CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In February 2018(Overflow)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2018-1000050 119 DoS Overflow Mem. Corr. 2018-02-09 2018-03-08
6.8
None Remote Medium Not required Partial Partial Partial
Sean Barrett stb_vorbis version 1.12 and earlier contains a Buffer Overflow vulnerability in All vorbis decoding paths. that can result in memory corruption, denial of service, comprised execution of host program. This attack appear to be exploitable via Victim must open a specially crafted Ogg Vorbis file. This vulnerability appears to have been fixed in 1.13.
2 CVE-2018-1000035 787 DoS Exec Code Overflow 2018-02-09 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the processing of password-protected archives that allows an attacker to perform a denial of service or to possibly achieve code execution.
3 CVE-2018-1000032 787 DoS Exec Code Overflow 2018-02-09 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service or to possibly achieve code execution.
4 CVE-2018-1000031 787 DoS Exec Code Overflow 2018-02-09 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service or to possibly achieve code execution.
5 CVE-2018-1000030 787 Overflow Mem. Corr. 2018-02-08 2020-08-24
3.3
None Local Medium Not required Partial None Partial
Python 2.7.14 is vulnerable to a Heap-Buffer-Overflow as well as a Heap-Use-After-Free. Python versions prior to 2.7.14 may also be vulnerable and it appears that Python 2.7.17 and prior may also be vulnerable however this has not been confirmed. The vulnerability lies when multiply threads are handling large amounts of data. In both cases there is essentially a race condition that occurs. For the Heap-Buffer-Overflow, Thread 2 is creating the size for a buffer, but Thread1 is already writing to the buffer without knowing how much to write. So when a large amount of data is being processed, it is very easy to cause memory corruption using a Heap-Buffer-Overflow. As for the Use-After-Free, Thread3->Malloc->Thread1->Free's->Thread2-Re-uses-Free'd Memory. The PSRT has stated that this is not a security vulnerability due to the fact that the attacker must be able to run code, however in some situations, such as function as a service, this vulnerability can potentially be used by an attacker to violate a trust boundary, as such the DWF feels this issue deserves a CVE.
6 CVE-2018-7569 190 DoS Overflow 2018-02-28 2019-10-31
4.3
None Remote Medium Not required None None Partial
dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (integer underflow or overflow, and application crash) via an ELF file with a corrupt DWARF FORM block, as demonstrated by nm.
7 CVE-2018-7568 190 DoS Overflow 2018-02-28 2019-10-31
4.3
None Remote Medium Not required None None Partial
The parse_die function in dwarf1.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (integer overflow and application crash) via an ELF file with corrupt dwarf1 debug information, as demonstrated by nm.
8 CVE-2018-7553 787 DoS Overflow 2018-02-28 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
There is a heap-based buffer overflow in the pcxLoadRaster function of in_pcx.cpp in sam2p 0.49.4. A crafted input will lead to a denial of service or possibly unspecified other impact.
9 CVE-2018-7552 119 DoS Overflow 2018-02-28 2019-03-13
7.5
None Remote Low Not required Partial Partial Partial
There is an invalid free in Mapping::DoubleHash::clear in mapping.cpp that leads to a Segmentation fault in sam2p 0.49.4. A crafted input will lead to a denial of service or possibly unspecified other impact.
10 CVE-2018-7487 787 DoS Overflow 2018-02-26 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
There is a heap-based buffer overflow in the LoadPCX function of in_pcx.cpp in sam2p 0.49.4. A Crafted input will lead to a denial of service or possibly unspecified other impact.
11 CVE-2018-7485 119 DoS Overflow 2018-02-26 2019-08-06
7.5
None Remote Low Not required Partial Partial Partial
The SQLWriteFileDSN function in odbcinst/SQLWriteFileDSN.c in unixODBC 2.3.5 has strncpy arguments in the wrong order, which allows attackers to cause a denial of service or possibly have unspecified other impact.
12 CVE-2018-7471 190 Overflow 2018-02-25 2018-03-17
7.2
None Local Low Not required Complete Complete Complete
KingView 7.5SP1 has an integer overflow during stgopenstorage API read operations.
