Total
3694 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-11577 | 4 Canonical, Liblouis, Opensuse and 1 more | 4 Ubuntu Linux, Liblouis, Leap and 1 more | 2024-11-21 | N/A |
| Liblouis 3.5.0 has a Segmentation fault in lou_logPrint in logging.c. | ||||
| CVE-2018-11357 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2024-11-21 | N/A |
| In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LTP dissector and other dissectors could consume excessive memory. This was addressed in epan/tvbuff.c by rejecting negative lengths. | ||||
| CVE-2018-11056 | 2 Dell, Oracle | 13 Bsafe, Bsafe Crypto-c, Application Testing Suite and 10 more | 2024-11-21 | 6.5 Medium |
| RSA BSAFE Micro Edition Suite, prior to 4.1.6.1 (in 4.1.x), and RSA BSAFE Crypto-C Micro Edition versions prior to 4.0.5.3 (in 4.0.x) contain an Uncontrolled Resource Consumption ('Resource Exhaustion') vulnerability when parsing ASN.1 data. A remote attacker could use maliciously constructed ASN.1 data that would exhaust the stack, potentially causing a Denial Of Service. | ||||
| CVE-2018-10998 | 4 Canonical, Debian, Exiv2 and 1 more | 7 Ubuntu Linux, Debian Linux, Exiv2 and 4 more | 2024-11-21 | 6.5 Medium |
| An issue was discovered in Exiv2 0.26. readMetadata in jp2image.cpp allows remote attackers to cause a denial of service (SIGABRT) by triggering an incorrect Safe::add call. | ||||
| CVE-2018-10958 | 4 Canonical, Debian, Exiv2 and 1 more | 4 Ubuntu Linux, Debian Linux, Exiv2 and 1 more | 2024-11-21 | N/A |
| In types.cpp in Exiv2 0.26, a large size value may lead to a SIGABRT during an attempt at memory allocation for an Exiv2::Internal::PngChunk::zlibUncompress call. | ||||
| CVE-2018-10938 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2024-11-21 | N/A |
| A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipso_v4_optptr() function in net/ipv4/cipso_ipv4.c leading to a denial-of-service. A certain non-default configuration of LSM (Linux Security Module) and NetLabel should be set up on a system before an attacker could leverage this flaw. | ||||
| CVE-2018-10935 | 1 Redhat | 2 389 Directory Server, Enterprise Linux | 2024-11-21 | 6.5 Medium |
| A flaw was found in the 389 Directory Server that allows users to cause a crash in the LDAP server using ldapsearch with server side sort. | ||||
| CVE-2018-10924 | 1 Gluster | 1 Glusterfs | 2024-11-21 | N/A |
| It was discovered that fsync(2) system call in glusterfs client code leaks memory. An authenticated attacker could use this flaw to launch a denial of service attack by making gluster clients consume memory of the host machine. | ||||
| CVE-2018-10868 | 1 Redhat | 1 Certification | 2024-11-21 | 7.5 High |
| redhat-certification 7 does not properly restrict the number of recursive definitions of entities in XML documents, allowing an unauthenticated user to run a "Billion Laugh Attack" by replying to XMLRPC methods when getting the status of an host. | ||||
| CVE-2018-10864 | 1 Redhat | 3 Certification, Certifications, Linux | 2024-11-21 | N/A |
| An uncontrolled resource consumption flaw has been discovered in redhat-certification in the way documents are loaded. A remote attacker may provide an existing but invalid XML file which would be opened and never closed, possibly producing a Denial of Service. | ||||
| CVE-2018-10851 | 1 Powerdns | 2 Authoritative, Recursor | 2024-11-21 | N/A |
| PowerDNS Authoritative Server 3.3.0 up to 4.1.4 excluding 4.1.5 and 4.0.6, and PowerDNS Recursor 3.2 up to 4.1.4 excluding 4.1.5 and 4.0.9, are vulnerable to a memory leak while parsing malformed records that can lead to remote denial of service. | ||||
| CVE-2018-10827 | 1 Litecart | 1 Litecart | 2024-11-21 | N/A |
| LiteCart before 2.1.2 allows remote attackers to cause a denial of service (memory consumption) via URIs that do not exist, because public_html/logs/not_found.log grows without bound, and is loaded into memory for each request. | ||||
| CVE-2018-10772 | 2 Exiv2, Redhat | 2 Exiv2, Enterprise Linux | 2024-11-21 | N/A |
| The tEXtToDataBuf function in pngimage.cpp in Exiv2 through 0.26 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file. | ||||
| CVE-2018-10632 | 1 Moxa | 6 Nport 5210, Nport 5210 Firmware, Nport 5230 and 3 more | 2024-11-21 | N/A |
| In Moxa NPort 5210, 5230, and 5232 versions 2.9 build 17030709 and prior, the amount of resources requested by a malicious actor are not restricted, allowing for a denial-of-service condition. | ||||
| CVE-2018-10608 | 1 Selinc | 1 Acselerator Architect | 2024-11-21 | N/A |
| SEL AcSELerator Architect version 2.2.24.0 and prior can be exploited when the AcSELerator Architect FTP client connects to a malicious FTP server, which may cause denial of service via 100% CPU utilization. Restart of the application is required. | ||||
| CVE-2018-10607 | 1 Martem | 4 Telem-gw6, Telem-gw6 Firmware, Telem-gwm and 1 more | 2024-11-21 | N/A |
| Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux_4-01-601cb47 and prior allow the creation of new connections to one or more IOAs, without closing them properly, which may cause a denial of service within the industrial process control channel. | ||||
| CVE-2018-10585 | 1 Pexip | 1 Pexip Infinity | 2024-11-21 | 7.5 High |
| Pexip Infinity before 18 allows remote Denial of Service (XML parsing). | ||||
| CVE-2018-10432 | 1 Pexip | 1 Pexip Infinity | 2024-11-21 | 7.5 High |
| Pexip Infinity before 18 allows Remote Denial of Service (TLS handshakes in RTMP). | ||||
| CVE-2018-10193 | 1 Logmein | 1 Lastpass | 2024-11-21 | N/A |
| LogMeIn LastPass through 4.15.0 allows remote attackers to cause a denial of service (browser hang) via an HTML document because the resource consumption of onloadwff.js grows with the number of INPUT elements. | ||||
| CVE-2018-10070 | 1 Mikrotik | 2 Router, Router Firmware | 2024-11-21 | N/A |
| A vulnerability in MikroTik Version 6.41.4 could allow an unauthenticated remote attacker to exhaust all available CPU and all available RAM by sending a crafted FTP request on port 21 that begins with many '\0' characters, preventing the affected router from accepting new FTP connections. The router will reboot after 10 minutes, logging a "router was rebooted without proper shutdown" message. | ||||