CVE-2018-16790

bsoniternextinternal in bson-iter.c in libbson 1.12.0, as used in MongoDB mongo-c-driver and other products, has a heap-based buffer over-read via a crafted bson buffer...

CVE-2018-16764

In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service application crash or possibly have unspecified other impact because of an IR::FunctionValidationContext::catchall heap-based buffer over-read...

WAVM Buffer Over-Read Vulnerability

WAVM is the WebAssembly Virtual Machine. A heap buffer over-read vulnerability exists in IR::FunctionValidationContext::catchall in WAVM 2018-07-26 and earlier versions, which can be exploited by an attacker to cause a denial of service application crash by sending a specially crafted file...

PT-2018-13750 · Mongodb +3 · Libbson +3

Name of the Vulnerable Software and Affected Versions: libbson version 1.12.0 Description: The issue is related to a heap-based buffer over-read in the bson iter next internal function in bson-iter.c via a crafted bson buffer. Recommendations: For libbson version 1.12.0, at the moment, there is n...

UBUNTU-CVE-2018-16382

Netwide Assembler NASM 2.14rc15 has a buffer over-read in x86/regflags.c...

DEBIAN-CVE-2018-16382

Netwide Assembler NASM 2.14rc15 has a buffer over-read in x86/regflags.c...

Xpdf Denial of Service Vulnerability (CNVD-2019-17489)

Xpdf is a free PDF viewer and toolkit that includes a text extractor, image converter, HTML converter and more. A denial of service vulnerability exists in SplashXPath::strokeAdjust in splash/SplashXPath.cc in Xpdf 4.00. A remote attacker can exploit this vulnerability to cause a denial of servic...

PT-2018-3205 · Imagemagick +2 · Imagemagick +2

Name of the Vulnerable Software and Affected Versions: ImageMagick versions 7.0.8 through 7.0.11 Description: The issue is caused by a heap-based buffer over-read in the PushShortPixel function, located in MagickCore/quantum-private.h, which can be exploited by a remote attacker to execute...

CVE-2018-15160

The libesedbcatalogdefinitionread function in libesedbcatalogdefinition.c in libesedb through 2018-04-01 allows remote attackers to cause a heap-based buffer over-read via a crafted esedb file. NOTE: the vendor has disputed this as described in the GitHub issue comments...

CVE-2018-15159

The libesedbpagereadtags function in libesedbpage.c in libesedb through 2018-04-01 allows remote attackers to cause a heap-based buffer over-read via a crafted esedb file. NOTE: the vendor has disputed this as described in the GitHub issue comments...

UBUNTU-CVE-2018-15159

DISPUTED The libesedbpagereadtags function in libesedbpage.c in libesedb through 2018-04-01 allows remote attackers to cause a heap-based buffer over-read via a crafted esedb file. NOTE: the vendor has disputed this as described in the GitHub issue comments...

PT-2018-12914 · Libesedb · Libesedb

Name of the Vulnerable Software and Affected Versions: libesedb versions prior to 2018-04-01 Description: The issue allows remote attackers to cause a heap-based buffer over-read via a crafted esedb file. This is due to a problem in the libesedb page read tags function in libesedb page.c. The...

UBUNTU-CVE-2018-16336

Exiv2::Internal::PngChunk::parseTXTChunk in Exiv2 v0.26 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted image file, a different vulnerability than CVE-2018-10999...

ALPINE-CVE-2018-16062

dwarfgetaranges in dwarfgetaranges.c in libdw in elfutils before 2018-08-18 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted file...

openSUSE Security Update : aubio (openSUSE-2018-868)

This update for aubio fixes the following issues : - CVE-2018-14522: Fixed a crash in aubiopitchsetunit bsc1102359 - CVE-2018-14523: Fixed a buffer overrread resulting in crash or information leakage in newaubiopitchyinfft bsc1102364 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

libxml2: Heap-based buffer over-read in function xmlDictAddString

libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictAddString function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for CVE-2016-1839...

libxml2: Heap-based buffer over-read in function xmlDictComputeFastKey

libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictComputeFastKey function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for libxml2 Bug 759398...

Security update for aubio (moderate)

This update for aubio fixes the following issues: - CVE-2018-14522: Fixed a crash in aubiopitchsetunit bsc1102359 - CVE-2018-14523: Fixed a buffer overrread resulting in crash or information leakage in newaubiopitchyinfft bsc1102364...

CVE-2018-0409

A vulnerability in the XCP Router service of the Cisco Unified Communications Manager IM & Presence Service CUCM IM&P and the Cisco TelePresence Video Communication Server VCS and Expressway could allow an unauthenticated, remote attacker to cause a temporary service outage for all IM&P users,...

Denial Of Service (DoS)

libexiv2.so is vulnerable to denial of service DoS attacks. The vulnerability exists due to a heap-based buffer overread issue in Exiv2::Internal::PngChunk::keyTXTCheck of pngchunkint.cpp, causing DoS attacks...