Export limit exceeded: 19553 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19553 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-9496 | 1 Google | 1 Android | 2024-11-21 | N/A |
| In ixheaacd_real_synth_fft_p3 of ixheaacd_esbr_fft.c there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-9.0 Android ID: A-110769924 | ||||
| CVE-2018-9491 | 1 Google | 1 Android | 2024-11-21 | N/A |
| In AMediaCodecCryptoInfo_new of NdkMediaCodec.cpp, there is a possible out-of-bounds write due to an integer overflow. This could lead to remote code execution in external apps with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-111603051 | ||||
| CVE-2018-9473 | 1 Google | 1 Android | 2024-11-21 | N/A |
| In ihevcd_parse_sei_payload of ihevcd_parse_headers.c, there is a possible out-of-bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.0 Android ID: A-65484460 | ||||
| CVE-2018-9450 | 1 Google | 1 Android | 2024-11-21 | N/A |
| In avrc_proc_vendor_command of avrc_api.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-79541338. | ||||
| CVE-2018-9446 | 1 Google | 1 Android | 2024-11-21 | N/A |
| In smp_br_state_machine_event of smp_br_main.cc, there is a possible out of bounds write due to memory corruption. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-80145946. | ||||
| CVE-2018-9427 | 1 Google | 1 Android | 2024-11-21 | N/A |
| In CopyToOMX of OMXNodeInstance.cpp there is a possible out-of-bounds write due to an incorrect bounds check. This could lead to remote arbitrary code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.0 Android-8.1 Android ID: A-77486542. | ||||
| CVE-2018-9385 | 1 Google | 1 Android | 2024-11-21 | N/A |
| In driver_override_store of bus.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-74128061 References: Upstream kernel. | ||||
| CVE-2018-9363 | 5 Canonical, Debian, Google and 2 more | 6 Ubuntu Linux, Debian Linux, Android and 3 more | 2024-11-21 | 8.4 High |
| In the hidp_process_report in bluetooth, there is an integer overflow. This could lead to an out of bounds write with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-65853588 References: Upstream kernel. | ||||
| CVE-2018-9357 | 1 Google | 1 Android | 2024-11-21 | N/A |
| In BNEP_Write of bnep_api.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-74947856. | ||||
| CVE-2018-9355 | 1 Google | 1 Android | 2024-11-21 | N/A |
| In bta_dm_sdp_result of bta_dm_act.cc, there is a possible out of bounds stack write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-74016921. | ||||
| CVE-2018-9285 | 1 Asus | 22 Rt-ac1900, Rt-ac1900 Firmware, Rt-ac2900 and 19 more | 2024-11-21 | N/A |
| Main_Analysis_Content.asp in /apply.cgi on ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900, RT-AC2900, and RT-AC3100 devices before 3.0.0.4.384_10007; RT-N18U devices before 3.0.0.4.382.39935; RT-AC87U and RT-AC3200 devices before 3.0.0.4.382.50010; and RT-AC5300 devices before 3.0.0.4.384.20287 allows OS command injection via the pingCNT and destIP fields of the SystemCmd variable. | ||||
| CVE-2018-9264 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2024-11-21 | N/A |
| In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the ADB dissector could crash with a heap-based buffer overflow. This was addressed in epan/dissectors/packet-adb.c by checking for a length inconsistency. | ||||
| CVE-2018-9143 | 1 Samsung | 1 Samsung Mobile | 2024-11-21 | N/A |
| On Samsung mobile devices with M(6.0) and N(7.x) software, a heap overflow in the sensorhub binder service leads to code execution in a privileged process, aka SVE-2017-10991. | ||||
| CVE-2018-9086 | 1 Lenovo | 8 Thinkserver Rd340, Thinkserver Rd340 Firmware, Thinkserver Rd440 and 5 more | 2024-11-21 | N/A |
| In some Lenovo ThinkServer-branded servers, a command injection vulnerability exists in the BMC firmware download command. This allows a privileged user to download and execute arbitrary code inside the BMC. This can only be exploited by authorized privileged users. | ||||
| CVE-2018-9077 | 1 Lenovo | 22 Iomega Ez Media \& Backup Center, Iomega Storcenter Ix2, Iomega Storcenter Ix2-dl and 19 more | 2024-11-21 | N/A |
| For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, when changing the name of a share, an attacker can craft a command injection payload using backtick "``" characters in the share : name parameter. As a result, arbitrary commands may be executed as the root user. The attack requires a value __c and iomega parameter. | ||||
| CVE-2018-9076 | 1 Lenovo | 22 Iomega Ez Media \& Backup Center, Iomega Storcenter Ix2, Iomega Storcenter Ix2-dl and 19 more | 2024-11-21 | N/A |
| For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, when changing the name of a share, an attacker can craft a command injection payload using backtick "``" characters in the name parameter. As a result, arbitrary commands may be executed as the root user. The attack requires a value __c and iomega parameter. | ||||
| CVE-2018-9075 | 1 Lenovo | 22 Iomega Ez Media \& Backup Center, Iomega Storcenter Ix2, Iomega Storcenter Ix2-dl and 19 more | 2024-11-21 | N/A |
| For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, when joining a PersonalCloud setup, an attacker can craft a command injection payload using backtick "``" characters in the client:password parameter. As a result, arbitrary commands may be executed as the root user. The attack requires a value __c and iomega parameter. | ||||
| CVE-2018-8905 | 4 Canonical, Debian, Libtiff and 1 more | 7 Ubuntu Linux, Debian Linux, Libtiff and 4 more | 2024-11-21 | 8.8 High |
| In LibTIFF 4.0.9, a heap-based buffer overflow occurs in the function LZWDecodeCompat in tif_lzw.c via a crafted TIFF file, as demonstrated by tiff2ps. | ||||
| CVE-2018-8879 | 1 Asus | 2 Rt-ac66u, Rt-ac66u Firmware | 2024-11-21 | 9.8 Critical |
| Stack-based buffer overflow in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices allows remote attackers to execute arbitrary code by providing a long string to the blocking.asp page via a GET or POST request. Vulnerable parameters are flag, mac, and cat_id. | ||||
| CVE-2018-8871 | 1 Deltaww | 1 Tpeditor | 2024-11-21 | 9.8 Critical |
| In Delta Electronics Automation TPEditor version 1.89 or prior, parsing a malformed program file may cause heap-based buffer overflow vulnerability, which may allow remote code execution. | ||||