13 CVE-2018-7470 119 DoS Overflow 2018-02-25 2018-03-17
4.3
None Remote Medium Not required None None Partial
An issue was discovered in ImageMagick 7.0.7-22 Q16. The IsWEBPImageLossless function in coders/webp.c allows attackers to cause a denial of service (segmentation violation) via a crafted file.
14 CVE-2018-7409 119 Overflow 2018-02-22 2019-08-06
7.5
None Remote Low Not required Partial Partial Partial
In unixODBC before 2.3.5, there is a buffer overflow in the unicode_to_ansi_copy() function in DriverManager/__info.c.
15 CVE-2018-7339 119 DoS Overflow 2018-02-23 2018-03-18
6.8
None Remote Medium Not required Partial Partial Partial
The MP4Atom class in mp4atom.cpp in MP4v2 through 2.0.0 mishandles Entry Number validation for the MP4 Table Property, which allows remote attackers to cause a denial of service (overflow, insufficient memory allocation, and segmentation fault) or possibly have unspecified other impact via a crafted mp4 file.
16 CVE-2018-7284 119 Overflow 2018-02-22 2019-03-01
5.0
None Remote Low Not required None None Partial
A Buffer Overflow issue was discovered in Asterisk through 13.19.1, 14.x through 14.7.5, and 15.x through 15.2.1, and Certified Asterisk through 13.18-cert2. When processing a SUBSCRIBE request, the res_pjsip_pubsub module stores the accepted formats present in the Accept headers of the request. This code did not limit the number of headers it processed, despite having a fixed limit of 32. If more than 32 Accept headers were present, the code would write outside of its memory and cause a crash.
17 CVE-2018-7254 125 Overflow 2018-02-19 2019-12-20
6.8
None Remote Medium Not required Partial Partial Partial
The ParseCaffHeaderConfig function of the cli/caff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service (global buffer over-read), or possibly trigger a buffer overflow or incorrect memory allocation, via a maliciously crafted CAF file.
18 CVE-2018-7247 119 Exec Code Overflow 2018-02-19 2018-03-14
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in pixHtmlViewer in prog/htmlviewer.c in Leptonica before 1.75.3. Unsanitized input (rootname) can overflow a buffer, leading potentially to arbitrary code execution or possibly unspecified other impact.
19 CVE-2018-7226 190 Overflow 2018-02-19 2019-08-09
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in vcSetXCutTextProc() in VNConsole.c in LinuxVNC and VNCommand from the LibVNC/vncterm distribution through 0.9.10. Missing sanitization of the client-specified message length may cause integer overflow or possibly have unspecified other impact via a specially crafted VNC packet.
20 CVE-2018-7225 190 Overflow 2018-02-19 2020-10-23
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage() in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified other impact (e.g., an integer overflow) via specially crafted VNC packets.
21 CVE-2018-7186 787 DoS Overflow 2018-02-16 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
Leptonica before 1.75.3 does not limit the number of characters in a %s format argument to fscanf or sscanf, which allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a long string, as demonstrated by the gplotRead and ptaReadStream functions.
22 CVE-2018-7039 119 DoS Overflow 2018-02-14 2018-03-15
7.5
None Remote Low Not required Partial Partial Partial
CCN-lite 2.0.0 Beta allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact because the ccnl_ndntlv_prependBlob function in ccnl-pkt-ndntlv.c can be called with wrong arguments. Specifically, there is an incorrect integer data type causing a negative third argument in some cases of crafted TLV data with inconsistent length information.
23 CVE-2018-6953 119 Overflow 2018-02-13 2018-03-16
7.5
None Remote Low Not required Partial Partial Partial
In CCN-lite 2, the Parser of NDNTLV does not verify whether a certain component's length field matches the actual component length, which has a resultant buffer overflow and out-of-bounds memory accesses.
24 CVE-2018-6948 119 Overflow 2018-02-13 2018-03-16
7.5
None Remote Low Not required Partial Partial Partial
In CCN-lite 2, the function ccnl_prefix_to_str_detailed can cause a buffer overflow, when writing a prefix to the buffer buf. The maximal size of the prefix is CCNL_MAX_PREFIX_SIZE; the buffer has the size CCNL_MAX_PREFIX_SIZE. However, when NFN is enabled, additional characters are written to the buffer (e.g., the "NFN" and "R2C" tags). Therefore, sending an NFN-R2C packet with a prefix of size CCNL_MAX_PREFIX_SIZE can cause an overflow of buf inside ccnl_prefix_to_str_detailed.
