CVE-2018-10958
- EPSS 2.52%
- Veröffentlicht 10.05.2018 02:29:00
- Zuletzt bearbeitet 21.11.2024 03:42:23
In types.cpp in Exiv2 0.26, a large size value may lead to a SIGABRT during an attempt at memory allocation for an Exiv2::Internal::PngChunk::zlibUncompress call.
CVE-2018-10963
- EPSS 3.77%
- Veröffentlicht 10.05.2018 02:29:00
- Zuletzt bearbeitet 21.11.2024 03:42:24
The TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF through 4.0.9 allows remote attackers to cause a denial of service (assertion failure and application crash) via a crafted file, a different vulnerability than CVE-2017-13726.
CVE-2018-8897
- EPSS 18.7%
- Veröffentlicht 08.05.2018 18:29:00
- Zuletzt bearbeitet 21.11.2024 04:14:33
A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that ...
CVE-2017-2592
- EPSS 0.47%
- Veröffentlicht 08.05.2018 17:29:00
- Zuletzt bearbeitet 21.11.2024 03:23:47
python-oslo-middleware before versions 3.8.1, 3.19.1, 3.23.1 is vulnerable to an information disclosure. Software using the CatchError class could include sensitive values in a traceback's error message. System users could exploit this flaw to obtain...
CVE-2018-10804
- EPSS 2.05%
- Veröffentlicht 08.05.2018 07:29:00
- Zuletzt bearbeitet 21.11.2024 03:42:03
ImageMagick version 7.0.7-28 contains a memory leak in WriteTIFFImage in coders/tiff.c.
CVE-2018-10805
- EPSS 1.84%
- Veröffentlicht 08.05.2018 07:29:00
- Zuletzt bearbeitet 21.11.2024 03:42:03
ImageMagick version 7.0.7-28 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c.
CVE-2018-10779
- EPSS 3.05%
- Veröffentlicht 07.05.2018 07:29:00
- Zuletzt bearbeitet 21.11.2024 03:42:02
TIFFWriteScanline in tif_write.c in LibTIFF 3.8.2 has a heap-based buffer over-read, as demonstrated by bmp2tiff.
CVE-2018-10768
- EPSS 2.44%
- Veröffentlicht 06.05.2018 23:29:00
- Zuletzt bearbeitet 21.11.2024 03:42:00
There is a NULL pointer dereference in the AnnotPath::getCoordsLength function in Annot.h in an Ubuntu package for Poppler 0.24.5. A crafted input will lead to a remote denial of service attack. Later Ubuntu packages such as for Poppler 0.41.0 are no...
CVE-2018-0494
- EPSS 17.04%
- Veröffentlicht 06.05.2018 22:29:00
- Zuletzt bearbeitet 21.11.2024 03:38:21
GNU Wget before 1.19.5 is prone to a cookie injection vulnerability in the resp_new function in http.c via a \r\n sequence in a continuation line.
CVE-2018-10675
- EPSS 0.43%
- Veröffentlicht 02.05.2018 18:29:00
- Zuletzt bearbeitet 21.11.2024 03:41:49
The do_get_mempolicy function in mm/mempolicy.c in the Linux kernel before 4.12.9 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted system calls.