The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date | Fixed Release |
---|---|---|---|---|
CVE-2018-15599 | The recv_msg_userauth_request function in svr-auth.c in Dropbear through 2018.76 is prone to a user enumeration vulnerability because username validity affects how fields in SSH_MSG_USERAUTH messages are handled, a similar issue to CVE-2018-15473 in an unrelated codebase. | MEDIUM | Aug 20, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-15209 | ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf. | MEDIUM | Aug 8, 2018 | 10.18.44.3 (Wind River Linux LTS 18) |
CVE-2018-14882 | The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c. | High | Oct 11, 2019 | 10.18.44.11 (Wind River Linux LTS 18) |
CVE-2018-14881 | The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART). | High | Oct 11, 2019 | 10.18.44.11 (Wind River Linux LTS 18) |
CVE-2018-14880 | The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr(). | High | Oct 3, 2019 | 10.18.44.11 (Wind River Linux LTS 18) |
CVE-2018-14879 | The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:get_next_file(). | High | Oct 11, 2019 | 10.18.44.11 (Wind River Linux LTS 18) |
CVE-2018-14665 | A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate their privileges and run arbitrary code under root privileges. | HIGH | Oct 26, 2018 | 10.18.44.3 (Wind River Linux LTS 18) |
CVE-2018-14662 | It was found Ceph versions before 13.2.4 that authenticated ceph users with read only permissions could steal dm-crypt encryption keys used in ceph disk encryption. | LOW | Jan 14, 2019 | 10.18.44.4 (Wind River Linux LTS 18) |
CVE-2018-14661 | It was found that usage of snprintf function in feature/locks translator of glusterfs server 3.8.4, as shipped with Red Hat Gluster Storage, was vulnerable to a format string attack. A remote, authenticated attacker could use this flaw to cause remote denial of service. | MEDIUM | Nov 6, 2018 | 10.18.44.4 (Wind River Linux LTS 18) |
CVE-2018-14660 | A flaw was found in glusterfs server through versions 4.1.4 and 3.1.2 which allowed repeated usage of GF_META_LOCK_KEY xattr. A remote, authenticated attacker could use this flaw to create multiple locks for single inode by using setxattr repetitively resulting in memory exhaustion of glusterfs server node. | MEDIUM | Nov 6, 2018 | 10.18.44.4 (Wind River Linux LTS 18) |
CVE-2018-14659 | The Gluster file system through versions 4.1.4 and 3.1.2 is vulnerable to a denial of service attack via use of the \'GF_XATTR_IOSTATS_DUMP_KEY\' xattr. A remote, authenticated attacker could exploit this by mounting a Gluster volume and repeatedly calling \'setxattr(2)\' to trigger a state dump and create an arbitrary number of files in the server\'s runtime directory. | MEDIUM | Nov 6, 2018 | 10.18.44.4 (Wind River Linux LTS 18) |
CVE-2018-14654 | The Gluster file system through version 4.1.4 is vulnerable to abuse of the \'features/index\' translator. A remote attacker with access to mount volumes could exploit this via the \'GF_XATTROP_ENTRY_IN_KEY\' xattrop to create arbitrary, empty files on the target server. | HIGH | Nov 6, 2018 | 10.18.44.4 (Wind River Linux LTS 18) |
CVE-2018-14653 | The Gluster file system through versions 4.1.4 and 3.12 is vulnerable to a heap-based buffer overflow in the \'__server_getspec\' function via the \'gf_getspec_req\' RPC message. A remote authenticated attacker could exploit this to cause a denial of service or other potential unspecified impact. | MEDIUM | Nov 6, 2018 | 10.18.44.4 (Wind River Linux LTS 18) |
CVE-2018-14651 | It was found that the fix for CVE-2018-10927, CVE-2018-10928, CVE-2018-10929, CVE-2018-10930, and CVE-2018-10926 was incomplete. A remote, authenticated attacker could use one of these flaws to execute arbitrary code, create arbitrary files, or cause denial of service on glusterfs server nodes via symlinks to relative paths. | MEDIUM | Nov 6, 2018 | 10.18.44.4 (Wind River Linux LTS 18) |
