CVE-2018-6594
- EPSS 2.11%
- Veröffentlicht 03.02.2018 15:29:00
- Zuletzt bearbeitet 21.11.2024 04:10:57
lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only ...
CVE-2017-14177
- EPSS 0.4%
- Veröffentlicht 02.02.2018 14:29:00
- Zuletzt bearbeitet 21.11.2024 03:12:18
Apport through 2.20.7 does not properly handle core dumps from setuid binaries allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion or possibly gain root privileg...
CVE-2017-14179
- EPSS 0.36%
- Veröffentlicht 02.02.2018 14:29:00
- Zuletzt bearbeitet 21.11.2024 03:12:18
Apport before 2.13 does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion, possibly gain root priv...
CVE-2017-14180
- EPSS 0.45%
- Veröffentlicht 02.02.2018 14:29:00
- Zuletzt bearbeitet 03.11.2025 20:15:41
Apport 2.13 through 2.20.7 does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion or possibly gain...
CVE-2018-6540
- EPSS 2.31%
- Veröffentlicht 02.02.2018 09:29:00
- Zuletzt bearbeitet 10.07.2025 15:44:54
In ZZIPlib 0.13.67, there is a bus error caused by loading of a misaligned address in the zzip_disk_findfirst function of zzip/mmapped.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file.
CVE-2018-6541
- EPSS 2.31%
- Veröffentlicht 02.02.2018 09:29:00
- Zuletzt bearbeitet 10.07.2025 15:44:54
In ZZIPlib 0.13.67, there is a bus error caused by loading of a misaligned address (when handling disk64_trailer local entries) in __zzip_fetch_disk_trailer (zzip/zip.c). Remote attackers could leverage this vulnerability to cause a denial of service...
CVE-2018-6484
- EPSS 2.24%
- Veröffentlicht 01.02.2018 05:29:00
- Zuletzt bearbeitet 10.07.2025 15:44:54
In ZZIPlib 0.13.67, there is a memory alignment error and bus error in the __zzip_fetch_disk_trailer function of zzip/zip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file.
CVE-2017-18043
- EPSS 0.44%
- Veröffentlicht 31.01.2018 20:29:00
- Zuletzt bearbeitet 21.11.2024 03:19:14
Integer overflow in the macro ROUND_UP (n, d) in Quick Emulator (Qemu) allows a user to cause a denial of service (Qemu process crash).
CVE-2018-1000001
- EPSS 13.37%
- Veröffentlicht 31.01.2018 14:29:00
- Zuletzt bearbeitet 21.11.2024 03:39:23
In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution.
CVE-2018-6405
- EPSS 1.67%
- Veröffentlicht 30.01.2018 21:29:00
- Zuletzt bearbeitet 21.11.2024 04:10:38
In the ReadDCMImage function in coders/dcm.c in ImageMagick before 7.0.7-23, each redmap, greenmap, and bluemap variable can be overwritten by a new pointer. The previous pointer is lost, which leads to a memory leak. This allows remote attackers to ...