Lucene search
K

26 matches found

OSV
OSV
added 2024/09/23 10:15 p.m.1 views

DEBIAN-CVE-2018-20072

Insufficient data validation in PDF in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform out of bounds memory access via a crafted PDF file. Chromium security severity: Low...

7.8CVSS5.3AI score0.00164EPSS
Exploits0References1
OSV
OSV
added 2019/04/03 6:29 p.m.1 views

DEBIAN-CVE-2018-4443

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9...

8.8CVSS8.5AI score0.05853EPSS
Exploits3References1
OSV
OSV
added 2019/01/02 6:29 p.m.1 views

DEBIAN-CVE-2018-14719

FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization...

9.8CVSS8AI score0.09682EPSS
Exploits0References1
OSV
OSV
added 2018/12/19 4:29 p.m.0 views

DEBIAN-CVE-2018-6307

LibVNC before commit ca2a5ac02fbbadd0a21fabba779c1ea69173d10b contains heap use-after-free vulnerability in server code of file transfer extension that can result remote code execution...

8.1CVSS8.2AI score0.26543EPSS
Exploits0References1
OSV
OSV
added 2018/12/11 5:29 p.m.1 views

DEBIAN-CVE-2018-20060

urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect i.e., a redirect that differs in host, port, or scheme. This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext...

9.8CVSS6.8AI score0.04488EPSS
Exploits0References1
OSV
OSV
added 2018/12/11 4:29 p.m.1 views

DEBIAN-CVE-2018-18348

Incorrect handling of bidirectional domain names with RTL characters in Omnibox in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted domain name...

4.3CVSS8.5AI score0.01114EPSS
Exploits0References1
OSV
OSV
added 2018/12/11 4:29 p.m.1 views

DEBIAN-CVE-2018-18335

Heap buffer overflow in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS9.2AI score0.03724EPSS
Exploits0References1
OSV
OSV
added 2018/11/29 8:29 a.m.2 views

DEBIAN-CVE-2018-19662

An issue was discovered in libsndfile 1.0.28. There is a buffer over-read in the function i2alawarray in alaw.c that will lead to a denial of service...

8.1CVSS7.1AI score0.02312EPSS
Exploits1References1
OSV
OSV
added 2018/10/29 12:29 p.m.4 views

DEBIAN-CVE-2018-18778

ACME minihttpd before 1.30 lets remote users read arbitrary files...

6.5CVSS7.2AI score0.74036EPSS
Exploits0References1
OSV
OSV
added 2018/10/10 9:29 p.m.1 views

DEBIAN-CVE-2018-16758

Missing message authentication in the meta-protocol in Tinc VPN version 1.0.34 and earlier allows a man-in-the-middle attack to disable the encryption of VPN packets...

5.9CVSS5.9AI score0.00947EPSS
Exploits0References1
OSV
OSV
added 2018/10/01 8:29 a.m.2 views

DEBIAN-CVE-2018-17828

Directory traversal vulnerability in ZZIPlib 0.13.69 allows attackers to overwrite arbitrary files via a .. dot dot in a zip file, because of the function unzzipcat in the bins/unzzipcat-mem.c file...

5.5CVSS7AI score0.01538EPSS
Exploits1References1
OSV
OSV
added 2018/09/28 9:29 a.m.2 views

DEBIAN-CVE-2018-17581

CiffDirectory::readDirectory at crwimageint.cpp in Exiv2 0.26 has excessive stack consumption due to a recursive function, leading to Denial of service...

6.5CVSS6.6AI score0.0235EPSS
Exploits1References1
OSV
OSV
added 2018/09/17 2:29 p.m.3 views

DEBIAN-CVE-2018-11781

Apache SpamAssassin 3.4.2 fixes a local user code injection in the meta rule syntax...

7.8CVSS8.2AI score0.00984EPSS
Exploits0References1
OSV
OSV
added 2018/09/10 5:29 a.m.1 views

DEBIAN-CVE-2018-16790

bsoniternextinternal in bson-iter.c in libbson 1.12.0, as used in MongoDB mongo-c-driver and other products, has a heap-based buffer over-read via a crafted bson buffer...

8.1CVSS7.9AI score0.02137EPSS
Exploits0References1
OSV
OSV
added 2018/09/06 5:29 p.m.1 views

DEBIAN-CVE-2018-1000667

NASM nasm-2.13.03 nasm- 2.14rc15 version 2.14rc15 and earlier contains a memory corruption crashed of nasm when handling a crafted file due to function assemblefileinname, dependptr at asm/nasm.c:482. vulnerability in function assemblefileinname, dependptr at asm/nasm.c:482. that can result in...

5.5CVSS6AI score0.01226EPSS
Exploits1References1
OSV
OSV
added 2018/07/24 8:29 p.m.2 views

DEBIAN-CVE-2018-10906

In fuse before versions 2.9.8 and 3.x before 3.2.5, fusermount is vulnerable to a restriction bypass when SELinux is active. This allows non-root users to mount a FUSE file system with the 'allowother' mount option regardless of whether 'userallowother' is set in the fuse configuration. An attack...

7.8CVSS7.9AI score0.01414EPSS
Exploits3References1
OSV
OSV
added 2018/06/24 10:29 p.m.1 views

DEBIAN-CVE-2018-12713

GIMP through 2.10.2 makes ggettmpdir calls to establish temporary filenames, which may result in a filename that already exists, as demonstrated by the gimpwriteandreadfile function in app/tests/test-xcf.c. This might be leveraged by attackers to overwrite files or read file content that was...

9.1CVSS7.5AI score0.01947EPSS
Exploits0References1
OSV
OSV
added 2018/06/13 11:29 p.m.1 views

DEBIAN-CVE-2018-12019

The signature verification routine in Enigmail before 2.0.7 interprets user ids as status/control messages and does not correctly keep track of the status of multiple signatures, which allows remote attackers to spoof arbitrary email signatures via public keys containing crafted primary user ids...

7.5CVSS7.3AI score0.02143EPSS
Exploits1References1
OSV
OSV
added 2018/06/11 9:29 p.m.1 views

DEBIAN-CVE-2018-5091

A use-after-free vulnerability can occur during WebRTC connections when interacting with the DTMF timers. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR 52.6 and Firefox 58...

9.8CVSS8.4AI score0.03393EPSS
Exploits0References1
OSV
OSV
added 2018/05/22 9:29 p.m.2 views

DEBIAN-CVE-2018-11359

In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the RRC dissector and other dissectors could crash. This was addressed in epan/proto.c by avoiding a NULL pointer dereference...

7.5CVSS6.5AI score0.02858EPSS
Exploits0References1
Rows per page
Query Builder