CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In September 2018(Overflow)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2018-1000667 119 Overflow Mem. Corr. 2018-09-06 2020-07-13
4.3
None Remote Medium Not required None None Partial
NASM nasm-2.13.03 nasm- 2.14rc15 version 2.14rc15 and earlier contains a memory corruption (crashed) of nasm when handling a crafted file due to function assemble_file(inname, depend_ptr) at asm/nasm.c:482. vulnerability in function assemble_file(inname, depend_ptr) at asm/nasm.c:482. that can result in aborting/crash nasm program. This attack appear to be exploitable via a specially crafted asm file..
2 CVE-2018-1000663 119 Exec Code Overflow 2018-09-06 2018-10-25
4.3
None Remote Medium Not required None None Partial
jsish version 2.4.70 2.047 contains a Buffer Overflow vulnerability in function _jsi_evalcode from jsiEval.c that can result in Crash due to segmentation fault. This attack appear to be exploitable via The victim must execute crafted javascript code.
3 CVE-2018-17795 787 DoS Overflow 2018-09-30 2020-10-16
6.8
None Remote Medium Not required Partial Partial Partial
The function t2p_write_pdf in tiff2pdf.c in LibTIFF 4.0.9 and earlier allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, a similar issue to CVE-2017-9935.
4 CVE-2018-17570 190 Overflow Mem. Corr. 2018-09-26 2018-11-26
7.5
None Remote Low Not required Partial Partial Partial
utils/ut_ws_svr.c in ViaBTC Exchange Server before 2018-08-21 has an integer overflow leading to memory corruption.
5 CVE-2018-17569 190 Overflow Mem. Corr. 2018-09-26 2018-11-26
7.5
None Remote Low Not required Partial Partial Partial
network/nw_buf.c in ViaBTC Exchange Server before 2018-08-21 has an integer overflow leading to memory corruption.
6 CVE-2018-17568 190 Overflow Mem. Corr. 2018-09-26 2018-11-20
7.5
None Remote Low Not required Partial Partial Partial
utils/ut_rpc.c in ViaBTC Exchange Server before 2018-08-21 has an integer overflow leading to memory corruption.
7 CVE-2018-17439 787 Overflow 2018-09-24 2020-08-24
4.3
None Remote Medium Not required None None Partial
An issue was discovered in the HDF HDF5 1.10.3 library. There is a stack-based buffer overflow in the function H5S_extent_get_dims() in H5S.c. Specifically, this issue occurs while converting an HDF5 file to a GIF file.
8 CVE-2018-17433 787 DoS Overflow 2018-09-24 2020-08-24
4.3
None Remote Medium Not required None None Partial
A heap-based buffer overflow in ReadGifImageDesc() in gifread.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while converting a GIF file to an HDF file.
9 CVE-2018-17407 119 Exec Code Overflow 2018-09-23 2018-11-15
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in t1_check_unusual_charstring functions in writet1.c files in TeX Live before 2018-09-21. A buffer overflow in the handling of Type 1 fonts allows arbitrary code execution when a malicious font is loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex.
10 CVE-2018-17359 119 DoS Overflow 2018-09-23 2019-10-31
4.3
None Remote Medium Not required None None Partial
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in bfd_zalloc in opncls.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file.
11 CVE-2018-17358 119 DoS Overflow 2018-09-23 2019-10-31
4.3
None Remote Medium Not required None None Partial
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in _bfd_stab_section_find_nearest_line in syms.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file.
12 CVE-2018-17338 787 Overflow 2018-09-23 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
An issue has been found in pdfalto through 0.2. It is a heap-based buffer overflow in the function TextPage::dump in XmlAltoOutputDev.cc.
13 CVE-2018-17334 787 DoS Overflow 2018-09-22 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in libsvg2 through 2012-10-19. A stack-based buffer overflow in the svgGetNextPathField function in svg_string.c allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact because a strncpy copy limit is miscalculated.
14 CVE-2018-17333 787 DoS Overflow 2018-09-22 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in libsvg2 through 2012-10-19. A stack-based buffer overflow in svgStringToLength in svg_types.c allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact because sscanf is misused.
15 CVE-2018-17230 787 DoS Overflow 2018-09-19 2020-08-24
4.3
None Remote Medium Not required None None Partial
Exiv2::ul2Data in types.cpp in Exiv2 v0.26 allows remote attackers to cause a denial of service (heap-based buffer overflow) via a crafted image file.
16 CVE-2018-17229 787 DoS Overflow 2018-09-19 2020-08-24
4.3
None Remote Medium Not required None None Partial
Exiv2::d2Data in types.cpp in Exiv2 v0.26 allows remote attackers to cause a denial of service (heap-based buffer overflow) via a crafted image file.
17 CVE-2018-17182 416 Overflow +Priv 2018-09-19 2019-03-05
7.2
None Local Low Not required Complete Complete Complete
An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations.
18 CVE-2018-17174 787 DoS Exec Code Overflow 2018-09-21 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
A stack-based buffer overflow was discovered in the xtimor NMEA library (aka nmealib) 0.5.3. nmea_parse() in parser.c allows an attacker to trigger denial of service (even arbitrary code execution in a certain context) in a product using this library via malformed data.
19 CVE-2018-17143 119 Overflow 2018-09-17 2020-08-24
5.0
None Remote Low Not required None None Partial
The html package (aka x/net/html) through 2018-09-17 in Go mishandles <template><tBody><isindex/action=0>, leading to a "panic: runtime error" in inBodyIM in parse.go during an html.Parse call.
20 CVE-2018-17106 119 Overflow 2018-09-16 2018-11-28
6.4
None Remote Low Not required None Partial Partial
In Tinyftp Tinyftpd 1.1, a buffer overflow exists in the text variable of the do_mkd function in the ftpproto.c file. An attacker can overwrite ebp via a long pathname.
21 CVE-2018-17100 190 DoS Overflow 2018-09-16 2019-03-21
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in LibTIFF 4.0.9. There is a int32 overflow in multiply_ms in tools/ppm2tiff.c, which can cause a denial of service (crash) or possibly have unspecified other impact via a crafted image file.
22 CVE-2018-17095 787 Overflow 2018-09-16 2021-02-09
6.8
None Remote Medium Not required Partial Partial Partial
An issue has been discovered in mpruett Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0. A heap-based buffer overflow in Expand3To4Module::run has occurred when running sfconvert.
23 CVE-2018-17088 190 Overflow 2018-09-16 2019-12-31
6.8
None Remote Medium Not required Partial Partial Partial
The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may allow a remote attacker to cause a denial-of-service attack or unspecified other impact via a malicious JPEG file, because there is an integer overflow during a check for whether a location exceeds the EXIF data length. This is analogous to the CVE-2016-3822 integer overflow in exif.c. This gpsinfo.c vulnerability is unrelated to the CVE-2018-16554 gpsinfo.c vulnerability.
24 CVE-2018-17076 119 Overflow 2018-09-16 2018-11-08
6.8
None Remote Medium Not required Partial Partial Partial
GPP through 2.25 will try to use more memory space than is available on the stack, leading to a segmentation fault or possibly unspecified other impact via a crafted file.
25 CVE-2018-17067 787 Overflow 2018-09-15 2020-08-24
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. A very long password to /goform/formLogin could lead to a stack-based buffer overflow and overwrite the return address.
26 CVE-2018-17065 787 Overflow 2018-09-15 2020-08-24
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. Within the handler function of the /goform/DDNS route, a very long password could lead to a stack-based buffer overflow and overwrite the return address.