CVE-2018-14647 | Python\'s elementtree C accelerator failed to initialise Expat\'s hash salt during initialization. This could make it easy to conduct denial of service attacks against Expat by constructing an XML document that would cause pathological hash collisions in Expat\'s internal data structures, consuming large amounts CPU and RAM. The vulnerability exists in Python versions 3.7.0, 3.6.0 through 3.6.6, 3.5.0 through 3.5.6, 3.4.0 through 3.4.9, 2.7.0 through 2.7.15. | MEDIUM | Sep 30, 2018 | 10.18.44.9 (Wind River Linux LTS 18) |
CVE-2018-14629 | A denial of service vulnerability was discovered in Samba\'s LDAP server before versions 4.7.12, 4.8.7, and 4.9.3. A CNAME loop could lead to infinite recursion in the server. An unprivileged local attacker could create such an entry, leading to denial of service. | MEDIUM | Dec 16, 2018 | 10.18.44.3 (Wind River Linux LTS 18) |
CVE-2018-14625 | A flaw was found in the Linux Kernel where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition between connect() and close() function may allow an attacker using the AF_VSOCK protocol to gather a 4 byte information leak or possibly intercept or corrupt AF_VSOCK messages destined to other clients. | MEDIUM | Sep 10, 2018 | 10.18.44.9 (Wind River Linux LTS 18) |
CVE-2018-14618 | curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow. (This bug is almost identical to CVE-2017-8816.) | HIGH | Sep 6, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-14574 | django.middleware.common.CommonMiddleware in Django 1.11.x before 1.11.15 and 2.0.x before 2.0.8 has an Open Redirect. | MEDIUM | Aug 7, 2018 | 10.18.44.18 (Wind River Linux LTS 18) |
CVE-2018-14567 | libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251. | MEDIUM | Aug 14, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-14553 | gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer dereference allowing attackers to crash an application via a specific function call sequence. Only affects PHP when linked with an external libgd (not bundled). | MEDIUM | Feb 12, 2020 | 10.18.44.15 (Wind River Linux LTS 18) |
CVE-2018-14550 | An issue has been found in third-party PNM decoding associated with libpng 1.6.35. It is a stack-based buffer overflow in the function get_token in pnm2png.c in pnm2png. | MEDIUM | May 30, 2019 | 10.18.44.8 (Wind River Linux LTS 18) |
CVE-2018-14526 | An issue was discovered in rsn_supp/wpa.c in wpa_supplicant 2.0 through 2.6. Under certain conditions, the integrity of EAPOL-Key messages is not checked, leading to a decryption oracle. An attacker within range of the Access Point and client can abuse the vulnerability to recover sensitive information. | LOW | Aug 9, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-14470 | The Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babel_print_v2(). | High | Oct 11, 2019 | 10.18.44.11 (Wind River Linux LTS 18) |
CVE-2018-14469 | The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print(). | High | Oct 11, 2019 | 10.18.44.11 (Wind River Linux LTS 18) |
CVE-2018-14468 | The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print(). | High | Oct 11, 2019 | 10.18.44.11 (Wind River Linux LTS 18) |
CVE-2018-14467 | The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP). | High | Oct 11, 2019 | 10.18.44.11 (Wind River Linux LTS 18) |
CVE-2018-14466 | The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert(). | High | Oct 11, 2019 | 10.18.44.11 (Wind River Linux LTS 18) |
CVE-2018-14465 | The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print(). | High | Oct 11, 2019 | 10.18.44.11 (Wind River Linux LTS 18) |
CVE-2018-14464 | The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs(). | High | Oct 11, 2019 | 10.18.44.11 (Wind River Linux LTS 18) |
CVE-2018-14463 | The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 2, a different vulnerability than CVE-2019-15167. | High | Oct 11, 2019 | 10.18.44.11 (Wind River Linux LTS 18) |
CVE-2018-14462 | The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print(). | High | Oct 11, 2019 | 10.18.44.11 (Wind River Linux LTS 18) |
