CVE-2018-10583
- EPSS 78.68%
- Veröffentlicht 01.05.2018 16:29:00
- Zuletzt bearbeitet 21.11.2024 03:41:36
An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstrated by xlink:href=file://192.168.0.2/test.jpg with...
CVE-2018-10545
- EPSS 0.83%
- Veröffentlicht 29.04.2018 21:29:00
- Zuletzt bearbeitet 21.11.2024 03:41:32
An issue was discovered in PHP before 5.6.35, 7.0.x before 7.0.29, 7.1.x before 7.1.16, and 7.2.x before 7.2.4. Dumpable FPM child processes allow bypassing opcache access controls because fpm_unix.c makes a PR_SET_DUMPABLE prctl call, allowing one u...
CVE-2018-10546
- EPSS 10.43%
- Veröffentlicht 29.04.2018 21:29:00
- Zuletzt bearbeitet 21.11.2024 03:41:32
An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. An infinite loop exists in ext/iconv/iconv.c because the iconv stream filter does not reject invalid multibyte sequences.
CVE-2018-10547
- EPSS 3.63%
- Veröffentlicht 29.04.2018 21:29:00
- Zuletzt bearbeitet 21.11.2024 03:41:32
An issue was discovered in ext/phar/phar_object.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. There is Reflected XSS on the PHAR 403 and 404 error pages via request data of a request for a .phar file. NOTE:...
CVE-2018-10548
- EPSS 8.68%
- Veröffentlicht 29.04.2018 21:29:00
- Zuletzt bearbeitet 21.11.2024 03:41:32
An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. ext/ldap/ldap.c allows remote LDAP servers to cause a denial of service (NULL pointer dereference and application crash) because of mishan...
CVE-2018-10549
- EPSS 7.16%
- Veröffentlicht 29.04.2018 21:29:00
- Zuletzt bearbeitet 21.11.2024 03:41:32
An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. exif_read_data in ext/exif/exif.c has an out-of-bounds read for crafted JPEG data because exif_iif_add_value mishandles the case of a Make...
CVE-2018-10528
- EPSS 2.53%
- Veröffentlicht 29.04.2018 03:29:00
- Zuletzt bearbeitet 21.11.2024 03:41:30
An issue was discovered in LibRaw 0.18.9. There is a stack-based buffer overflow in the utf2char function in libraw_cxx.cpp.
CVE-2018-10529
- EPSS 1.95%
- Veröffentlicht 29.04.2018 03:29:00
- Zuletzt bearbeitet 21.11.2024 03:41:30
An issue was discovered in LibRaw 0.18.9. There is an out-of-bounds read affecting the X3F property table list implementation in libraw_x3f.cpp and libraw_cxx.cpp.
CVE-2018-1059
- EPSS 0.88%
- Veröffentlicht 24.04.2018 18:29:00
- Zuletzt bearbeitet 21.11.2024 03:59:05
The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when performing Guest Physical Addresses to Host Virtual Addresses translations. This may lead to a malicious guest exposing v...
CVE-2018-10323
- EPSS 0.57%
- Veröffentlicht 24.04.2018 06:29:00
- Zuletzt bearbeitet 21.11.2024 03:41:13
The xfs_bmap_extents_to_btree function in fs/xfs/libxfs/xfs_bmap.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_bmapi_write NULL pointer dereference) via a crafted xfs image.