The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date | Fixed Release |
|---|---|---|---|---|
| CVE-2018-1000222 | Libgd version 2.2.5 contains a Double Free Vulnerability vulnerability in gdImageBmpPtr Function that can result in Remote Code Execution . This attack appear to be exploitable via Specially Crafted Jpeg Image can trigger double free. This vulnerability appears to have been fixed in after commit ac16bdf2d41724b5a65255d4c28fb0ec46bc42f5. | MEDIUM | Aug 20, 2018 | 10.19.45.1 (Wind River Linux LTS 19) |
| CVE-2018-1000035 | A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the processing of password-protected archives that allows an attacker to perform a denial of service or to possibly achieve code execution. | MEDIUM | Feb 12, 2018 | 10.19.45.1 (Wind River Linux LTS 19) |
| CVE-2018-25032 | zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches. | MEDIUM | Mar 26, 2022 | 10.19.45.23 (Wind River Linux LTS 19) |
| CVE-2018-21010 | OpenJPEG before 2.3.1 has a heap buffer overflow in color_apply_icc_profile in bin/common/color.c. | Medium | Sep 5, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |
| CVE-2018-20969 | do_ed_script in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to a shell metacharacter. | High | Aug 27, 2019 | 10.19.45.4 (Wind River Linux LTS 19) |
| CVE-2018-20699 | Docker Engine before 18.09 allows attackers to cause a denial of service (dockerd memory consumption) via a large integer in a --cpuset-mems or --cpuset-cpus value, related to daemon/daemon_unix.go, pkg/parsers/parsers.go, and pkg/sysinfo/sysinfo.go. | MEDIUM | Jan 11, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |
| CVE-2018-20216 | QEMU can have an infinite loop in hw/rdma/vmw/pvrdma_dev_ring.c because return values are not checked (and -1 is mishandled). | MEDIUM | Dec 25, 2018 | 10.19.45.1 (Wind River Linux LTS 19) |
| CVE-2018-20191 | hw/rdma/vmw/pvrdma_main.c in QEMU does not implement a read operation (such as uar_read by analogy to uar_write), which allows attackers to cause a denial of service (NULL pointer dereference). | MEDIUM | Dec 21, 2018 | 10.19.45.1 (Wind River Linux LTS 19) |
| CVE-2018-20126 | hw/rdma/vmw/pvrdma_cmd.c in QEMU allows create_cq and create_qp memory leaks because errors are mishandled. | LOW | Dec 25, 2018 | 10.19.45.1 (Wind River Linux LTS 19) |
| CVE-2018-20125 | hw/rdma/vmw/pvrdma_cmd.c in QEMU allows attackers to cause a denial of service (NULL pointer dereference or excessive memory allocation) in create_cq_ring or create_qp_rings. | MEDIUM | Dec 25, 2018 | 10.19.45.1 (Wind River Linux LTS 19) |
| CVE-2018-20124 | hw/rdma/rdma_backend.c in QEMU allows guest OS users to trigger out-of-bounds access via a PvrdmaSqWqe ring element with a large num_sge value. | LOW | Dec 25, 2018 | 10.19.45.1 (Wind River Linux LTS 19) |
| CVE-2018-19758 | There is a heap-based buffer over-read at wav.c in wav_write_header in libsndfile 1.0.28 that will cause a denial of service. | MEDIUM | Nov 29, 2018 | 10.19.45.1 (Wind River Linux LTS 19) |
| CVE-2018-19755 | There is an illegal address access at asm/preproc.c (function: is_mmacro) in Netwide Assembler (NASM) 2.14rc16 that will cause a denial of service (out-of-bounds array access) because a certain conversion can result in a negative integer. | MEDIUM | Nov 29, 2018 | 10.19.45.1 (Wind River Linux LTS 19) |
| CVE-2018-19662 | An issue was discovered in libsndfile 1.0.28. There is a buffer over-read in the function i2alaw_array in alaw.c that will lead to a denial of service. | Medium | Dec 18, 2018 | 10.19.45.1 (Wind River Linux LTS 19) |
| CVE-2018-19661 | An issue was discovered in libsndfile 1.0.28. There is a buffer over-read in the function i2ulaw_array in ulaw.c that will lead to a denial of service. | Medium | Dec 18, 2018 | 10.19.45.1 (Wind River Linux LTS 19) |
| CVE-2018-19432 | An issue was discovered in libsndfile 1.0.28. There is a NULL pointer dereference in the function sf_write_int in sndfile.c, which will lead to a denial of service. | MEDIUM | Nov 24, 2018 | 10.19.45.1 (Wind River Linux LTS 19) |
| CVE-2018-18440 | DENX U-Boot through 2018.09-rc1 has a locally exploitable buffer overflow via a crafted kernel image because filesystem loading is mishandled. | HIGH | Nov 20, 2018 | 10.19.45.1 (Wind River Linux LTS 19) |
| CVE-2018-18439 | DENX U-Boot through 2018.09-rc1 has a remotely exploitable buffer overflow via a malicious TFTP server because TFTP traffic is mishandled. Also, local exploitation can occur via a crafted kernel image. | HIGH | Nov 20, 2018 | 10.19.45.1 (Wind River Linux LTS 19) |
| CVE-2018-18384 | Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive has a crafted relationship between the compressed-size value and the uncompressed-size value, because a buffer size is 10 and is supposed to be 12. | MEDIUM | Oct 16, 2018 | 10.19.45.1 (Wind River Linux LTS 19) |
