The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date | Fixed Release |
---|---|---|---|---|
CVE-2018-8883 | Netwide Assembler (NASM) 2.13.02rc2 has a buffer over-read in the parse_line function in asm/parser.c via uncontrolled access to nasm_reg_flags. | MEDIUM | Mar 20, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-8905 | In LibTIFF 4.0.9, a heap-based buffer overflow occurs in the function LZWDecodeCompat in tif_lzw.c via a crafted TIFF file, as demonstrated by tiff2ps. | MEDIUM | Mar 22, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2017-18207 | ** DISPUTED ** The Wave_read._read_fmt_chunk function in Lib/wave.py in Python through 3.6.4 does not ensure a nonzero channel value, which allows attackers to cause a denial of service (divide-by-zero and exception) via a crafted wav format audio file. NOTE: the vendor disputes this issue because Python applications need to be prepared to handle a wide variety of exceptions. | MEDIUM | Mar 23, 2018 | 10.18.44.14 (Wind River Linux LTS 18) |
CVE-2018-8779 | In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, the UNIXServer.open and UNIXSocket.open methods are not checked for null characters. It may be connected to an unintended socket. | MEDIUM | Apr 3, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-8780 | In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, the Dir.open, Dir.new, Dir.entries and Dir.empty? methods do not check NULL characters. When using the corresponding method, unintentional directory traversal may be performed. | HIGH | Apr 3, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-9251 | The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035. | LOW | Apr 3, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-1000156 | GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITOR_PROGRAM invocation (using ed) can result in code execution. This attack appear to be exploitable via a patch file processed via the patch utility. This is similar to FreeBSD\'s CVE-2015-1418 however although they share a common ancestry the code bases have diverged over time. | MEDIUM | Apr 6, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-8777 | In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, an attacker can pass a large HTTP request with a crafted header to WEBrick server or a crafted body to WEBrick server/handler and cause a denial of service (memory consumption). | MEDIUM | Apr 6, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-8778 | In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, an attacker controlling the unpacking format (similar to format string vulnerabilities) can trigger a buffer under-read in the String#unpack method, resulting in a massive and controlled information disclosure. | MEDIUM | Apr 10, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-10016 | Netwide Assembler (NASM) 2.14rc0 has a division-by-zero vulnerability in the expr5 function in asm/eval.c via a malformed input file. | MEDIUM | Apr 11, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-1088 | A privilege escalation flaw was found in gluster 3.x snapshot scheduler. Any gluster client allowed to mount gluster volumes could also mount shared gluster storage volume and escalate privileges by scheduling malicious cronjob via symlink. | MEDIUM | Apr 19, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-10194 | The set_text_distance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does not prevent overflows in text-positioning calculation, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document. | MEDIUM | Apr 20, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-10254 | Netwide Assembler (NASM) 2.13 has a stack-based buffer over-read in the disasm function of the disasm/disasm.c file. Remote attackers could leverage this vulnerability to cause a denial of service or possibly have unspecified other impact via a crafted ELF file. | MEDIUM | Apr 21, 2018 | 10.18.44.5 (Wind River Linux LTS 18) |
CVE-2018-10316 | Netwide Assembler (NASM) 2.14rc0 has an endless while loop in the assemble_file function of asm/nasm.c because of a globallineno integer overflow. | MEDIUM | Apr 23, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2017-6888 | An error in the read_metadata_vorbiscomment_() function (src/libFLAC/stream_decoder.c) in FLAC version 1.3.2 can be exploited to cause a memory leak via a specially crafted FLAC file. | MEDIUM | Apr 25, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-10392 | mapping0_forward in mapping0.c in Xiph.Org libvorbis 1.3.6 does not validate the number of channels, which allows remote attackers to cause a denial of service (heap-based buffer overflow or over-read) or possibly have unspecified other impact via a crafted file. | MEDIUM | Apr 26, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-10393 | bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a stack-based buffer over-read. | MEDIUM | Apr 26, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-10689 | blktrace (aka Block IO Tracing) 1.2.0, as used with the Linux kernel and Android, has a buffer overflow in the dev_map_read function in btt/devmap.c because the device and devno arrays are too small, as demonstrated by an invalid free when using the btt program with a crafted file. | MEDIUM | May 3, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-10963 | The TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF through 4.0.9 allows remote attackers to cause a denial of service (assertion failure and application crash) via a crafted file, a different vulnerability than CVE-2017-13726. | MEDIUM | May 9, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2017-18269 | An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in corrupt data being produced by the copy operation. This may disclose information to context-dependent attackers, or result in a denial of service, or, possibly, code execution. | HIGH | May 18, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-3640 | Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue System Register Read (RSRE), Variant 3a. | MEDIUM | May 22, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-1000300 | curl version curl 7.54.1 to and including curl 7.59.0 contains a CWE-122: Heap-based Buffer Overflow vulnerability in denial of service and more that can result in curl might overflow a heap based memory buffer when closing down an FTP connection with very long server command replies.. This vulnerability appears to have been fixed in curl < 7.54.1 and curl >= 7.60.0. | HIGH | May 25, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-1000301 | curl version curl 7.20.0 to and including curl 7.59.0 contains a CWE-126: Buffer Over-read vulnerability in denial of service that can result in curl can be tricked into reading data beyond the end of a heap based buffer used to store downloaded RTSP content.. This vulnerability appears to have been fixed in curl < 7.20.0 and curl >= 7.60.0. | MEDIUM | May 25, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-3639 | Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. | MEDIUM | May 26, 2018 | 10.18.44.4 (Wind River Linux LTS 18) |
