Total
10626 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-4321 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2019-04-04 | 5.0 MEDIUM | 5.3 MEDIUM |
| A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12. | |||||
| CVE-2018-12222 | 1 Intel | 1 Graphics Driver | 2019-04-04 | 2.1 LOW | 3.3 LOW |
| Insufficient input validation in Kernel Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables an unprivileged user to cause an out of bound memory read via local access. | |||||
| CVE-2018-12221 | 1 Intel | 1 Graphics Driver | 2019-04-04 | 4.6 MEDIUM | 7.8 HIGH |
| Insufficient input validation in Kernel Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables an unprivileged user to cause an integer overflow via local access. | |||||
| CVE-2018-12219 | 1 Intel | 1 Graphics Driver | 2019-04-04 | 2.1 LOW | 5.5 MEDIUM |
| Insufficient input validation in Kernel Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables an unprivileged user to read memory via local access via local access. | |||||
| CVE-2018-12216 | 1 Intel | 1 Graphics Driver | 2019-04-04 | 7.2 HIGH | 8.2 HIGH |
| Insufficient input validation in Kernel Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables a privileged user to execute arbitrary code via local access via local access. | |||||
| CVE-2018-12215 | 1 Intel | 1 Graphics Driver | 2019-04-04 | 2.1 LOW | 6.0 MEDIUM |
| Insufficient input validation in Kernel Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables a privileged user to cause a denial of service via local access. | |||||
| CVE-2018-12211 | 1 Intel | 1 Graphics Driver | 2019-04-04 | 2.1 LOW | 6.5 MEDIUM |
| Insufficient input validation in User Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables an unprivileged user to cause a denial of service via local access. | |||||
| CVE-2017-13911 | 1 Apple | 1 Mac Os X | 2019-04-04 | 9.3 HIGH | 7.8 HIGH |
| A configuration issue was addressed with additional restrictions. This issue affected versions prior to macOS X El Capitan 10.11.6 Security Update 2018-002, macOS Sierra 10.12.6 Security Update 2018-002, macOS High Sierra 10.13.2. | |||||
| CVE-2018-4304 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-04-04 | 4.3 MEDIUM | 5.0 MEDIUM |
| A denial of service issue was addressed with improved validation. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5. | |||||
| CVE-2018-4295 | 1 Apple | 1 Mac Os X | 2019-04-04 | 7.5 HIGH | 9.8 CRITICAL |
| An input validation issue was addressed with improved input validation. This issue affected versions prior to macOS Mojave 10.14. | |||||
| CVE-2018-4260 | 1 Apple | 2 Iphone Os, Safari | 2019-04-04 | 4.3 MEDIUM | 6.5 MEDIUM |
| An inconsistent user interface issue was addressed with improved state management. This issue affected versions prior to iOS 11.4.1, Safari 11.1.2. | |||||
| CVE-2018-4279 | 1 Apple | 1 Safari | 2019-04-04 | 5.0 MEDIUM | 5.3 MEDIUM |
| An inconsistent user interface issue was addressed with improved state management. This issue affected versions prior to Safari 11.1.2. | |||||
| CVE-2018-4274 | 1 Apple | 2 Iphone Os, Safari | 2019-04-04 | 5.0 MEDIUM | 7.5 HIGH |
| A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, Safari 11.1.2. | |||||
| CVE-2015-5606 | 1 Axway | 1 Vordel Xml Gateway | 2019-04-04 | 5.0 MEDIUM | 7.5 HIGH |
| Vordel XML Gateway (acquired by Axway) version 7.2.2 could allow remote attackers to cause a denial of service via a specially crafted request. | |||||
| CVE-2014-9645 | 1 Busybox | 1 Busybox | 2019-04-03 | 2.1 LOW | 5.5 MEDIUM |
| The add_probe function in modutils/modprobe.c in BusyBox before 1.23.0 allows local users to bypass intended restrictions on loading kernel modules via a / (slash) character in a module name, as demonstrated by an "ifconfig /usbserial up" command or a "mount -t /snd_pcm none /" command. | |||||
| CVE-2018-11873 | 1 Qualcomm | 2 Sd845, Sd845 Firmware | 2019-04-03 | 7.2 HIGH | 7.8 HIGH |
| Improper input validation leads to buffer overwrite in the WLAN function that handles WLAN roam buffer in Snapdragon Mobile in version SD 845. | |||||
| CVE-2018-11872 | 1 Qualcomm | 6 Sd 845, Sd 845 Firmware, Sd 850 and 3 more | 2019-04-03 | 7.2 HIGH | 7.8 HIGH |
| Improper input validation leads to buffer overwrite in the WLAN function that handles WMI commands in Snapdragon Mobile in version SD 845, SD 850, SDA660 | |||||
| CVE-2018-18021 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2019-04-03 | 3.6 LOW | 7.1 HIGH |
| arch/arm64/kvm/guest.c in KVM in the Linux kernel before 4.18.12 on the arm64 platform mishandles the KVM_SET_ON_REG ioctl. This is exploitable by attackers who can create virtual machines. An attacker can arbitrarily redirect the hypervisor flow of control (with full register control). An attacker can also cause a denial of service (hypervisor panic) via an illegal exception return. This occurs because of insufficient restrictions on userspace access to the core register file, and because PSTATE.M validation does not prevent unintended execution modes. | |||||
| CVE-2018-10916 | 3 Canonical, Lftp Project, Opensuse | 3 Ubuntu Linux, Lftp, Leap | 2019-04-02 | 7.8 HIGH | 6.5 MEDIUM |
| It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local system when reverse mirroring is used. A remote attacker may trick a user to use reverse mirroring on an attacker controlled FTP server, resulting in the removal of all files in the current working directory of the victim's system. | |||||
| CVE-2018-13798 | 1 Siemens | 6 Sicam A8000 Cp-8000, Sicam A8000 Cp-8000 Firmware, Sicam A8000 Cp-802x and 3 more | 2019-04-02 | 7.8 HIGH | 7.5 HIGH |
| A vulnerability has been identified in SICAM A8000 CP-8000 (All versions < V14), SICAM A8000 CP-802X (All versions < V14), SICAM A8000 CP-8050 (All versions < V2.00). Specially crafted network packets sent to port 80/TCP or 443/TCP could allow an unauthenticated remote attacker to cause a Denial-of-Service condition of the web server. The security vulnerability could be exploited by an attacker with network access to the affected systems on port 80/TCP or 443/TCP. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the web server. A system reboot is required to recover the web service of the device. At the time of advisory update, exploit code for this security vulnerability is public. | |||||