27 CVE-2018-17050 190 Overflow 2018-09-21 2018-11-09
5.0
None Remote Low Not required None Partial None
The mintToken function of a smart contract implementation for PolyAi (AI), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
28 CVE-2018-17043 787 Overflow 2018-09-14 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
An issue has been found in doc2txt through 2014-03-19. It is a heap-based buffer overflow in the function Storage::init in Storage.cpp, called from parse_doc in parse_doc.cpp.
29 CVE-2018-17022 787 DoS Overflow 2018-09-13 2020-08-24
8.0
None Remote Low ??? Partial Partial Complete
Stack-based buffer overflow on the ASUS GT-AC5300 router through 3.0.0.4.384_32738 allows remote attackers to cause a denial of service (device crash) or possibly have unspecified other impact by setting a long sh_path0 value and then sending an appGet.cgi?hook=select_list("Storage_x_SharedPath") request, because ej_select_list in router/httpd/web.c uses strcpy.
30 CVE-2018-16981 787 Overflow 2018-09-12 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
stb stb_image.h 2.19, as used in catimg, Emscripten, and other products, has a heap-based buffer overflow in the stbi__out_gif_code function.
31 CVE-2018-16797 787 Exec Code Overflow 2018-09-10 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
A heap-based buffer overflow in PotPlayerMini.exe in PotPlayer 1.7.8556 allows remote attackers to execute arbitrary code via a .wav file with large BytesPerSec and SamplesPerSec values, and a small Data_Chunk_Size value.
32 CVE-2018-16782 119 Overflow 2018-09-10 2018-11-14
6.8
None Remote Medium Not required Partial Partial Partial
libimageworsener.a in ImageWorsener 1.3.2 has a buffer overflow in the bmpr_read_rle_internal function in imagew-bmp.c.
33 CVE-2018-16768 119 DoS Overflow 2018-09-10 2018-11-01
6.8
None Remote Medium Not required Partial Partial Partial
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because of an unspecified "heap-buffer-overflow" condition in IR::FunctionValidationContext::end.
34 CVE-2018-16767 119 DoS Overflow 2018-09-10 2018-11-01
6.8
None Remote Medium Not required Partial Partial Partial
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because of an unspecified "heap-buffer-overflow" condition in FunctionValidationContext::popAndValidateOperand.
35 CVE-2018-16765 119 DoS Overflow 2018-09-10 2018-10-31
6.8
None Remote Medium Not required Partial Partial Partial
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because of an unspecified "heap-buffer-overflow" condition in FunctionValidationContext::else_.
36 CVE-2018-16745 119 Overflow 2018-09-13 2018-11-01
4.6
None Local Low Not required Partial Partial Partial
An issue was discovered in mgetty before 1.2.1. In fax_notify_mail() in faxrec.c, the mail_to parameter is not sanitized. It could allow a buffer overflow if long untrusted input can reach it.
37 CVE-2018-16743 787 Overflow 2018-09-13 2020-08-24
4.6
None Local Low Not required Partial Partial Partial
An issue was discovered in mgetty before 1.2.1. In contrib/next-login/login.c, the command-line parameter username is passed unsanitized to strcpy(), which can cause a stack-based buffer overflow.
38 CVE-2018-16742 787 Overflow 2018-09-13 2020-08-24
4.6
None Local Low Not required Partial Partial Partial
An issue was discovered in mgetty before 1.2.1. In contrib/scrts.c, a stack-based buffer overflow can be triggered via a command-line parameter.
39 CVE-2018-16713 119 Overflow 2018-09-26 2018-12-27
6.8
None Remote Low ??? Complete None None
IObit Advanced SystemCare, which includes Monitor_win10_x64.sys or Monitor_win7_x64.sys, 1.2.0.5 (and possibly earlier versions) allows a user to send an IOCTL (0x9C402084) with a buffer containing user defined content. The driver's subroutine will execute a rdmsr instruction with the user's buffer for input, and provide output from the instruction.
