The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date | Fixed Release |
|---|---|---|---|---|
| CVE-2018-14665 | A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate their privileges and run arbitrary code under root privileges. | HIGH | Oct 26, 2018 | 10.18.44.3 (Wind River Linux LTS 18) |
| CVE-2018-15686 | A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. Affected releases are systemd versions up to and including 239. | HIGH | Oct 26, 2018 | 10.18.44.3 (Wind River Linux LTS 18) |
| CVE-2018-15687 | A race condition in chown_one() of systemd allows an attacker to cause systemd to set arbitrary permissions on arbitrary files. Affected releases are systemd versions up to and including 239. | LOW | Oct 26, 2018 | 10.18.44.3 (Wind River Linux LTS 18) |
| CVE-2018-15688 | A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. Affected releases are systemd: versions up to and including 239. | HIGH | Oct 26, 2018 | 10.18.44.3 (Wind River Linux LTS 18) |
| CVE-2018-18661 | An issue was discovered in LibTIFF 4.0.9. There is a NULL pointer dereference in the function LZWDecode in the file tif_lzw.c. | MEDIUM | Oct 26, 2018 | 10.18.44.3 (Wind River Linux LTS 18) |
| CVE-2018-5741 | To provide fine-grained controls over the ability to use Dynamic DNS (DDNS) to update records in a zone, BIND 9 provides a feature called update-policy. Various rules can be configured to limit the types of updates that can be performed by a client, depending on the key used when sending the update request. Unfortunately, some rule types were not initially documented, and when documentation for them was added to the Administrator Reference Manual (ARM) in change #3112, the language that was added to the ARM at that time incorrectly described the behavior of two rule types, krb5-subdomain and ms-subdomain. This incorrect documentation could mislead operators into believing that policies they had configured were more restrictive than they actually were. This affects BIND versions prior to BIND 9.11.5 and BIND 9.12.3. | MEDIUM | Oct 26, 2018 | 10.18.44.24 (Wind River Linux LTS 18) |
| CVE-2018-18605 | A heap-based buffer over-read issue was discovered in the function sec_merge_hash_lookup in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, because _bfd_add_merge_section mishandles section merges when size is not a multiple of entsize. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld. | MEDIUM | Oct 23, 2018 | 10.18.44.3 (Wind River Linux LTS 18) |
| CVE-2018-18606 | An issue was discovered in the merge_strings function in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in _bfd_add_merge_section when attempting to merge sections with large alignments. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld. | MEDIUM | Oct 23, 2018 | 10.18.44.3 (Wind River Linux LTS 18) |
| CVE-2018-18607 | An issue was discovered in elf_link_input_bfd in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in elf_link_input_bfd when used for finding STT_TLS symbols without any TLS section. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld. | MEDIUM | Oct 23, 2018 | 10.18.44.3 (Wind River Linux LTS 18) |
| CVE-2018-18557 | LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 (with JBIG enabled) decodes arbitrarily-sized JBIG into a buffer, ignoring the buffer size, which leads to a tif_jbig.c JBIGDecode out-of-bounds write. | MEDIUM | Oct 22, 2018 | 10.18.44.3 (Wind River Linux LTS 18) |
| CVE-2018-18284 | Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving the 1Policy operator. | HIGH | Oct 19, 2018 | 10.18.44.4 (Wind River Linux LTS 18) |
| CVE-2018-18520 | An Invalid Memory Address Dereference exists in the function elf_end in libelf in elfutils through v0.174. Although eu-size is intended to support ar files inside ar files, handle_ar in size.c closes the outer ar file before handling all inner entries. The vulnerability allows attackers to cause a denial of service (application crash) with a crafted ELF file. | MEDIUM | Oct 19, 2018 | 10.18.44.4 (Wind River Linux LTS 18) |
| CVE-2018-18521 | Divide-by-zero vulnerabilities in the function arlib_add_symbols() in arlib.c in elfutils 0.174 allow remote attackers to cause a denial of service (application crash) with a crafted ELF file, as demonstrated by eu-ranlib, because a zero sh_entsize is mishandled. | MEDIUM | Oct 19, 2018 | 10.18.44.4 (Wind River Linux LTS 18) |
| CVE-2018-18483 | The get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service (malloc called with the result of an integer-overflowing calculation) or possibly have unspecified other impact via a crafted string, as demonstrated by c++filt. | MEDIUM | Oct 18, 2018 | 10.18.44.20 (Wind River Linux LTS 18) |
| CVE-2018-18484 | An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there is a stack consumption problem caused by recursive stack frames: cplus_demangle_type, d_bare_function_type, d_function_type. | MEDIUM | Oct 18, 2018 | 10.18.44.3 (Wind River Linux LTS 18) |
