CVE-2018-10124
- EPSS 0.57%
- Veröffentlicht 16.04.2018 14:29:00
- Zuletzt bearbeitet 21.11.2024 03:40:52
The kill_something_info function in kernel/signal.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service via an INT_MIN argument.
CVE-2018-10119
- EPSS 1.98%
- Veröffentlicht 16.04.2018 09:58:10
- Zuletzt bearbeitet 21.11.2024 03:40:52
sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service (use-after-free with write access) or possib...
CVE-2018-10120
- EPSS 2.13%
- Veröffentlicht 16.04.2018 09:58:10
- Zuletzt bearbeitet 21.11.2024 03:40:52
The SwCTBWrapper::Read function in sw/source/filter/ww8/ww8toolbar.cxx in LibreOffice before 5.4.6.1 and 6.x before 6.0.2.1 does not validate a customizations index, which allows remote attackers to cause a denial of service (heap-based buffer overfl...
CVE-2018-10087
- EPSS 0.46%
- Veröffentlicht 13.04.2018 13:29:00
- Zuletzt bearbeitet 21.11.2024 03:40:47
The kernel_wait4 function in kernel/exit.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service by triggering an attempted use of the -INT_MIN value.
CVE-2018-1084
- EPSS 3.17%
- Veröffentlicht 12.04.2018 17:29:00
- Zuletzt bearbeitet 21.11.2024 03:59:08
corosync before version 2.4.4 is vulnerable to an integer overflow in exec/totemcrypto.c.
CVE-2018-1100
- EPSS 0.54%
- Veröffentlicht 11.04.2018 19:29:01
- Zuletzt bearbeitet 21.11.2024 03:59:10
zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the utils.c:checkmailpath function. A local attacker could exploit this to execute arbitrary code in the context of another user.
CVE-2018-9918
- EPSS 1.72%
- Veröffentlicht 10.04.2018 18:29:00
- Zuletzt bearbeitet 21.11.2024 04:15:50
libqpdf.a in QPDF through 8.0.2 mishandles certain "expected dictionary key but found non-name object" cases, allowing remote attackers to cause a denial of service (stack exhaustion), related to the QPDFObjectHandle and QPDF_Dictionary classes, beca...
CVE-2018-1000156
- EPSS 5.56%
- Veröffentlicht 06.04.2018 13:29:00
- Zuletzt bearbeitet 14.04.2025 20:15:16
GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITOR_PROGRAM invocation (using ed) can result in code execution. This attack appear to be exploitable via a patch file processed via th...
CVE-2017-13305
- EPSS 0.32%
- Veröffentlicht 04.04.2018 16:29:01
- Zuletzt bearbeitet 21.11.2024 03:11:20
A information disclosure vulnerability in the Upstream kernel encrypted-keys. Product: Android. Versions: Android kernel. Android ID: A-70526974.
CVE-2018-9234
- EPSS 2.08%
- Veröffentlicht 04.04.2018 00:29:00
- Zuletzt bearbeitet 21.11.2024 04:15:10
GnuPG 2.2.4 and 2.2.5 does not enforce a configuration in which key certification requires an offline master Certify key, which results in apparently valid certifications that occurred only with access to a signing subkey.