CVE-2018-12699
- EPSS 4.51%
- Veröffentlicht 23.06.2018 23:29:00
- Zuletzt bearbeitet 21.11.2024 03:45:42
finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. This can occur during execution of...
CVE-2018-3665
- EPSS 0.61%
- Veröffentlicht 21.06.2018 20:29:00
- Zuletzt bearbeitet 21.11.2024 04:05:51
System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.
CVE-2018-12617
- EPSS 25.35%
- Veröffentlicht 21.06.2018 18:29:00
- Zuletzt bearbeitet 21.11.2024 03:45:33
qmp_guest_file_read in qga/commands-posix.c and qga/commands-win32.c in qemu-ga (aka QEMU Guest Agent) in QEMU 2.12.50 has an integer overflow causing a g_malloc0() call to trigger a segmentation fault when trying to allocate a large memory chunk. Th...
CVE-2018-12599
- EPSS 3.3%
- Veröffentlicht 20.06.2018 18:29:00
- Zuletzt bearbeitet 21.11.2024 03:45:30
In ImageMagick 7.0.8-3 Q16, ReadBMPImage and WriteBMPImage in coders/bmp.c allow attackers to cause an out of bounds write via a crafted file.
CVE-2018-12600
- EPSS 3.3%
- Veröffentlicht 20.06.2018 18:29:00
- Zuletzt bearbeitet 21.11.2024 03:45:30
In ImageMagick 7.0.8-3 Q16, ReadDIBImage and WriteDIBImage in coders/dib.c allow attackers to cause an out of bounds write via a crafted file.
CVE-2018-1120
- EPSS 7.29%
- Veröffentlicht 20.06.2018 13:29:00
- Zuletzt bearbeitet 21.11.2024 03:59:13
A flaw was found affecting the Linux kernel before version 4.17. By mmap()ing a FUSE-backed file onto a process's memory containing command line arguments (or environment strings), an attacker can cause utilities from psutils or procps (such as ps, w...
CVE-2018-10811
- EPSS 7.12%
- Veröffentlicht 19.06.2018 21:29:00
- Zuletzt bearbeitet 21.11.2024 03:42:04
strongSwan 5.6.0 and older allows Remote Denial of Service because of Missing Initialization of a Variable.
CVE-2018-12293
- EPSS 10.53%
- Veröffentlicht 19.06.2018 21:29:00
- Zuletzt bearbeitet 21.11.2024 03:44:54
The getImageData function in the ImageBufferCairo class in WebCore/platform/graphics/cairo/ImageBufferCairo.cpp in WebKit, as used in WebKitGTK+ prior to version 2.20.3 and WPE WebKit prior to version 2.20.1, is vulnerable to a heap-based buffer over...
CVE-2018-1061
- EPSS 4.98%
- Veröffentlicht 19.06.2018 12:29:00
- Zuletzt bearbeitet 21.11.2024 03:59:05
python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.IS_LINE_JUNK method. An attacker could use this flaw to cause denial of service.
CVE-2018-1333
- EPSS 17.1%
- Veröffentlicht 18.06.2018 18:29:00
- Zuletzt bearbeitet 21.11.2024 03:59:38
By specially crafting HTTP/2 requests, workers would be allocated 60 seconds longer than necessary, leading to worker exhaustion and a denial of service. Fixed in Apache HTTP Server 2.4.34 (Affected 2.4.18-2.4.30,2.4.33).