Export limit exceeded: 17196 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 42196 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (42196 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-12151 | 1 Intel | 1 Extreme Tuning Utility | 2024-11-21 | N/A |
| Buffer overflow in installer for Intel Extreme Tuning Utility before 6.4.1.21 may allow an authenticated user to potentially cause a buffer overflow potentially leading to a denial of service via local access. | ||||
| CVE-2018-12150 | 1 Intel | 1 Extreme Tuning Utility | 2024-11-21 | N/A |
| Escalation of privilege in Installer for Intel Extreme Tuning Utility before 6.4.1.21 may allow an authenticated user to potentially execute code or disclose information as administrator via local access. | ||||
| CVE-2018-12149 | 1 Intel | 1 Extreme Tuning Utility | 2024-11-21 | N/A |
| Buffer overflow in input handling in Intel Extreme Tuning Utility before 6.4.1.21 may allow an authenticated user to potentially deny service to the application via local access. | ||||
| CVE-2018-12116 | 3 Nodejs, Redhat, Suse | 5 Node.js, Rhel Software Collections, Suse Enterprise Storage and 2 more | 2024-11-21 | 7.5 High |
| Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user-provided Unicode data for the `path` option of an HTTP request, then data can be provided which will trigger a second, unexpected, and user-defined HTTP request to made to the same server. | ||||
| CVE-2018-12115 | 2 Nodejs, Redhat | 5 Node.js, Openshift, Openshift Application Runtimes and 2 more | 2024-11-21 | N/A |
| In all versions of Node.js prior to 6.14.4, 8.11.4 and 10.9.0 when used with UCS-2 encoding (recognized by Node.js under the names `'ucs2'`, `'ucs-2'`, `'utf16le'` and `'utf-16le'`), `Buffer#write()` can be abused to write outside of the bounds of a single `Buffer`. Writes that start from the second-to-last position of a buffer cause a miscalculation of the maximum length of the input bytes to be written. | ||||
| CVE-2018-12113 | 1 Coreftp | 1 Core Ftp | 2024-11-21 | N/A |
| Core FTP LE version 2.2 Build 1921 is prone to a buffer overflow vulnerability that may result in a DoS or remote code execution via a PASV response. | ||||
| CVE-2018-12112 | 1 Md4c Project | 1 Md4c | 2024-11-21 | N/A |
| md_build_attribute in md4c.c in md4c 0.2.6 allows remote attackers to cause a denial of service (Segmentation fault and application crash) or possibly have unspecified other impact via a crafted file. | ||||
| CVE-2018-12098 | 1 Liblnk Project | 1 Liblnk | 2024-11-21 | N/A |
| The liblnk_data_block_read function in liblnk_data_block.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure (heap-based buffer over-read) via a crafted lnk file. NOTE: the vendor has disputed this as described in libyal/liblnk issue 33 on GitHub | ||||
| CVE-2018-12097 | 1 Liblnk Project | 1 Liblnk | 2024-11-21 | N/A |
| The liblnk_location_information_read_data function in liblnk_location_information.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure (heap-based buffer over-read) via a crafted lnk file. NOTE: the vendor has disputed this as described in libyal/liblnk issue 33 on GitHub | ||||
| CVE-2018-12096 | 1 Liblnk Project | 1 Liblnk | 2024-11-21 | N/A |
| The liblnk_data_string_get_utf8_string_size function in liblnk_data_string.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure (heap-based buffer over-read) via a crafted lnk file. NOTE: the vendor has disputed this as described in libyal/liblnk issue 33 on GitHub | ||||
| CVE-2018-12092 | 1 Tinyexr Project | 1 Tinyexr | 2024-11-21 | N/A |
| tinyexr 0.9.5 has a heap-based buffer over-read in tinyexr::DecodePixelData in tinyexr.h, related to OpenEXR code. | ||||
| CVE-2018-12085 | 4 Canonical, Liblouis, Opensuse and 1 more | 4 Ubuntu Linux, Liblouis, Leap and 1 more | 2024-11-21 | N/A |
| Liblouis 3.6.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c, a different vulnerability than CVE-2018-11440. | ||||
| CVE-2018-12070 | 1 Sec Project | 1 Sec | 2024-11-21 | N/A |
| The sell function of a smart contract implementation for SEC, a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a manipulable variable sellPrice, aka the "tradeTrap" issue. | ||||
| CVE-2018-12068 | 1 Tgtcoins | 1 Target Coin | 2024-11-21 | N/A |
| The sell function of a smart contract implementation for Target Coin (TGT), a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a manipulable variable sellPrice, aka the "tradeTrap" issue. | ||||
| CVE-2018-12067 | 1 Substratum | 1 Substratum | 2024-11-21 | N/A |
| The sell function of a smart contract implementation for Substratum (SUB), a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a manipulable variable sellPrice, aka the "tradeTrap" issue. | ||||
| CVE-2018-12064 | 1 Tinyexr Project | 1 Tinyexr | 2024-11-21 | N/A |
| tinyexr 0.9.5 has a heap-based buffer over-read via tinyexr::ReadChannelInfo in tinyexr.h. | ||||
| CVE-2018-12063 | 1 Intchain | 1 Node Token | 2024-11-21 | N/A |
| The sell function of a smart contract implementation for Internet Node Token (INT), a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a manipulable variable sellPrice, aka the "tradeTrap" issue. | ||||
| CVE-2018-12062 | 1 Swft | 1 Swftcoin | 2024-11-21 | N/A |
| The sell function of a smart contract implementation for SwftCoin (SWFTC), a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a manipulable variable sellPrice, aka the "tradeTrap" issue. | ||||
| CVE-2018-12036 | 1 Owasp | 1 Dependency-check | 2024-11-21 | N/A |
| OWASP Dependency-Check before 3.2.0 allows attackers to write to arbitrary files via a crafted archive that holds directory traversal filenames. | ||||
| CVE-2018-12034 | 1 Virustotal | 1 Yara | 2024-11-21 | N/A |
| In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds read vulnerability in yr_execute_code in libyara/exec.c. | ||||