| CVE-2018-3133 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). | Medium | Oct 18, 2018 | 10.18.44.3 (Wind River Linux LTS 18) |
| CVE-2018-3174 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. While the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H). | LOW | Oct 17, 2018 | 10.18.44.3 (Wind River Linux LTS 18) |
| CVE-2018-3282 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Storage Engines). Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | Medium | Oct 17, 2018 | 10.18.44.3 (Wind River Linux LTS 18) |
| CVE-2018-10839 | Qemu emulator <= 3.0.0 built with the NE2000 NIC emulation support is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use this flaw to crash the Qemu process resulting in DoS. | MEDIUM | Oct 16, 2018 | 10.18.44.3 (Wind River Linux LTS 18) |
| CVE-2018-18384 | Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive has a crafted relationship between the compressed-size value and the uncompressed-size value, because a buffer size is 10 and is supposed to be 12. | MEDIUM | Oct 16, 2018 | 10.18.44.3 (Wind River Linux LTS 18) |
| CVE-2018-17961 | Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup. NOTE: this issue exists because of an incomplete fix for CVE-2018-17183. | MEDIUM | Oct 15, 2018 | 10.18.44.4 (Wind River Linux LTS 18) |
| CVE-2018-18073 | Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack in an error object. | MEDIUM | Oct 15, 2018 | 10.18.44.4 (Wind River Linux LTS 18) |
| CVE-2018-18309 | An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory address dereference was discovered in read_reloc in reloc.c. The vulnerability causes a segmentation fault and application crash, which leads to denial of service, as demonstrated by objdump, because of missing _bfd_clear_contents bounds checking. | MEDIUM | Oct 14, 2018 | 10.18.44.3 (Wind River Linux LTS 18) |
| CVE-2018-18310 | An invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl in elfutils through v0.174. The vulnerability allows attackers to cause a denial of service (application crash) with a crafted ELF file, as demonstrated by consider_notes. | MEDIUM | Oct 14, 2018 | 10.18.44.4 (Wind River Linux LTS 18) |
| CVE-2018-17958 | Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used. | MEDIUM | Oct 9, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
| CVE-2018-17962 | Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used. | MEDIUM | Oct 9, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
| CVE-2018-17963 | qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact. | HIGH | Oct 9, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
| CVE-2018-18074 | The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network. | MEDIUM | Oct 9, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
| CVE-2018-17456 | Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive git clone of a superproject if a .gitmodules file has a URL field beginning with a \'-\' character. | HIGH | Oct 7, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
| CVE-2018-17985 | An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption problem caused by the cplus_demangle_type function making recursive calls to itself in certain scenarios involving many \'P\' characters. | MEDIUM | Oct 4, 2018 | 10.18.44.3 (Wind River Linux LTS 18) |
| CVE-2018-17795 | The function t2p_write_pdf in tiff2pdf.c in LibTIFF 4.0.9 and earlier allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, a similar issue to CVE-2017-9935. | MEDIUM | Oct 3, 2018 | 10.18.44.2 (Wind River Linux LTS 18) |
| CVE-2018-17942 | The convert_to_decimal function in vasnprintf.c in Gnulib before 2018-09-23 has a heap-based buffer overflow because memory is not allocated for a trailing \'\\0\' character during %f processing. | MEDIUM | Oct 3, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
| CVE-2018-14647 | Python\'s elementtree C accelerator failed to initialise Expat\'s hash salt during initialization. This could make it easy to conduct denial of service attacks against Expat by constructing an XML document that would cause pathological hash collisions in Expat\'s internal data structures, consuming large amounts CPU and RAM. The vulnerability exists in Python versions 3.7.0, 3.6.0 through 3.6.6, 3.5.0 through 3.5.6, 3.4.0 through 3.4.9, 2.7.0 through 2.7.15. | MEDIUM | Sep 30, 2018 | 10.18.44.9 (Wind River Linux LTS 18) |
| CVE-2018-17794 | An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in work_stuff_copy_to_from when called from iterate_demangle_function. | MEDIUM | Sep 30, 2018 | 10.18.44.3 (Wind River Linux LTS 18) |
| CVE-2018-1000802 | Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command (\'Command Injection\') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary files on the system or entire drive. This attack appear to be exploitable via Passage of unfiltered user input to the function. This vulnerability appears to have been fixed in after commit add531a1e55b0a739b0f42582f1c9747e5649ace. | HIGH | Sep 28, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
