CWE:
 

Topic
Date
Author
High
Google SketchUp lib3ds 3DS Importer Memory Corruption
18.01.2010
CORE


CVEMAP Search Results

CVE
Details
Description
2018-07-27
Medium
CVE-2018-10882

Vendor: Canonical
Software: Ubuntu linux
 

 
A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound write in in fs/jbd2/transaction.c code, a denial of service, and a system crash by unmounting a crafted ext4 filesystem image.

 
High
CVE-2017-2620

Vendor: Citrix
Software: Xenserver
 

 
Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use this flaw to crash the QEMU process OR potentially execute arbitrary code on host with privileges of the QEMU process.

 
Medium
CVE-2017-2581

Vendor: Netpbm project
Software: Netpbm
 

 
An out-of-bounds write vulnerability was found in netpbm before 10.61. A maliciously crafted file could cause the application to crash or possibly allow code execution.

 
Medium
CVE-2017-2580

Vendor: Netpbm project
Software: Netpbm
 

 
An out-of-bounds write vulnerability was found in netpbm before 10.61. A maliciously crafted file could cause the application to crash or possibly allow code execution.

 
Medium
CVE-2018-14610

Vendor: Linux
Software: Linux kernel
 

 
An issue was discovered in the Linux kernel through 4.17.10. There is out-of-bounds access in write_extent_buffer() when mounting and operating a crafted btrfs image, because of a lack of verification that each block group has a corresponding chunk at mount time, within btrfs_read_block_groups in fs/btrfs/extent-tree.c.

 
2018-07-26
Medium
CVE-2018-10878

Vendor: Canonical
Software: Ubuntu linux
 

 
A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write and a denial of service or unspecified other impact is possible by mounting and operating a crafted ext4 filesystem image.

 
2018-07-25
Medium
CVE-2018-10880

Vendor: Debian
Software: Debian linux
 

 
Linux kernel is vulnerable to a stack-out-of-bounds write in the ext4 filesystem code when mounting and writing to a crafted ext4 image in ext4_update_inline_data(). An attacker could use this to cause a system crash and a denial of service.

 
2018-07-20
High
CVE-2018-12758

Vendor: Adobe
Software: Acrobat dc
 

 
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

 
High
CVE-2018-12755

Vendor: Adobe
Software: Acrobat dc
 

 
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

 
High
CVE-2018-12754

Vendor: Adobe
Software: Acrobat dc
 

 
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

 

 


Copyright 2018, cxsecurity.com

 

Back to Top