CVE-2018-8905
- EPSS 3.1%
- Veröffentlicht 22.03.2018 04:29:00
- Zuletzt bearbeitet 21.11.2024 04:14:34
In LibTIFF 4.0.9, a heap-based buffer overflow occurs in the function LZWDecodeCompat in tif_lzw.c via a crafted TIFF file, as demonstrated by tiff2ps.
CVE-2017-18241
- EPSS 0.42%
- Veröffentlicht 21.03.2018 16:29:00
- Zuletzt bearbeitet 21.11.2024 03:19:39
fs/f2fs/segment.c in the Linux kernel before 4.13 allows local users to cause a denial of service (NULL pointer dereference and panic) by using a noflush_merge option that triggers a NULL value for a flush_cmd_control data structure.
CVE-2018-8881
- EPSS 1.13%
- Veröffentlicht 20.03.2018 23:29:00
- Zuletzt bearbeitet 21.11.2024 04:14:31
Netwide Assembler (NASM) 2.13.02rc2 has a heap-based buffer over-read in the function tokenize in asm/preproc.c, related to an unterminated string.
CVE-2018-8822
- EPSS 0.53%
- Veröffentlicht 20.03.2018 17:29:00
- Zuletzt bearbeitet 21.11.2024 04:14:23
Incorrect buffer length handling in the ncp_read_kernel function in fs/ncpfs/ncplib_kernel.c in the Linux kernel through 4.15.11, and in drivers/staging/ncpfs/ncplib_kernel.c in the Linux kernel 4.16-rc through 4.16-rc6, could be exploited by malicio...
CVE-2018-1000135
- EPSS 2.14%
- Veröffentlicht 20.03.2018 13:29:00
- Zuletzt bearbeitet 21.11.2024 03:39:45
GNOME NetworkManager version 1.10.2 and earlier contains a Information Exposure (CWE-200) vulnerability in DNS resolver that can result in Private DNS queries leaked to local network's DNS servers, while on VPN. This vulnerability appears to have bee...
CVE-2018-8804
- EPSS 3.83%
- Veröffentlicht 20.03.2018 05:29:00
- Zuletzt bearbeitet 21.11.2024 04:14:21
WriteEPTImage in coders/ept.c in ImageMagick 7.0.7-25 Q16 allows remote attackers to cause a denial of service (MagickCore/memory.c double free and application crash) or possibly have unspecified other impact via a crafted file.
CVE-2018-1068
- EPSS 0.45%
- Veröffentlicht 16.03.2018 16:29:00
- Zuletzt bearbeitet 21.11.2024 03:59:06
A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory.
CVE-2017-18233
- EPSS 1.53%
- Veröffentlicht 15.03.2018 19:29:00
- Zuletzt bearbeitet 21.11.2024 03:19:38
An issue was discovered in Exempi before 2.4.4. Integer overflow in the Chunk class in XMPFiles/source/FormatSupport/RIFF.cpp allows remote attackers to cause a denial of service (infinite loop) via crafted XMP data in a .avi file.
CVE-2017-18234
- EPSS 1.71%
- Veröffentlicht 15.03.2018 19:29:00
- Zuletzt bearbeitet 21.11.2024 03:19:38
An issue was discovered in Exempi before 2.4.3. It allows remote attackers to cause a denial of service (invalid memcpy with resultant use-after-free) or possibly have unspecified other impact via a .pdf file containing JPEG data, related to XMPFiles...
CVE-2017-18236
- EPSS 1.7%
- Veröffentlicht 15.03.2018 19:29:00
- Zuletzt bearbeitet 21.11.2024 03:19:38
An issue was discovered in Exempi before 2.4.4. The ASF_Support::ReadHeaderObject function in XMPFiles/source/FormatSupport/ASF_Support.cpp allows remote attackers to cause a denial of service (infinite loop) via a crafted .asf file.