The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date | Fixed Release |
---|---|---|---|---|
CVE-2018-10105 | tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2). | High | Oct 11, 2019 | 10.18.44.15 (Wind River Linux LTS 18) |
CVE-2018-10194 | The set_text_distance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does not prevent overflows in text-positioning calculation, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document. | MEDIUM | Apr 20, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-10195 | lrzsz before version 0.12.21~rc can leak information to the receiving side due to an incorrect length check in the function zsdata that causes a size_t to wrap around. | LOW | Oct 26, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-10254 | Netwide Assembler (NASM) 2.13 has a stack-based buffer over-read in the disasm function of the disasm/disasm.c file. Remote attackers could leverage this vulnerability to cause a denial of service or possibly have unspecified other impact via a crafted ELF file. | MEDIUM | Apr 21, 2018 | 10.18.44.5 (Wind River Linux LTS 18) |
CVE-2018-10316 | Netwide Assembler (NASM) 2.14rc0 has an endless while loop in the assemble_file function of asm/nasm.c because of a globallineno integer overflow. | MEDIUM | Apr 23, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-10360 | The do_core_note function in readelf.c in libmagic.a in file 5.33 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file. | MEDIUM | Jun 11, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-10392 | mapping0_forward in mapping0.c in Xiph.Org libvorbis 1.3.6 does not validate the number of channels, which allows remote attackers to cause a denial of service (heap-based buffer overflow or over-read) or possibly have unspecified other impact via a crafted file. | MEDIUM | Apr 26, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-10393 | bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a stack-based buffer over-read. | MEDIUM | Apr 26, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-10689 | blktrace (aka Block IO Tracing) 1.2.0, as used with the Linux kernel and Android, has a buffer overflow in the dev_map_read function in btt/devmap.c because the device and devno arrays are too small, as demonstrated by an invalid free when using the btt program with a crafted file. | MEDIUM | May 3, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-10839 | Qemu emulator <= 3.0.0 built with the NE2000 NIC emulation support is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use this flaw to crash the Qemu process resulting in DoS. | MEDIUM | Oct 16, 2018 | 10.18.44.3 (Wind River Linux LTS 18) |
CVE-2018-10841 | glusterfs is vulnerable to privilege escalation on gluster server nodes. An authenticated gluster client via TLS could use gluster cli with --remote-host command to add it self to trusted storage pool and perform privileged gluster operations like adding other machines to trusted storage pool, start, stop, and delete volumes. | MEDIUM | Jun 20, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-10852 | The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD has too wide permissions, which means that anyone who can send a message using the same raw protocol that sudo and SSSD use can read the sudo rules available for any user. This affects versions of SSSD before 1.16.3. | MEDIUM | Jun 26, 2018 | 10.18.44.15 (Wind River Linux LTS 18) |
CVE-2018-10861 | A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete, create ceph storage pools and corrupt snapshot images. Ceph branches master, mimic, luminous and jewel are believed to be affected. | MEDIUM | Jul 10, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-10904 | It was found that glusterfs server does not properly sanitize file paths in the trusted.io-stats-dump extended attribute which is used by the debug/io-stats translator. Attacker can use this flaw to create files and execute arbitrary code. To exploit this attacker would require sufficient access to modify the extended attributes of files on a gluster volume. | MEDIUM | Sep 5, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-10907 | It was found that glusterfs server is vulnerable to multiple stack based buffer overflows due to functions in server-rpc-fopc.c allocating fixed size buffers using \'alloca(3)\'. An authenticated attacker could exploit this by mounting a gluster volume and sending a string longer that the fixed buffer size to cause crash or potential code execution. | MEDIUM | Sep 5, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-10911 | A flaw was found in the way dic_unserialize function of glusterfs does not handle negative key length values. An attacker could use this flaw to read memory from other locations into the stored dict value. | MEDIUM | Sep 5, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-10913 | An information disclosure vulnerability was discovered in glusterfs server. An attacker could issue a xattr request via glusterfs FUSE to determine the existence of any file. | MEDIUM | Sep 5, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-10914 | It was found that an attacker could issue a xattr request via glusterfs FUSE to cause gluster brick process to crash which will result in a remote denial of service. If gluster multiplexing is enabled this will result in a crash of multiple bricks and gluster volumes. | MEDIUM | Sep 5, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-10916 | It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local system when reverse mirroring is used. A remote attacker may trick a user to use reverse mirroring on an attacker controlled FTP server, resulting in the removal of all files in the current working directory of the victim\'s system. | HIGH | Aug 7, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-10923 | It was found that the mknod call derived from mknod(2) can create files pointing to devices on a glusterfs server node. An authenticated attacker could use this to create an arbitrary device and read data from any device attached to the glusterfs server node. | MEDIUM | Sep 5, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-10926 | A flaw was found in RPC request using gfs3_mknod_req supported by glusterfs server. An authenticated attacker could use this flaw to write files to an arbitrary location via path traversal and execute arbitrary code on a glusterfs server node. | MEDIUM | Sep 5, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-10927 | A flaw was found in RPC request using gfs3_lookup_req in glusterfs server. An authenticated attacker