CVE-2018-5146 | An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest. This vulnerability affects Firefox < 59.0.1, Firefox ESR < 52.7.2, and Thunderbird < 52.7. | MEDIUM | May 26, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-11233 | In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, code to sanity-check pathnames on NTFS can result in reading out-of-bounds memory. | MEDIUM | May 30, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-11439 | The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLib 1.11.1 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted audio file. | MEDIUM | May 30, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-10360 | The do_core_note function in readelf.c in libmagic.a in file 5.33 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file. | MEDIUM | Jun 11, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-12015 | In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name. | MEDIUM | Jun 12, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-11806 | m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams. | HIGH | Jun 13, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-1152 | libjpeg-turbo 1.5.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted BMP image. | MEDIUM | Jun 18, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-10841 | glusterfs is vulnerable to privilege escalation on gluster server nodes. An authenticated gluster client via TLS could use gluster cli with --remote-host command to add it self to trusted storage pool and perform privileged gluster operations like adding other machines to trusted storage pool, start, stop, and delete volumes. | MEDIUM | Jun 20, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-12641 | An issue was discovered in arm_pt in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_arm_hp_template, demangle_class_name, demangle_fund_type, do_type, do_arg, demangle_args, and demangle_nested_args. This can occur during execution of nm-new. | MEDIUM | Jun 22, 2018 | 10.18.44.3 (Wind River Linux LTS 18) |
CVE-2018-12700 | ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. | MEDIUM | Jun 23, 2018 | 10.18.44.3 (Wind River Linux LTS 18) |
CVE-2018-12699 | finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. This can occur during execution of objdump. | HIGH | Jun 23, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-12698 | demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM) during the Create an array for saving the template argument values XNEWVEC call. This can occur during execution of objdump. | MEDIUM | Jun 23, 2018 | 10.18.44.3 (Wind River Linux LTS 18) |
CVE-2018-12697 | A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. This can occur during execution of objdump. | MEDIUM | Jun 23, 2018 | 10.18.44.3 (Wind River Linux LTS 18) |
CVE-2018-12900 | Heap-based buffer overflow in the cpSeparateBufToContigBuf function in tiffcp.c in LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0beta7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via a crafted TIFF file. | MEDIUM | Jun 26, 2018 | 10.18.44.6 (Wind River Linux LTS 18) |
CVE-2018-10852 | The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD has too wide permissions, which means that anyone who can send a message using the same raw protocol that sudo and SSSD use can read the sudo rules available for any user. This affects versions of SSSD before 1.16.3. | MEDIUM | Jun 26, 2018 | 10.18.44.15 (Wind River Linux LTS 18) |
CVE-2018-1000205 | U-Boot contains a CWE-20: Improper Input Validation vulnerability in Verified boot signature validation that can result in Bypass verified boot. This attack appear to be exploitable via Specially crafted FIT image and special device memory functionality. | MEDIUM | Jun 26, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-13139 | A stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted audio file. The vulnerability can be triggered by the executable sndfile-deinterleave. | MEDIUM | Jul 4, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-13053 | The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because ktime_add_safe is not used. | MEDIUM | Jul 6, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-12910 | The get_cookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified impact via an empty hostname. | HIGH | Jul 7, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-13419 | ** DISPUTED ** An issue has been found in libsndfile 1.0.28. There is a memory leak in psf_allocate in common.c, as demonstrated by sndfile-convert. NOTE: The maintainer and third parties were unable to reproduce and closed the issue. | MEDIUM | Jul 7, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-10861 | A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete, create ceph storage pools and corrupt snapshot images. Ceph branches master, mimic, luminous and jewel are believed to be affected. | MEDIUM | Jul 10, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-1128 | It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to ceph cluster network who is able to sniff packets on network can use this vulnerability to authenticate with ceph service and perform actions allowed by ceph service. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable. | MEDIUM | Jul 10, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-1129 | A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable. | LOW | Jul 10, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-3693 | Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis. | MEDIUM | Jul 10, 2018 | 10.18.44.4 (Wind River Linux LTS 18) |
CVE-2018-0500 | Curl_smtp_escape_eob in lib/smtp.c in curl 7.54.1 to and including curl 7.60.0 has a heap-based buffer overflow that might be exploitable by an attacker who can control the data that curl transmits over SMTP with certain settings (i.e., use of a nonstandard --limit-rate argument or CURLOPT_BUFFERSIZE value). | HIGH | Jul 12, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-14048 | An issue has been found in libpng 1.6.34. It is a SEGV in the function png_free_data in png.c, related to the recommended error handling for png_read_image. | MEDIUM | Jul 13, 2018 | 10.18.44.8 (Wind River Linux LTS 18) |