Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

87 matches found

Prion
Prionadded 2018/10/19 5:29 p.m.19 views

Design/Logic Flaw

An Invalid Memory Address Dereference exists in the function elfend in libelf in elfutils through v0.174. Although eu-size is intended to support ar files inside ar files, handlear in size.c closes the outer ar file before handling all inner entries. The vulnerability allows attackers to cause a...

4.3CVSS7.2AI score0.00889EPSS
Exploits1References7Affected Software7
NVD
NVDadded 2018/10/19 5:29 p.m.21 views

CVE-2018-18520

An Invalid Memory Address Dereference exists in the function elfend in libelf in elfutils through v0.174. Although eu-size is intended to support ar files inside ar files, handlear in size.c closes the outer ar file before handling all inner entries. The vulnerability allows attackers to cause a...

6.5CVSS7.4AI score0.00889EPSS
Exploits1References7
OSV
OSVadded 2018/10/19 5:29 p.m.25 views

CVE-2018-18520

An Invalid Memory Address Dereference exists in the function elfend in libelf in elfutils through v0.174. Although eu-size is intended to support ar files inside ar files, handlear in size.c closes the outer ar file before handling all inner entries. The vulnerability allows attackers to cause a...

6.5CVSS6.9AI score
Exploits0References7
Debian CVE
Debian CVEadded 2018/10/19 5:0 p.m.33 views

CVE-2018-18520

An Invalid Memory Address Dereference exists in the function elfend in libelf in elfutils through v0.174. Although eu-size is intended to support ar files inside ar files, handlear in size.c closes the outer ar file before handling all inner entries. The vulnerability allows attackers to cause a...

6.5CVSS5.7AI score0.00889EPSS
Exploits1
CVE
CVEadded 2018/10/19 5:0 p.m.252 views

CVE-2018-18520

CVE-2018-18520 – elfutils (libelf): In elfutils up to v0.174, the function elf_end mishandles recursive ar files (eu-size/handle_ar in size.c) by closing the outer ar file before finishing inner entries, enabling an invalid memory access that can crash the application (denial of service). This is...

6.5CVSS6.7AI score0.00889EPSS
Exploits1References7Affected Software1
Cvelist
Cvelistadded 2018/10/19 5:0 p.m.22 views

CVE-2018-18520

An Invalid Memory Address Dereference exists in the function elfend in libelf in elfutils through v0.174. Although eu-size is intended to support ar files inside ar files, handlear in size.c closes the outer ar file before handling all inner entries. The vulnerability allows attackers to cause a...

7.4AI score0.00889EPSS
Exploits1References7
UbuntuCve
UbuntuCveadded 2018/10/19 12:0 a.m.36 views

CVE-2018-18520

An Invalid Memory Address Dereference exists in the function elfend in libelf in elfutils through v0.174. Although eu-size is intended to support ar files inside ar files, handlear in size.c closes the outer ar file before handling all inner entries. The vulnerability allows attackers to cause a...

6.5CVSS6.6AI score0.00889EPSS
Exploits1References4
Positive Technologies
Positive Technologiesadded 2018/10/17 12:0 a.m.1 views

PT-2018-3629 · Red Hat +5 · Elfutils +6

Name of the Vulnerable Software and Affected Versions: elfutils versions through 0.174 Description: The issue is related to an Invalid Memory Address Dereference in the elf end function in the libelf library of the elfutils package. This occurs because the handle ar function in size.c closes the...

9.8CVSS5.7AI score0.01961EPSS
Exploits19References185
RedhatCVE
RedhatCVEadded 2018/09/04 4:48 a.m.28 views

CVE-2018-16402

libelf/elfend.c in elfutils 0.173 allows remote attackers to cause a denial of service double free and application crash or possibly have unspecified other impact because it tries to decompress twice...

9.8CVSS6.9AI score0.01961EPSS
Exploits1References2
CNVD
CNVDadded 2018/09/04 12:0 a.m.1 views

elfutils denial of service vulnerability (CNVD-2018-18105)

lfutils is a collection of utilities and libraries for reading, creating and modifying ELF binaries. A security vulnerability exists in the libelf/elfend.c file in elfutils version 0.173. A remote attacker could exploit this vulnerability to cause a denial of service double release and applicatio...

9.8CVSS5.9AI score0.01961EPSS
Exploits1References1
NVD
NVDadded 2018/09/03 7:29 p.m.23 views

CVE-2018-16402

libelf/elfend.c in elfutils 0.173 allows remote attackers to cause a denial of service double free and application crash or possibly have unspecified other impact because it tries to decompress twice...

9.8CVSS9.8AI score0.01961EPSS
Exploits1References6
OSV
OSVadded 2018/09/03 7:29 p.m.2 views

ALPINE-CVE-2018-16402

libelf/elfend.c in elfutils 0.173 allows remote attackers to cause a denial of service double free and application crash or possibly have unspecified other impact because it tries to decompress twice...

9.8CVSS7.5AI score0.01961EPSS
Exploits1References1
OSV
OSVadded 2018/09/03 7:29 p.m.30 views

CVE-2018-16402

libelf/elfend.c in elfutils 0.173 allows remote attackers to cause a denial of service double free and application crash or possibly have unspecified other impact because it tries to decompress twice...

9.8CVSS8AI score
Exploits0References6
OSV
OSVadded 2018/09/03 7:29 p.m.0 views

DEBIAN-CVE-2018-16402

libelf/elfend.c in elfutils 0.173 allows remote attackers to cause a denial of service double free and application crash or possibly have unspecified other impact because it tries to decompress twice...

9.8CVSS6.5AI score0.01961EPSS
Exploits1References1
CVE
CVEadded 2018/09/03 7:0 p.m.246 views

CVE-2018-16402

CVE-2018-16402 affects elfutils (libelf/elf_end.c) where double decompression of sections can lead to a denial of service or application crash. Affected upstream version is 0.173. Public advisories confirm a remediation path: upgrade elfutils to newer releases (e.g., 0.176) across affected platfo...

9.8CVSS9.6AI score0.01961EPSS
Exploits1References6Affected Software1
Cvelist
Cvelistadded 2018/09/03 7:0 p.m.26 views

CVE-2018-16402

libelf/elfend.c in elfutils 0.173 allows remote attackers to cause a denial of service double free and application crash or possibly have unspecified other impact because it tries to decompress twice...

9.8AI score0.01961EPSS
Exploits1References6
Debian CVE
Debian CVEadded 2018/09/03 7:0 p.m.31 views

CVE-2018-16402

libelf/elfend.c in elfutils 0.173 allows remote attackers to cause a denial of service double free and application crash or possibly have unspecified other impact because it tries to decompress twice...

9.8CVSS6.8AI score0.01961EPSS
Exploits1
AlpineLinux
AlpineLinuxadded 2018/09/03 7:0 p.m.1 views

CVE-2018-16402

libelf/elfend.c in elfutils 0.173 allows remote attackers to cause a denial of service double free and application crash or possibly have unspecified other impact because it tries to decompress twice...

9.8CVSS6.7AI score0.01961EPSS
Exploits1
UbuntuCve
UbuntuCveadded 2018/09/03 12:0 a.m.36 views

CVE-2018-16402

libelf/elfend.c in elfutils 0.173 allows remote attackers to cause a denial of service double free and application crash or possibly have unspecified other impact because it tries to decompress twice...

9.8CVSS6.7AI score0.01961EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2018/08/15 12:0 a.m.3 views

PT-2018-3828 · Red Hat +4 · Elfutils +5

Name of the Vulnerable Software and Affected Versions: elfutils version 0.173 Description: The issue is related to a double free error in the libelf/elf end.c component of the elfutils utility, which is used for modifying and analyzing ELF binary files. This error can be exploited by a remote...

9.8CVSS5.8AI score0.01961EPSS
Exploits18References163
Rows per page
Query Builder