| CVE-2018-16875 | The crypto/x509 package of Go before 1.10.6 and 1.11.x before 1.11.3 does not limit the amount of work performed for each chain verification, which might allow attackers to craft pathological inputs leading to a CPU denial of service. Go TLS servers accepting client certificates and TLS clients are affected. | HIGH | Dec 14, 2018 | 10.19.45.1 (Wind River Linux LTS 19) |
| CVE-2018-16874 | In Go before 1.10.6 and 1.11.x before 1.11.3, the go get command is vulnerable to directory traversal when executed with the import path of a malicious Go package which contains curly braces (both \'{\' and \'}\' characters). Specifically, it is only vulnerable in GOPATH mode, but not in module mode (the distinction is documented at https://golang.org/cmd/go/#hdr-Module_aware_go_get). The attacker can cause an arbitrary filesystem write, which can lead to code execution. | MEDIUM | Dec 14, 2018 | 10.19.45.1 (Wind River Linux LTS 19) |
| CVE-2018-16873 | In Go before 1.10.6 and 1.11.x before 1.11.3, the go get command is vulnerable to remote code execution when executed with the -u flag and the import path of a malicious Go package, or a package that imports it directly or indirectly. Specifically, it is only vulnerable in GOPATH mode, but not in module mode (the distinction is documented at https://golang.org/cmd/go/#hdr-Module_aware_go_get). Using custom domains, it\'s possible to arrange things so that a Git repository is cloned to a folder named .git by using a vanity import path that ends with /.git. If the Git repository root contains a HEAD file, a config file, an objects directory, a refs directory, with some work to ensure the proper ordering of operations, go get -u can be tricked into considering the parent directory as a repository root, and running Git commands on it. That will use the config file in the original Git repository root for its configuration, and if that config file contains malicious commands, they will execute on the system running go get -u. | MEDIUM | Dec 18, 2018 | 10.19.45.1 (Wind River Linux LTS 19) |
| CVE-2018-16872 | A flaw was found in qemu Media Transfer Protocol (MTP). The code opening files in usb_mtp_get_object and usb_mtp_get_partial_object and directories in usb_mtp_object_readdir doesn\'t consider that the underlying filesystem may have changed since the time lstat(2) was called in usb_mtp_object_alloc, a classical TOCTTOU problem. An attacker with write access to the host filesystem shared with a guest can use this property to navigate the host filesystem in the context of the QEMU process and read any file the QEMU process has access to. Access to the filesystem may be local or via a network share protocol such as CIFS. | LOW | Dec 15, 2018 | 10.19.45.1 (Wind River Linux LTS 19) |
| CVE-2018-16838 | A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users to login instead of denying access. | MEDIUM | Mar 25, 2019 | 10.19.45.6 (Wind River Linux LTS 19) |
| CVE-2018-15879 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-6978. Reason: This candidate is a reservation duplicate of CVE-2019-6978. Notes: All CVE users should reference CVE-2019-6978 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | -- | Nov 7, 2023 | 10.19.45.1 (Wind River Linux LTS 19) |
| CVE-2018-15878 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-6978. Reason: This candidate is a reservation duplicate of CVE-2019-6978. Notes: All CVE users should reference CVE-2019-6978 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | -- | Nov 7, 2023 | 10.19.45.1 (Wind River Linux LTS 19) |
| CVE-2018-15686 | A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. Affected releases are systemd versions up to and including 239. | HIGH | Oct 26, 2018 | 10.19.45.1 (Wind River Linux LTS 19) |
| CVE-2018-14567 | libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251. | MEDIUM | Aug 14, 2018 | 10.19.45.1 (Wind River Linux LTS 19) |
| CVE-2018-14553 | gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer dereference allowing attackers to crash an application via a specific function call sequence. Only affects PHP when linked with an external libgd (not bundled). | MEDIUM | Feb 12, 2020 | 10.19.45.5 (Wind River Linux LTS 19) |
| CVE-2018-14348 | libcgroup up to and including 0.41 creates /var/log/cgred with mode 0666 regardless of the configured umask, leading to disclosure of information. | MEDIUM | Aug 14, 2018 | 10.19.45.1 (Wind River Linux LTS 19) |
| CVE-2018-13139 | A stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted audio file. The vulnerability can be triggered by the executable sndfile-deinterleave. | MEDIUM | Jul 4, 2018 | 10.19.45.1 (Wind River Linux LTS 19) |
