03:56:47
An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function ras_putdatastd in ras/ras_enc.c.
CVE-2018-18281
- EPSS 1.06%
- Veröffentlicht 30.10.2018 18:29:00
- Zuletzt bearbeitet 21.11.2024 03:55:38
Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain f...