Show filters
492 Total Results
Displaying 181-190 of 492
Sort by:
Attacker Value
Unknown

CVE-2018-10805

Disclosure Date: May 08, 2018 (last updated November 26, 2024)
ImageMagick version 7.0.7-28 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c.
0
0
Attacker Value
Unknown

CVE-2018-10804

Disclosure Date: May 08, 2018 (last updated November 26, 2024)
ImageMagick version 7.0.7-28 contains a memory leak in WriteTIFFImage in coders/tiff.c.
0
0
Attacker Value
Unknown

CVE-2018-0494

Disclosure Date: May 06, 2018 (last updated November 26, 2024)
GNU Wget before 1.19.5 is prone to a cookie injection vulnerability in the resp_new function in http.c via a \r\n sequence in a continuation line.
0
0
Attacker Value
Unknown

CVE-2018-10546

Disclosure Date: April 29, 2018 (last updated November 26, 2024)
An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. An infinite loop exists in ext/iconv/iconv.c because the iconv stream filter does not reject invalid multibyte sequences.
0
0
Attacker Value
Unknown

CVE-2018-10547

Disclosure Date: April 29, 2018 (last updated November 26, 2024)
An issue was discovered in ext/phar/phar_object.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. There is Reflected XSS on the PHAR 403 and 404 error pages via request data of a request for a .phar file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2018-5712.
0
0
Attacker Value
Unknown

CVE-2018-10548

Disclosure Date: April 29, 2018 (last updated November 26, 2024)
An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. ext/ldap/ldap.c allows remote LDAP servers to cause a denial of service (NULL pointer dereference and application crash) because of mishandling of the ldap_get_dn return value.
0
0
Attacker Value
Unknown

CVE-2018-10545

Disclosure Date: April 29, 2018 (last updated November 26, 2024)
An issue was discovered in PHP before 5.6.35, 7.0.x before 7.0.29, 7.1.x before 7.1.16, and 7.2.x before 7.2.4. Dumpable FPM child processes allow bypassing opcache access controls because fpm_unix.c makes a PR_SET_DUMPABLE prctl call, allowing one user (in a multiuser environment) to obtain sensitive information from the process memory of a second user's PHP applications by running gcore on the PID of the PHP-FPM worker process.
0
0
Attacker Value
Unknown

CVE-2018-10549

Disclosure Date: April 29, 2018 (last updated November 26, 2024)
An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. exif_read_data in ext/exif/exif.c has an out-of-bounds read for crafted JPEG data because exif_iif_add_value mishandles the case of a MakerNote that lacks a final '\0' character.
0
0
Attacker Value
Unknown

CVE-2018-10529

Disclosure Date: April 29, 2018 (last updated November 26, 2024)
An issue was discovered in LibRaw 0.18.9. There is an out-of-bounds read affecting the X3F property table list implementation in libraw_x3f.cpp and libraw_cxx.cpp.
0
0
Attacker Value
Unknown

CVE-2018-10528

Disclosure Date: April 29, 2018 (last updated November 26, 2024)
An issue was discovered in LibRaw 0.18.9. There is a stack-based buffer overflow in the utf2char function in libraw_cxx.cpp.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
View More Topics  < Previous  Next >