25 CVE-2018-6927 190 DoS Overflow 2018-02-12 2019-03-06
4.6
None Local Low Not required Partial Partial Partial
The futex_requeue function in kernel/futex.c in the Linux kernel before 4.14.15 might allow attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact by triggering a negative wake or requeue value.
26 CVE-2018-6892 119 Exec Code Overflow 2018-02-11 2020-10-06
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in CloudMe before 1.11.0. An unauthenticated remote attacker that can connect to the "CloudMe Sync" client application listening on port 8888 can send a malicious payload causing a buffer overflow condition. This will result in an attacker controlling the program's execution flow and allowing arbitrary code execution.
27 CVE-2018-6876 119 DoS Overflow 2018-02-09 2018-03-08
4.3
None Remote Medium Not required None None Partial
The OLEProperty class in ole/oleprop.cpp in libfpx 1.3.1-10, as used in ImageMagick 7.0.7-22 Q16 and other products, allows remote attackers to cause a denial of service (stack-based buffer under-read) via a crafted bmp image.
28 CVE-2018-6799 119 DoS Overflow 2018-02-07 2019-06-30
6.8
None Remote Medium Not required Partial Partial Partial
The AcquireCacheNexus function in magick/pixel_cache.c in GraphicsMagick before 1.3.28 allows remote attackers to cause a denial of service (heap overwrite) or possibly have unspecified other impact via a crafted image file, because a pixel staging area is not used.
29 CVE-2018-6789 119 Exec Code Overflow 2018-02-08 2021-06-03
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely.
30 CVE-2018-6758 787 Overflow 2018-02-06 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
The uwsgi_expand_path function in core/utils.c in Unbit uWSGI through 2.0.15 has a stack-based buffer overflow via a large directory length.
31 CVE-2018-6640 787 Exec Code Overflow 2018-02-28 2021-05-27
7.5
None Remote Low Not required Partial Partial Partial
A Heap Overflow (Remote Code Execution) issue was discovered in Design Science MathType 6.9c. Crafted input can modify the next pointer of a linked list. This is fixed in 6.9d.
32 CVE-2018-6638 787 Exec Code Overflow 2018-02-28 2021-05-27
7.5
None Remote Low Not required Partial Partial Partial
A stack-based buffer overflow (Remote Code Execution) issue was discovered in Design Science MathType 6.9c. This occurs in a function call in which the first argument is a corrupted offset value and the second argument is a stack buffer. This is fixed in 6.9d.
33 CVE-2018-6543 190 DoS Overflow 2018-02-02 2019-10-31
6.8
None Remote Medium Not required Partial Partial Partial
In GNU Binutils 2.30, there's an integer overflow in the function load_specific_debug_section() in objdump.c, which results in `malloc()` with 0 size. A crafted ELF file allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
34 CVE-2018-6537 119 Exec Code Overflow 2018-02-02 2018-02-15
7.5
None Remote Low Not required Partial Partial Partial
A buffer overflow vulnerability in the control protocol of Flexense SyncBreeze Enterprise v10.4.18 allows remote attackers to execute arbitrary code by sending a crafted packet to TCP port 9121.
35 CVE-2018-6485 787 Overflow 2018-02-01 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption.
36 CVE-2018-6481 119 Exec Code Overflow 2018-02-27 2020-09-22
7.5
None Remote Low Not required Partial Partial Partial
A buffer overflow vulnerability in the control protocol of Disk Savvy Enterprise v10.4.18 allows remote attackers to execute arbitrary code by sending a crafted packet to TCP port 9124.
37 CVE-2018-5796 119 Overflow 2018-02-05 2018-02-22
9.0
None Remote Low ??? Complete Complete Complete
An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is a Hidden Root Shell by entering the administrator password in conjunction with the 'service start-shell' CLI command.
38 CVE-2018-5793 787 Overflow 2018-02-05 2020-08-24
4.3
None Remote Medium Not required None None Partial
An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is a Remote, Unauthenticated Heap Overflow in the HSD Process over the MINT (Media Independent Tunnel) Protocol on the WiNG Access Point via crafted packets.