| CVE-2018-12900 | Heap-based buffer overflow in the cpSeparateBufToContigBuf function in tiffcp.c in LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0beta7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via a crafted TIFF file. | MEDIUM | Jun 26, 2018 | 10.19.45.1 (Wind River Linux LTS 19) |
| CVE-2018-12207 | Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access. | MEDIUM | Nov 14, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |
| CVE-2018-11439 | The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLib 1.11.1 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted audio file. | MEDIUM | May 30, 2018 | 10.19.45.1 (Wind River Linux LTS 19) |
| CVE-2018-10689 | blktrace (aka Block IO Tracing) 1.2.0, as used with the Linux kernel and Android, has a buffer overflow in the dev_map_read function in btt/devmap.c because the device and devno arrays are too small, as demonstrated by an invalid free when using the btt program with a crafted file. | MEDIUM | May 3, 2018 | 10.19.45.1 (Wind River Linux LTS 19) |
| CVE-2018-10393 | bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a stack-based buffer over-read. | MEDIUM | Apr 26, 2018 | 10.19.45.1 (Wind River Linux LTS 19) |
| CVE-2018-10392 | mapping0_forward in mapping0.c in Xiph.Org libvorbis 1.3.6 does not validate the number of channels, which allows remote attackers to cause a denial of service (heap-based buffer overflow or over-read) or possibly have unspecified other impact via a crafted file. | MEDIUM | Apr 26, 2018 | 10.19.45.1 (Wind River Linux LTS 19) |
| CVE-2018-9251 | The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035. | LOW | Apr 3, 2018 | 10.19.45.1 (Wind River Linux LTS 19) |
| CVE-2018-9138 | An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.29 and 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_nested_args, demangle_args, do_arg, and do_type. | MEDIUM | Mar 30, 2018 | 10.19.45.1 (Wind River Linux LTS 19) |
| CVE-2018-5743 | By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter which, if unset, defaults to a conservative value for most servers. Unfortunately, the code which was intended to limit the number of simultaneous connections contained an error which could be exploited to grow the number of simultaneous connections beyond this limit. Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.6, 9.12.0 -> 9.12.4, 9.14.0. BIND 9 Supported Preview Edition versions 9.9.3-S1 -> 9.11.5-S3, and 9.11.5-S5. Versions 9.13.0 -> 9.13.7 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2018-5743. | MEDIUM | Oct 9, 2019 | 10.19.45.2 (Wind River Linux LTS 19) |
| CVE-2017-17457 | The function d2ulaw_array() in ulaw.c of libsndfile 1.0.29pre1 may lead to a remote DoS attack (SEGV on unknown address 0x000000000000), a different vulnerability than CVE-2017-14246. | MEDIUM | Dec 7, 2017 | 10.19.45.1 (Wind River Linux LTS 19) |
| CVE-2017-17456 | The function d2alaw_array() in alaw.c of libsndfile 1.0.29pre1 may lead to a remote DoS attack (SEGV on unknown address 0x000000000000), a different vulnerability than CVE-2017-14245. | MEDIUM | Dec 7, 2017 | 10.19.45.1 (Wind River Linux LTS 19) |
| CVE-2017-16808 | tcpdump 4.9.2 has a heap-based buffer over-read related to aoe_print in print-aoe.c and lookup_emem in addrtoname.c. | MEDIUM | Nov 15, 2017 | 10.19.45.1 (Wind River Linux LTS 19) |
| CVE-2017-14634 | In libsndfile 1.0.28, a divide-by-zero error exists in the function double64_init() in double64.c, which may lead to DoS when playing a crafted audio file. | MEDIUM | Sep 21, 2017 | 10.19.45.1 (Wind River Linux LTS 19) |
| CVE-2017-12678 | In TagLib 1.11.1, the rebuildAggregateFrames function in id3v2framefactory.cpp has a pointer to cast vulnerability, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted audio file. | MEDIUM | Aug 7, 2017 | 10.19.45.1 (Wind River Linux LTS 19) |
| CVE-2017-12652 | libpng before 1.6.32 does not properly check the length of chunks against the user limit. | HIGH | Jul 10, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |
| CVE-2017-9778 | GNU Debugger (GDB) 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can cause GDB to repeatedly allocate memory until a process limit is reached. This can, for example, impede efforts to analyze malware with GDB. | MEDIUM | Jun 26, 2017 | 10.19.45.1 (Wind River Linux LTS 19) |
| CVE-2017-8872 | The htmlParseTryOrFinish function in HTMLparser.c in libxml2 2.9.4 allows attackers to cause a denial of service (buffer over-read) or information disclosure. | MEDIUM | May 10, 2017 | 10.19.45.1 (Wind River Linux LTS 19) |
| CVE-2017-8365 | The i2les_array function in pcm.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted audio file. | MEDIUM | May 5, 2017 | 10.19.45.1 (Wind River Linux LTS 19) |
| CVE-2017-8363 | The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted audio file. | MEDIUM | May 5, 2017 | 10.19.45.1 (Wind River Linux LTS 19) |