| CVE-2018-17358 | An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in _bfd_stab_section_find_nearest_line in syms.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file. | MEDIUM | Sep 23, 2018 | 10.18.44.2 (Wind River Linux LTS 18) |
| CVE-2018-17359 | An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in bfd_zalloc in opncls.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file. | MEDIUM | Sep 23, 2018 | 10.18.44.2 (Wind River Linux LTS 18) |
| CVE-2018-17360 | An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. a heap-based buffer over-read in bfd_getl32 in libbfd.c allows an attacker to cause a denial of service through a crafted PE file. This vulnerability can be triggered by the executable objdump. | MEDIUM | Sep 23, 2018 | 10.18.44.2 (Wind River Linux LTS 18) |
| CVE-2018-17082 | The Apache2 component in PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x before 7.1.22, and 7.2.x before 7.2.10 allows XSS via the body of a Transfer-Encoding: chunked request, because the bucket brigade is mishandled in the php_handler function in sapi/apache2handler/sapi_apache2.c. | MEDIUM | Sep 16, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
| CVE-2018-17100 | An issue was discovered in LibTIFF 4.0.9. There is a int32 overflow in multiply_ms in tools/ppm2tiff.c, which can cause a denial of service (crash) or possibly have unspecified other impact via a crafted image file. | MEDIUM | Sep 16, 2018 | 10.18.44.3 (Wind River Linux LTS 18) |
| CVE-2018-17101 | An issue was discovered in LibTIFF 4.0.9. There are two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c, which can cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file. | MEDIUM | Sep 16, 2018 | 10.18.44.3 (Wind River Linux LTS 18) |
| CVE-2018-16999 | Netwide Assembler (NASM) 2.14rc15 has an invalid memory write (segmentation fault) in expand_smacro in preproc.c, which allows attackers to cause a denial of service via a crafted input file. | MEDIUM | Sep 13, 2018 | 10.18.44.5 (Wind River Linux LTS 18) |
| CVE-2018-17000 | A NULL pointer dereference in the function _TIFFmemcmp at tif_unix.c (called from TIFFWriteDirectoryTagTransferfunction) in LibTIFF 4.0.9 allows an attacker to cause a denial-of-service through a crafted tiff file. This vulnerability can be triggered by the executable tiffcp. | MEDIUM | Sep 13, 2018 | 10.18.44.15 (Wind River Linux LTS 18) |
| CVE-2018-14625 | A flaw was found in the Linux Kernel where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition between connect() and close() function may allow an attacker using the AF_VSOCK protocol to gather a 4 byte information leak or possibly intercept or corrupt AF_VSOCK messages destined to other clients. | MEDIUM | Sep 10, 2018 | 10.18.44.9 (Wind River Linux LTS 18) |
| CVE-2018-1000667 | NASM nasm-2.13.03 nasm- 2.14rc15 version 2.14rc15 and earlier contains a memory corruption (crashed) of nasm when handling a crafted file due to function assemble_file(inname, depend_ptr) at asm/nasm.c:482. vulnerability in function assemble_file(inname, depend_ptr) at asm/nasm.c:482. that can result in aborting/crash nasm program. This attack appear to be exploitable via a specially crafted asm file.. | MEDIUM | Sep 6, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
| CVE-2018-14618 | curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow. (This bug is almost identical to CVE-2017-8816.) | HIGH | Sep 6, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
| CVE-2018-10904 | It was found that glusterfs server does not properly sanitize file paths in the trusted.io-stats-dump extended attribute which is used by the debug/io-stats translator. Attacker can use this flaw to create files and execute arbitrary code. To exploit this attacker would require sufficient access to modify the extended attributes of files on a gluster volume. | MEDIUM | Sep 5, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
| CVE-2018-10907 | It was found that glusterfs server is vulnerable to multiple stack based buffer overflows due to functions in server-rpc-fopc.c allocating fixed size buffers using \'alloca(3)\'. An authenticated attacker could exploit this by mounting a gluster volume and sending a string longer that the fixed buffer size to cause crash or potential code execution. | MEDIUM | Sep 5, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
| CVE-2018-10911 | A flaw was found in the way dic_unserialize function of glusterfs does not handle negative key length values. An attacker could use this flaw to read memory from other locations into the stored dict value. | MEDIUM | Sep 5, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
| CVE-2018-10913 | An information disclosure vulnerability was discovered in glusterfs server. An attacker could issue a xattr request via glusterfs FUSE to determine the existence of any file. | MEDIUM | Sep 5, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
