Show filters
963 Total Results
Displaying 211-220 of 963
Sort by:
Attacker Value
Unknown

CVE-2018-19476

Disclosure Date: November 23, 2018 (last updated November 08, 2023)
psi/zicc.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a setcolorspace type confusion.
0
0
Attacker Value
Unknown

CVE-2018-19409

Disclosure Date: November 21, 2018 (last updated November 08, 2023)
An issue was discovered in Artifex Ghostscript before 9.26. LockSafetyParams is not checked correctly if another device is used.
0
0
Attacker Value
Unknown

CVE-2018-5407

Disclosure Date: November 15, 2018 (last updated November 08, 2023)
Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'.
Attack Vector: LocalPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2018-17466

Disclosure Date: November 14, 2018 (last updated November 08, 2023)
Incorrect texture handling in Angle in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
0
0
Attacker Value
Unknown

CVE-2018-19115

Disclosure Date: November 08, 2018 (last updated November 27, 2024)
keepalived before 2.0.7 has a heap-based buffer overflow when parsing HTTP status codes resulting in DoS or possibly unspecified other impact, because extract_status_code in lib/html.c has no validation of the status code and instead writes an unlimited amount of data to the heap.
0
0
Attacker Value
Unknown

CVE-2018-19107

Disclosure Date: November 08, 2018 (last updated November 27, 2024)
In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called from psdimage.cpp in the PSD image reader) may suffer from a denial of service (heap-based buffer over-read) caused by an integer overflow via a crafted PSD image file.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2018-19108

Disclosure Date: November 08, 2018 (last updated November 27, 2024)
In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD image reader may suffer from a denial of service (infinite loop) caused by an integer overflow via a crafted PSD image file.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2018-19058

Disclosure Date: November 07, 2018 (last updated November 27, 2024)
An issue was discovered in Poppler 0.71.0. There is a reachable abort in Object.h, will lead to denial of service because EmbFile::save2 in FileSpec.cc lacks a stream check before saving an embedded file.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2018-18897

Disclosure Date: November 02, 2018 (last updated November 27, 2024)
An issue was discovered in Poppler 0.71.0. There is a memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc, as demonstrated by pdftocairo.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

Out-of-Bounds write in systemd-networkd dhcpv6 option handling

Disclosure Date: October 26, 2018 (last updated November 27, 2024)
A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. Affected releases are systemd: versions up to and including 239.
Attack Vector: Adjacent NetworkPrivileges: NoneUser Interaction: None
0
0
View More Topics  < Previous  Next >