Vulnerabilities (CVE)

Filter

116379 total CVE
CVE Vendors Products Updated CVSS
CVE-2018-6706 2018-12-12 N/A
Insecure handling of temporary files in non-Windows McAfee Agent 5.0.0 through 5.0.6, 5.5.0, and 5.5.1 allows an Unprivileged User to introduce custom paths during agent installation in Linux via unspecified vectors.
CVE-2018-9362 1 Google 1 Android 2018-12-12 7.8
In processMessagePart of InboundSmsHandler.java, there is a possible remote denial of service due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not...
CVE-2018-9363 3 Canonical, Debian, Google 3 Ubuntu Linux, Debian Linux, Android 2018-12-12 7.2
In the hidp_process_report in bluetooth, there is an integer overflow. This could lead to an out of bounds write with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android...
CVE-2018-9385 1 Google 1 Android 2018-12-12 4.6
In driver_override_store of bus.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for...
CVE-2018-17055 2018-12-12 5.0
An arbitrary file upload vulnerability in Progress Sitefinity CMS versions 4.0 through 11.0 related to image uploads.
CVE-2018-9415 2 Canonical, Google 2 Ubuntu Linux, Android 2018-12-12 4.6
In driver_override_store and driver_override_show of bus.c, there is a possible double free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for...
CVE-2018-9436 1 Google 1 Android 2018-12-12 7.8
In bnep_data_ind of bnep_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for...
CVE-2018-9437 1 Google 1 Android 2018-12-12 7.1
In getstring of ID3.cpp there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product:...
CVE-2018-17905 1 Omron 1 Cx-supervisor 2018-12-12 6.8
When processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior and tampering with a specific byte, memory corruption may occur within a specific object.
CVE-2018-17907 1 Omron 1 Cx-supervisor 2018-12-12 4.3
When processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior and tampering with the value of an offset, an attacker can force the application to read a value outside of an array.
CVE-2018-9444 1 Google 1 Android 2018-12-12 7.1
In ih264d_video_decode of ih264d_api.c there is a possible resource exhaustion due to an infinite loop. This could lead to remote temporary device denial of service (remote hang or reboot) with no additional execution privileges needed. User...
CVE-2018-17909 1 Omron 1 Cx-supervisor 2018-12-12 6.8
When processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior, the application fails to check if it is referencing freed memory, which may allow an attacker to execute code under the context of the application.
CVE-2018-17913 1 Omron 1 Cx-supervisor 2018-12-12 6.8
A type confusion vulnerability exists when processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior, which may allow an attacker to execute code in the context of the application.
CVE-2018-9445 1 Google 1 Android 2018-12-12 7.2
In readMetadata of Utils.cpp, there is a possible path traversal bug due to a confused deputy. This could lead to local escalation of privilege when mounting a USB device with no additional execution privileges needed. User interaction is not...
CVE-2018-16468 1 Loofah Project 1 Loofah 2018-12-12 3.5
In the Loofah gem for Ruby, through v2.2.2, unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished.
CVE-2018-9446 1 Google 1 Android 2018-12-12 10.0
In smp_br_state_machine_event of smp_br_main.cc, there is a possible out of bounds write due to memory corruption. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for...
CVE-2018-9448 1 Google 1 Android 2018-12-12 7.8
In avct_bcb_msg_ind of avct_bcb_act.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for...
CVE-2018-9450 1 Google 1 Android 2018-12-12 9.0
In avrc_proc_vendor_command of avrc_api.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for...
CVE-2018-9451 1 Google 1 Android 2018-12-12 4.9
In DynamicRefTable::load of ResourceTypes.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed...
CVE-2018-9454 1 Google 1 Android 2018-12-12 4.9
In bnep_data_ind of bnep_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...