could use this flaw to leak information and execute remote denial of service by crashing gluster brick process. | MEDIUM | Sep 5, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-10928 | A flaw was found in RPC request using gfs3_symlink_req in glusterfs server which allows symlink destinations to point to file paths outside of the gluster volume. An authenticated attacker could use this flaw to create arbitrary symlinks pointing anywhere on the server and execute arbitrary code on glusterfs server nodes. | MEDIUM | Sep 5, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-10929 | A flaw was found in RPC request using gfs2_create_req in glusterfs server. An authenticated attacker could use this flaw to create arbitrary files and execute arbitrary code on glusterfs server nodes. | MEDIUM | Sep 5, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-10930 | A flaw was found in RPC request using gfs3_rename_req in glusterfs server. An authenticated attacker could use this flaw to write to a destination outside the gluster volume. | MEDIUM | Sep 5, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-10963 | The TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF through 4.0.9 allows remote attackers to cause a denial of service (assertion failure and application crash) via a crafted file, a different vulnerability than CVE-2017-13726. | MEDIUM | May 9, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-11233 | In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, code to sanity-check pathnames on NTFS can result in reading out-of-bounds memory. | MEDIUM | May 30, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-11439 | The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLib 1.11.1 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted audio file. | MEDIUM | May 30, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-11782 | In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion\'s svnserve server process may exit when a well-formed read-only request produces a particular answer. This can lead to disruption for users of the server. | Medium | Sep 27, 2019 | 10.18.44.12 (Wind River Linux LTS 18) |
CVE-2018-11803 | Subversion\'s mod_dav_svn Apache HTTPD module versions 1.11.0 and 1.10.0 to 1.10.3 will crash after dereferencing an uninitialized pointer if the client omits the root path in a recursive directory listing operation. | Medium | Feb 8, 2019 | 10.18.44.4 (Wind River Linux LTS 18) |
CVE-2018-11806 | m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams. | HIGH | Jun 13, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-12015 | In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name. | MEDIUM | Jun 12, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-12126 | Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf | Medium | Jun 11, 2019 | 10.18.44.7 (Wind River Linux LTS 18) |
CVE-2018-12127 | Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf | Medium | Jun 11, 2019 | 10.18.44.7 (Wind River Linux LTS 18) |
CVE-2018-12130 | Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf | Medium | Jun 11, 2019 | 10.18.44.7 (Wind River Linux LTS 18) |
CVE-2018-12207 | Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access. | MEDIUM | Nov 14, 2019 | 10.18.44.22 (Wind River Linux LTS 18) |
CVE-2018-12384 | When handling a SSLv2-compatible ClientHello request, the server doesn\'t generate a new random value but sends an all-zero value instead. This results in full malleability of the ClientHello for SSLv2 used for TLS 1.2 in all versions prior to NSS 3.39. This does not impact TLS 1.3. | MEDIUM | Nov 25, 2018 | 10.18.44.3 (Wind River Linux LTS 18) |
CVE-2018-12404 | A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant of the Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) and affects all NSS versions prior to NSS 3.41. | MEDIUM | Dec 31, 2018 | 10.18.44.3 (Wind River Linux LTS 18) |
CVE-2018-12641 | An issue was discovered in arm_pt in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_arm_hp_template, demangle_class_name, demangle_fund_type, do_type, do_arg, demangle_args, and demangle_nested_args. This can occur during execution of nm-new. | MEDIUM | Jun 22, 2018 | 10.18.44.3 (Wind River Linux LTS 18) |
CVE-2018-12697 | A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. This can occur during execution of objdump. | MEDIUM | Jun 23, 2018 | 10.18.44.3 (Wind River Linux LTS 18) |
CVE-2018-12698 | demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM) during the Create an array for saving the template argument values XNEWVEC call. This can occur during execution of objdump. | MEDIUM | Jun 23, 2018 | 10.18.44.3 (Wind River Linux LTS 18) |
CVE-2018-12699 | finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. This can occur during execution of objdump. | HIGH | Jun 23, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-12700 | ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. | MEDIUM | Jun 23, 2018 | 10.18.44.3 (Wind River Linux LTS 18) |
CVE-2018-12886 | stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against. | Medium | May 23, 2019 | 10.18.44.11 (Wind River Linux LTS 18) |
CVE-2018-12900 | Heap-based buffer overflow in the cpSeparateBufToContigBuf function in tiffcp.c in LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0beta7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via a crafted TIFF file. | MEDIUM | Jun 26, 2018 | 10.18.44.6 (Wind River Linux LTS 18) |
CVE-2018-12910 | The get_cookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified impact via an empty hostname. | HIGH | Jul 7, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-12911 | WebKitGTK+ 2.20.3 has an off-by-one error, with a resultant out-of-bounds write, in the get_simple_globs functions in ThirdParty/xdgmime/src/xdgmimecache.c and ThirdParty/xdgmime/src/xdgmimeglob.c. | HIGH | Jul 19, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-13053 | The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because ktime_add_safe is not used. | MEDIUM | Jul 6, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-13139 | A stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted audio file. The vulnerability can be triggered by the executable sndfile-deinterleave. | MEDIUM | Jul 4, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-13419 | ** DISPUTED ** An issue has been found in libsndfile 1.0.28. There is a memory leak in psf_allocate in common.c, as demonstrated by sndfile-convert. NOTE: The maintainer and third parties were unable to reproduce and closed the issue. | MEDIUM | Jul 7, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |