Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7700 matches found

CNVD
CNVDadded 2018/12/10 12:0 a.m.2 views

LibRaw 'samsung_load_raw()' function memory out-of-bounds read vulnerability

LibRaw is a C++ library developed by the LibRaw team for processing RAW CRW/CR2, NEF, RAF, DNG and others format images. A security vulnerability exists in the 'samsungloadraw' function in the internal/dcrawcommon.cpp file in LibRaw versions prior to 0.18.9. A remote attacker can exploit this...

8.8CVSS9.1AI score0.00481EPSS
Exploits0References1
Hacker One
Hacker Oneadded 2018/12/08 3:22 p.m.9 views

Ruby: The taint flag is not propagated at JSON.parse

Vulnerability description not provided...

7.1AI score
Exploits0
OSV
OSVadded 2018/12/07 10:29 p.m.16 views

CVE-2018-5812

An error within the "nikoncoolscanloadraw" function internal/dcrawcommon.cpp in LibRaw versions prior to 0.18.9 can be exploited to trigger a NULL pointer dereference...

6.5CVSS6.5AI score
Exploits0References5
OSV
OSVadded 2018/12/07 10:29 p.m.2 views

DEBIAN-CVE-2018-5810

An error within the "rolleiloadraw" function internal/dcrawcommon.cpp in LibRaw versions prior to 0.18.9 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash...

8.8CVSS7AI score0.00502EPSS
Exploits0References1
OSV
OSVadded 2018/12/07 10:29 p.m.0 views

DEBIAN-CVE-2018-5802

An error within the "kodakradcloadraw" function internal/dcrawcommon.cpp related to the "buf" variable in LibRaw versions prior to 0.18.7 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash...

8.8CVSS6.8AI score0.00679EPSS
Exploits1References1
OSV
OSVadded 2018/12/07 10:29 p.m.1 views

DEBIAN-CVE-2018-5805

A boundary error within the "quicktake100loadraw" function internal/dcrawcommon.cpp in LibRaw versions prior to 0.18.8 can be exploited to cause a stack-based buffer overflow and subsequently cause a crash...

8.8CVSS8.8AI score0.00502EPSS
Exploits0References1
OSV
OSVadded 2018/12/07 10:29 p.m.3 views

DEBIAN-CVE-2018-5807

An error within the "samsungloadraw" function internal/dcrawcommon.cpp in LibRaw versions prior to 0.18.9 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash...

8.8CVSS8.6AI score0.00481EPSS
Exploits0References1
OSV
OSVadded 2018/12/07 10:29 p.m.1 views

DEBIAN-CVE-2018-5800

An off-by-one error within the "LibRaw::kodakycbcrloadraw" function internal/dcrawcommon.cpp in LibRaw versions prior to 0.18.7 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash...

6.5CVSS6.8AI score0.01483EPSS
Exploits1References1
OSV
OSVadded 2018/12/07 10:29 p.m.1 views

DEBIAN-CVE-2017-16909

An error related to the "LibRaw::panasonicloadraw" function dcrawcommon.cpp in LibRaw versions prior to 0.18.6 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash via a specially crafted TIFF image...

8.8CVSS7.3AI score0.00571EPSS
Exploits1References1
OSV
OSVadded 2018/12/07 10:29 p.m.1 views

UBUNTU-CVE-2018-5806

An error within the "leafhdrloadraw" function internal/dcrawcommon.cpp in LibRaw versions prior to 0.18.8 can be exploited to trigger a NULL pointer dereference...

6.5CVSS6.9AI score0.00508EPSS
Exploits0References3
Cvelist
Cvelistadded 2018/12/07 10:0 p.m.20 views

CVE-2018-5812

An error within the "nikoncoolscanloadraw" function internal/dcrawcommon.cpp in LibRaw versions prior to 0.18.9 can be exploited to trigger a NULL pointer dereference...

6.4AI score0.00508EPSS
Exploits0References5
Hacker One
Hacker Oneadded 2018/12/07 8:40 p.m.57 views

Valve: Malformed save files (.sav) allow to write files with arbitrary extensions and content in GoldSrc-based games.

The structure of the save file implies unpacking of temporary files with extensions .HL1, .HL2 and .HL3. In the code of command 'load', there is a check for invalid substrings, such as .., so unpacking the files into the top directories will not work. Also, it seems, there is a code for checking...

0.5AI score
Exploits0
OSV
OSVadded 2018/11/30 3:29 a.m.0 views

UBUNTU-CVE-2018-19756

There is a heap-based buffer over-read at stbimage.h function: stbitgaload in libsixel 1.8.2 that will cause a denial of service...

5.5CVSS7.3AI score0.00151EPSS
Exploits1References3
Citrix
Citrixadded 2018/11/30 12:0 a.m.8 views

StoreFront Loopback Feature analysis when configuring Base URL for load balance

In previous versions of StoreFront such as 2.6 or older, Citrix recommended that you manually modify the hosts file on each StoreFront server to map the fully qualified domain name FQDN of the load balancer to the loopback address or the IP address of the specific StoreFront server. This ensures...

7.4AI score
Exploits0
Prion
Prionadded 2018/11/28 5:29 p.m.32 views

Heap overflow

Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers almost 80 KB per connection, and carefully timed completion of the headers, it is possible to cause the HTTP...

5CVSS7.3AI score0.05572EPSS
Exploits0References6Affected Software8
NVD
NVDadded 2018/11/28 5:29 p.m.22 views

CVE-2018-12121

Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers almost 80 KB per connection, and carefully timed completion of the headers, it is possible to cause the HTTP...

7.5CVSS7.5AI score0.05572EPSS
Exploits0References7
OSV
OSVadded 2018/11/28 5:29 p.m.3 views

ALPINE-CVE-2018-12121

Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers almost 80 KB per connection, and carefully timed completion of the headers, it is possible to cause the HTTP...

7.5CVSS8.9AI score0.05572EPSS
Exploits0References1
OSV
OSVadded 2018/11/28 5:29 p.m.26 views

CVE-2018-12121

Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers almost 80 KB per connection, and carefully timed completion of the headers, it is possible to cause the HTTP...

7.5CVSS6.6AI score
Exploits0References7
OSV
OSVadded 2018/11/28 5:29 p.m.1 views

DEBIAN-CVE-2018-12121

Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers almost 80 KB per connection, and carefully timed completion of the headers, it is possible to cause the HTTP...

7.5CVSS8.4AI score0.05572EPSS
Exploits0References1
Cvelist
Cvelistadded 2018/11/28 5:0 p.m.30 views

CVE-2018-12121

Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers almost 80 KB per connection, and carefully timed completion of the headers, it is possible to cause the HTTP...

7.5AI score0.05572EPSS
Exploits0References6
Rows per page
Query Builder