- EPSS 0.68%
- Veröffentlicht 23.01.2018 18:29:00
- Zuletzt bearbeitet 21.11.2024 04:09:09
The vga_draw_text function in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) by leveraging improper memory address validation.
CVE-2018-5950
- EPSS 4.57%
- Veröffentlicht 23.01.2018 16:29:01
- Zuletzt bearbeitet 21.11.2024 04:09:44
Cross-site scripting (XSS) vulnerability in the web UI in Mailman before 2.1.26 allows remote attackers to inject arbitrary web script or HTML via a user-options URL.
CVE-2017-15105
- EPSS 2.63%
- Veröffentlicht 23.01.2018 16:29:00
- Zuletzt bearbeitet 21.11.2024 03:14:05
A flaw was found in the way unbound before 1.6.8 validated wildcard-synthesized NSEC records. An improperly validated wildcard NSEC record could be used to prove the non-existence (NXDOMAIN answer) of an existing wildcard record, or trick unbound int...
CVE-2016-10708
- EPSS 15.72%
- Veröffentlicht 21.01.2018 22:29:00
- Zuletzt bearbeitet 29.04.2026 16:16:21
sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.
CVE-2018-5784
- EPSS 2.96%
- Veröffentlicht 19.01.2018 08:29:00
- Zuletzt bearbeitet 21.11.2024 04:09:23
In LibTIFF 4.0.9, there is an uncontrolled resource consumption in the TIFFSetDirectory function of tif_dir.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tif file. This occurs because the declared nu...
CVE-2018-5785
- EPSS 2.33%
- Veröffentlicht 19.01.2018 08:29:00
- Zuletzt bearbeitet 21.11.2024 04:09:23
In OpenJPEG 2.3.0, there is an integer overflow caused by an out-of-bounds left shift in the opj_j2k_setup_encoder function (openjp2/j2k.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file.
CVE-2018-2663
- EPSS 4.68%
- Veröffentlicht 18.01.2018 02:29:22
- Zuletzt bearbeitet 21.11.2024 04:04:11
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploit...
CVE-2018-2665
- EPSS 3.95%
- Veröffentlicht 18.01.2018 02:29:22
- Zuletzt bearbeitet 21.11.2024 04:04:11
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged at...
CVE-2018-2668
- EPSS 3.95%
- Veröffentlicht 18.01.2018 02:29:22
- Zuletzt bearbeitet 21.11.2024 04:04:11
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged at...
CVE-2018-2677
- EPSS 4.68%
- Veröffentlicht 18.01.2018 02:29:22
- Zuletzt bearbeitet 21.11.2024 04:04:13
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily exploitable vulnerability allows unauthen...