CVE-2018-16428
- EPSS 4.69%
- Veröffentlicht 04.09.2018 00:29:01
- Zuletzt bearbeitet 21.11.2024 03:52:44
In GNOME GLib 2.56.1, g_markup_parse_context_end_parse() in gmarkup.c has a NULL pointer dereference.
CVE-2018-16429
- EPSS 3.53%
- Veröffentlicht 04.09.2018 00:29:01
- Zuletzt bearbeitet 21.11.2024 03:52:44
GNOME GLib 2.56.1 has an out-of-bounds read vulnerability in g_markup_parse_context_parse() in gmarkup.c, related to utf8_str().
CVE-2018-16402
- EPSS 3.69%
- Veröffentlicht 03.09.2018 19:29:00
- Zuletzt bearbeitet 21.11.2024 03:52:40
libelf/elf_end.c in elfutils 0.173 allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact because it tries to decompress twice.
CVE-2018-16336
- EPSS 2.73%
- Veröffentlicht 02.09.2018 03:29:00
- Zuletzt bearbeitet 21.11.2024 03:52:33
Exiv2::Internal::PngChunk::parseTXTChunk in Exiv2 v0.26 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted image file, a different vulnerability than CVE-2018-10999.
CVE-2018-16323
- EPSS 49.32%
- Veröffentlicht 01.09.2018 18:29:01
- Zuletzt bearbeitet 21.11.2024 03:52:31
ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when processing an XBM file that has a negative pixel value. If the affected code is used as a library loaded into a process that includes sensitive information, tha...
CVE-2018-16276
- EPSS 0.44%
- Veröffentlicht 31.08.2018 16:29:00
- Zuletzt bearbeitet 21.11.2024 03:52:26
An issue was discovered in yurex_read in drivers/usb/misc/yurex.c in the Linux kernel before 4.17.7. Local attackers could use user access read/writes with incorrect bounds checking in the yurex USB driver to crash the kernel or potentially escalate ...
CVE-2018-14622
- EPSS 3.86%
- Veröffentlicht 30.08.2018 13:29:00
- Zuletzt bearbeitet 21.11.2024 03:49:26
A null-pointer dereference vulnerability was found in libtirpc before version 0.3.3-rc3. The return value of makefd_xprt() was not checked in all instances, which could lead to a crash when the server exhausted the maximum number of available file de...
CVE-2018-16140
- EPSS 1.38%
- Veröffentlicht 30.08.2018 01:29:00
- Zuletzt bearbeitet 21.11.2024 03:52:08
A buffer underwrite vulnerability in get_line() (read.c) in fig2dev 3.2.7a allows an attacker to write prior to the beginning of the buffer via a crafted .fig file.
CVE-2018-16062
- EPSS 1.73%
- Veröffentlicht 29.08.2018 03:29:00
- Zuletzt bearbeitet 21.11.2024 03:52:01
dwarf_getaranges in dwarf_getaranges.c in libdw in elfutils before 2018-08-18 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file.
CVE-2017-15422
- EPSS 2.48%
- Veröffentlicht 28.08.2018 19:29:11
- Zuletzt bearbeitet 21.11.2024 03:14:40
Integer overflow in international date handling in International Components for Unicode (ICU) for C/C++ before 60.1, as used in V8 in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to perform an out of bounds memory...