40 CVE-2018-16711 119 Overflow 2018-09-26 2018-12-11
6.5
None Remote Low ??? Partial Partial Partial
IObit Advanced SystemCare, which includes Monitor_win10_x64.sys or Monitor_win7_x64.sys, 1.2.0.5 (and possibly earlier versions) allows a user to send an IOCTL (0x9C402088) with a buffer containing user defined content. The driver's subroutine will execute a wrmsr instruction with the user's buffer for input.
41 CVE-2018-16666 787 Overflow 2018-09-07 2020-08-24
4.6
None Local Low Not required Partial Partial Partial
An issue was discovered in Contiki-NG through 4.1. There is a stack-based buffer overflow in next_string in os/storage/antelope/aql-lexer.c while parsing AQL (parsing next string).
42 CVE-2018-16665 119 Overflow 2018-09-07 2018-10-26
3.6
None Local Low Not required None Partial Partial
An issue was discovered in Contiki-NG through 4.1. There is a buffer overflow while parsing AQL in lvm_shift_for_operator in os/storage/antelope/lvm.c.
43 CVE-2018-16664 119 Overflow 2018-09-07 2018-10-26
4.4
None Local Medium Not required Partial Partial Partial
An issue was discovered in Contiki-NG through 4.1. There is a buffer overflow in lvm_set_type in os/storage/antelope/lvm.c while parsing AQL (lvm_set_op, lvm_set_relation, lvm_set_operand).
44 CVE-2018-16663 787 Overflow 2018-09-07 2020-08-24
4.6
None Local Low Not required Partial Partial Partial
An issue was discovered in Contiki-NG through 4.1. There is a stack-based buffer overflow in parse_relations in os/storage/antelope/aql-parser.c while parsing AQL (storage of relations).
45 CVE-2018-16647 119 DoS Overflow 2018-09-06 2020-07-26
4.3
None Remote Medium Not required None None Partial
In Artifex MuPDF 1.13.0, the pdf_get_xref_entry function in pdf/pdf-xref.c allows remote attackers to cause a denial of service (segmentation fault in fz_write_data in fitz/output.c) via a crafted pdf file.
46 CVE-2018-16644 119 DoS Overflow 2018-09-06 2020-08-24
4.3
None Remote Medium Not required None None Partial
There is a missing check for length in the functions ReadDCMImage of coders/dcm.c and ReadPICTImage of coders/pict.c in ImageMagick 7.0.8-11, which allows remote attackers to cause a denial of service via a crafted image.
47 CVE-2018-16585 119 Overflow Mem. Corr. 2018-09-06 2019-10-09
6.8
None Remote Medium Not required Partial Partial Partial
** DISPUTED ** An issue was discovered in Artifex Ghostscript before 9.24. The .setdistillerkeys PostScript command is accepted even though it is not intended for use during document processing (e.g., after the startup phase). This leads to memory corruption, allowing remote attackers able to supply crafted PostScript to crash the interpreter or possibly have unspecified other impact. Note: A reputable source believes that the CVE is potentially a duplicate of CVE-2018-15910 as explained in Red Hat bugzilla (https://bugzilla.redhat.com/show_bug.cgi?id=1626193).
48 CVE-2018-16510 119 Overflow 2018-09-05 2019-03-11
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Artifex Ghostscript before 9.24. Incorrect exec stack handling in the "CS" and "SC" PDF primitives could be used by remote attackers able to supply crafted PDFs to crash the interpreter or possibly have unspecified other impact.
49 CVE-2018-16435 787 Overflow 2018-09-04 2021-05-26
4.3
None Remote Medium Not required None None Partial
Little CMS (aka Little Color Management System) 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile.
50 CVE-2018-16422 119 DoS Overflow 2018-09-04 2019-08-06
4.6
None Local Low Not required Partial Partial Partial
A single byte buffer overflow when handling responses from an esteid Card in sc_pkcs15emu_esteid_init in libopensc/pkcs15-esteid.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact.
Total number of vulnerabilities : 147   Page : 1 (This Page)2 3
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.