CWE:
 

Sorry. No results for Bugtraq WLB2


CVEMAP Search Results

CVE
Details
Description
2018-07-05
Medium
CVE-2018-13305

Vendor: Ffmpeg
Software: Ffmpeg
 

 
In FFmpeg 4.0.1, due to a missing check for negative values of the mquant variable, the vc1_put_blocks_clamped function in libavcodec/vc1_block.c may trigger an out-of-array access while converting a crafted AVI file to MPEG4, leading to an information disclosure or a denial of service.

 
Medium
CVE-2018-13300

Vendor: Ffmpeg
Software: Ffmpeg
 

 
In FFmpeg 4.0.1, an improper argument (AVCodecParameters) passed to the avpriv_request_sample function in the handle_eac3 function in libavformat/movenc.c may trigger an out-of-array read while converting a crafted AVI file to MPEG4, leading to a denial of service and possibly an information disclosure.

 
2018-06-08
Medium
CVE-2018-4253

Vendor: Apple
Software: Mac os x
 

 
An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "AMD" component. It allows local users to bypass intended memory-read restrictions or cause a denial of service (out-of-bounds read of kernel memory) via a crafted app.

 
Medium
CVE-2018-4222

Vendor: Apple
Software: Apple tv
 

 
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code via a crafted web site that leverages a getWasmBufferFromValue out-of-bounds read during WebAssembly compilation.

 
2018-06-05
Medium
CVE-2018-11740

Vendor: Sleuthkit
Software: The sleuth kit
 

 
An issue was discovered in libtskbase.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function tsk_UTF16toUTF8 in tsk/base/tsk_unicode.c which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service attack.

 
Medium
CVE-2018-11739

Vendor: Sleuthkit
Software: The sleuth kit
 

 
An issue was discovered in libtskimg.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function raw_read in tsk/img/raw.c which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service attack.

 
Medium
CVE-2018-11738

Vendor: Sleuthkit
Software: The sleuth kit
 

 
An issue was discovered in libtskfs.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function ntfs_make_data_run in tsk/fs/ntfs.c which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service attack.

 
Medium
CVE-2018-11737

Vendor: Sleuthkit
Software: The sleuth kit
 

 
An issue was discovered in libtskfs.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function ntfs_fix_idxrec in tsk/fs/ntfs_dent.cpp which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service.

 
2018-06-04
Medium
CVE-2018-11693

Vendor: Sass-lang
Software: Libsaas
 

 
An issue was discovered in LibSaas through 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::Prelexer::skip_over_scopes which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service.

 
Medium
CVE-2018-11697

Vendor: Sass-lang
Software: Libsaas
 

 
An issue was discovered in LibSaas through 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::Prelexer::exactly() which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service.

 

 


Copyright 2018, cxsecurity.com

 

Back to Top