39 CVE-2018-5792 787 Overflow 2018-02-05 2020-08-24
4.3
None Remote Medium Not required None None Partial
An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is a Remote, Unauthenticated Heap Overflow in the HSD Process over the MINT (Media Independent Tunnel) Protocol on the WiNG Access Point via crafted packets.
40 CVE-2018-5791 787 Overflow 2018-02-05 2020-08-24
4.3
None Remote Medium Not required None None Partial
An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is a Remote, Unauthenticated Heap Overflow in the HSD Process over the MINT (Media Independent Tunnel) Protocol on the WiNG Access Point via crafted packets.
41 CVE-2018-5790 119 DoS Overflow 2018-02-05 2018-02-22
2.9
None Local Network Medium Not required None None Partial
An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is Remote, Unauthenticated "Global" Denial of Service in the RIM (Radio Interface Module) over the MINT (Media Independent Tunnel) Protocol on the WiNG Access Point via crafted packets.
42 CVE-2018-5788 119 DoS Overflow 2018-02-05 2018-02-22
5.0
None Remote Low Not required None None Partial
An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is a Remote, Unauthenticated Denial of Service in the RIM (Radio Interface Module) process running on the WiNG Access Point via crafted packets.
43 CVE-2018-5787 787 Overflow 2018-02-05 2020-08-24
5.0
None Remote Low Not required None None Partial
An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is a Remote, Unauthenticated Stack Overflow in the RIM (Radio Interface Module) process running on the WiNG Access Point via crafted packets.
44 CVE-2018-5475 787 Exec Code Overflow 2018-02-19 2020-09-18
7.5
None Remote Low Not required Partial Partial Partial
A Stack-based Buffer Overflow issue was discovered in GE D60 Line Distance Relay devices running firmware Version 7.11 and prior. Multiple stack-based buffer overflow vulnerabilities have been identified, which may allow remote code execution.
45 CVE-2018-5473 119 Exec Code Overflow 2018-02-19 2021-08-18
10.0
None Remote Low Not required Complete Complete Complete
An Improper Restriction of Operations within the Bounds of a Memory Buffer issue was discovered in GE D60 Line Distance Relay devices running firmware Version 7.11 and prior. The SSH functions of the device are vulnerable to buffer overflow conditions that may allow a remote attacker to execute arbitrary code on the device.
46 CVE-2018-5442 787 Exec Code Overflow 2018-02-05 2020-09-18
7.5
None Remote Low Not required Partial Partial Partial
A Stack-based Buffer Overflow issue was discovered in Fuji Electric V-Server VPR 4.0.1.0 and prior. The stack-based buffer overflow vulnerability has been identified, which may allow remote code execution.
47 CVE-2018-5440 787 Exec Code Overflow 2018-02-15 2020-09-18
7.5
None Remote Low Not required Partial Partial Partial
A Stack-based Buffer Overflow issue was discovered in 3S-Smart CODESYS Web Server. Specifically: all Microsoft Windows (also WinCE) based CODESYS web servers running stand-alone Version 2.3, or as part of the CODESYS runtime system running prior to Version V1.1.9.19. A crafted request may cause a buffer overflow and could therefore execute arbitrary code on the web server or lead to a denial-of-service condition due to a crash in the web server.
48 CVE-2018-5378 119 Overflow 2018-02-19 2019-10-09
4.9
None Remote Medium ??? Partial None Partial
The Quagga BGP daemon (bgpd) prior to version 1.2.3 does not properly bounds check the data sent with a NOTIFY to a peer, if an attribute length is invalid. Arbitrary data from the bgpd process may be sent over the network to a peer and/or bgpd may crash.
49 CVE-2018-4910 787 Overflow 2018-02-27 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability is an instance of a heap overflow vulnerability in the JavaScript engine. The vulnerability is triggered by a PDF file with crafted JavaScript code that manipulates the optional content group (OCG). A successful attack can lead to code corruption, control-flow hijack, or a code re-use attack.
50 CVE-2018-4904 787 Exec Code Overflow 2018-02-27 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability is an instance of a heap overflow vulnerability. The vulnerability is triggered by crafted TIFF data within an XPS file, which causes an out of bounds memory access. An attacker can potentially leverage the vulnerability to corrupt sensitive data or execute arbitrary code.
Total number of vulnerabilities : 132   Page : 1 (This Page)2 3
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.