CVE-2018-14461 | The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print(). | High | Oct 11, 2019 | 10.18.44.11 (Wind River Linux LTS 18) |
CVE-2018-14348 | libcgroup up to and including 0.41 creates /var/log/cgred with mode 0666 regardless of the configured umask, leading to disclosure of information. | MEDIUM | Aug 14, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-14048 | An issue has been found in libpng 1.6.34. It is a SEGV in the function png_free_data in png.c, related to the recommended error handling for png_read_image. | MEDIUM | Jul 13, 2018 | 10.18.44.8 (Wind River Linux LTS 18) |
CVE-2018-13419 | ** DISPUTED ** An issue has been found in libsndfile 1.0.28. There is a memory leak in psf_allocate in common.c, as demonstrated by sndfile-convert. NOTE: The maintainer and third parties were unable to reproduce and closed the issue. | MEDIUM | Jul 7, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-13139 | A stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted audio file. The vulnerability can be triggered by the executable sndfile-deinterleave. | MEDIUM | Jul 4, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-13053 | The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because ktime_add_safe is not used. | MEDIUM | Jul 6, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-12911 | WebKitGTK+ 2.20.3 has an off-by-one error, with a resultant out-of-bounds write, in the get_simple_globs functions in ThirdParty/xdgmime/src/xdgmimecache.c and ThirdParty/xdgmime/src/xdgmimeglob.c. | HIGH | Jul 19, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-12910 | The get_cookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified impact via an empty hostname. | HIGH | Jul 7, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-12900 | Heap-based buffer overflow in the cpSeparateBufToContigBuf function in tiffcp.c in LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0beta7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via a crafted TIFF file. | MEDIUM | Jun 26, 2018 | 10.18.44.6 (Wind River Linux LTS 18) |
CVE-2018-12886 | stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against. | Medium | May 23, 2019 | 10.18.44.11 (Wind River Linux LTS 18) |
CVE-2018-12700 | ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. | MEDIUM | Jun 23, 2018 | 10.18.44.3 (Wind River Linux LTS 18) |
CVE-2018-12699 | finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. This can occur during execution of objdump. | HIGH | Jun 23, 2018 | 10.18.44.1 (Wind River Linux LTS 18) |
CVE-2018-12698 | demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM) during the Create an array for saving the template argument values XNEWVEC call. This can occur during execution of objdump. | MEDIUM | Jun 23, 2018 | 10.18.44.3 (Wind River Linux LTS 18) |
CVE-2018-12697 | A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. This can occur during execution of objdump. | MEDIUM | Jun 23, 2018 | 10.18.44.3 (Wind River Linux LTS 18) |
CVE-2018-12641 | An issue was discovered in arm_pt in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_arm_hp_template, demangle_class_name, demangle_fund_type, do_type, do_arg, demangle_args, and demangle_nested_args. This can occur during execution of nm-new. | MEDIUM | Jun 22, 2018 | 10.18.44.3 (Wind River Linux LTS 18) |
CVE-2018-12404 | A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant of the Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) and affects all NSS versions prior to NSS 3.41. | MEDIUM | Dec 31, 2018 | 10.18.44.3 (Wind River Linux LTS 18) |
CVE-2018-12384 | When handling a SSLv2-compatible ClientHello request, the server doesn\'t generate a new random value but sends an all-zero value instead. This results in full malleability of the ClientHello for SSLv2 used for TLS 1.2 in all versions prior to NSS 3.39. This does not impact TLS 1.3. | MEDIUM | Nov 25, 2018 | 10.18.44.3 (Wind River Linux LTS 18) |
CVE-2018-12207 | Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access. | MEDIUM | Nov 14, 2019 | 10.18.44.22 (Wind River Linux LTS 18) |