Total
10626 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-10387 | 1 Google | 1 Android | 2018-04-19 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, an assertion was potentially reachable in a handover scenario. | |||||
| CVE-2016-10384 | 1 Google | 1 Android | 2018-04-19 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, an assertion was potentially reachable in a WLAN driver ioctl. | |||||
| CVE-2015-0574 | 1 Google | 1 Android | 2018-04-19 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, the validation of filesystem access was insufficient. | |||||
| CVE-2014-9971 | 1 Google | 1 Android | 2018-04-19 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, disabling asserts causes an instruction inside of an assert to not be executed resulting in incorrect control flow. | |||||
| CVE-2014-2032 | 2 Deadwood Project, Maradns Project | 2 Deadwood, Maradns | 2018-04-18 | 4.3 MEDIUM | 5.9 MEDIUM |
| Deadwood before 2.3.09, 3.x before 3.2.05, and as used in MaraDNS before 1.4.14 and 2.x before 2.0.09, allow remote attackers to cause a denial of service (out-of-bounds read and crash) by leveraging permission to perform recursive queries against Deadwood, related to missing input validation. | |||||
| CVE-2017-18240 | 1 Collectd | 1 Collectd | 2018-04-18 | 4.9 MEDIUM | 5.5 MEDIUM |
| The Gentoo app-admin/collectd package before 5.7.2-r1 sets the ownership of PID file directory to the collectd account, which might allow local users to kill arbitrary processes by leveraging access to this account for PID file modification before a root script sends a SIGKILL (when the service is stopped). | |||||
| CVE-2018-1000125 | 1 Inversoft | 1 Prime-jwt | 2018-04-16 | 7.5 HIGH | 9.8 CRITICAL |
| inversoft prime-jwt version prior to version 1.3.0 or prior to commit 0d94dcef0133d699f21d217e922564adbb83a227 contains an input validation vulnerability in JWTDecoder.decode that can result in a JWT that is decoded and thus implicitly validated even if it lacks a valid signature. This attack appear to be exploitable via an attacker crafting a token with a valid header and body and then requests it to be validated. This vulnerability appears to have been fixed in 1.3.0 and later or after commit 0d94dcef0133d699f21d217e922564adbb83a227. | |||||
| CVE-2012-2625 | 1 Xen | 2 Xen, Xen-unstable | 2018-04-13 | 2.7 LOW | N/A |
| The PyGrub boot loader in Xen unstable before changeset 25589:60f09d1ab1fe, 4.2.x, and 4.1.x allows local para-virtualized guest users to cause a denial of service (memory consumption) via a large (1) bzip2 or (2) lzma compressed kernel image. | |||||
| CVE-2017-17967 | 1 Ksosoft | 1 Wps Office | 2018-04-13 | 4.3 MEDIUM | 5.5 MEDIUM |
| pptreader.dll in Kingsoft WPS Office 10.1.0.6930 allows remote attackers to cause a denial of service via a crafted PPT file, aka CNVD-2017-35482. | |||||
| CVE-2017-17952 | 1 Php Multivendor Ecommerce Project | 1 Php Multivendor Ecommerce | 2018-04-13 | 5.0 MEDIUM | 8.6 HIGH |
| PHP Scripts Mall PHP Multivendor Ecommerce has a predicable registration URL, which makes it easier for remote attackers to register with an invalid or spoofed e-mail address. | |||||
| CVE-2017-15667 | 1 Flexense | 1 Sysgauge | 2018-04-13 | 5.0 MEDIUM | 7.5 HIGH |
| In Flexense SysGauge Server 3.6.18, the Control Protocol suffers from a denial of service. The attack vector is a crafted SERVER_GET_INFO packet sent to control port 9221. | |||||
| CVE-2018-8711 | 1 Woocommerce-filter | 1 Woocommerce Products Filter | 2018-04-12 | 7.5 HIGH | 9.8 CRITICAL |
| A local file inclusion issue was discovered in the WooCommerce Products Filter (aka WOOF) plugin before 2.2.0 for WordPress, as demonstrated by the shortcode parameter in a woof_redraw_woof action. The vulnerability is due to the lack of args/input validation on render_html before allowing it to be called by extract(), a PHP built-in function. Because of this, the supplied args/input can be used to overwrite the $pagepath variable, which then could lead to a local file inclusion attack. | |||||
| CVE-2018-8050 | 1 Afflib Project | 1 Afflib | 2018-04-12 | 4.3 MEDIUM | 6.5 MEDIUM |
| The af_get_page() function in lib/afflib_pages.cpp in AFFLIB (aka AFFLIBv3) through 3.7.16 allows remote attackers to cause a denial of service (segmentation fault) via a corrupt AFF image that triggers an unexpected pagesize value. | |||||
| CVE-2018-8904 | 1 Windows Optimization Master Project | 1 Windows Optimization Master | 2018-04-12 | 6.1 MEDIUM | 7.8 HIGH |
| In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002000. | |||||
| CVE-2018-8876 | 1 2345 Security Guard Project | 1 2345 Security Guard | 2018-04-12 | 6.1 MEDIUM | 7.8 HIGH |
| In 2345 Security Guard 3.6, the driver file (2345Wrath.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x00222098. | |||||
| CVE-2018-8875 | 1 2345 Security Guard Project | 1 2345 Security Guard | 2018-04-12 | 6.1 MEDIUM | 7.8 HIGH |
| In 2345 Security Guard 3.6, the driver file (2345Wrath.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x0022209c. | |||||
| CVE-2018-8874 | 1 2345 Security Guard Project | 1 2345 Security Guard | 2018-04-12 | 6.1 MEDIUM | 7.8 HIGH |
| In 2345 Security Guard 3.6, the driver file (2345Wrath.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x00222054. | |||||
| CVE-2018-8873 | 1 2345 Security Guard Project | 1 2345 Security Guard | 2018-04-12 | 6.1 MEDIUM | 7.8 HIGH |
| In 2345 Security Guard 3.6, the driver file (2345NetFirewall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x00222040. | |||||
| CVE-2018-8896 | 1 2345 Security Guard Project | 1 2345 Security Guard | 2018-04-12 | 6.1 MEDIUM | 7.8 HIGH |
| In 2345 Security Guard 3.6, the driver file (2345DumpBlock.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x00222044. | |||||
| CVE-2018-8895 | 1 2345 Security Guard Project | 1 2345 Security Guard | 2018-04-12 | 6.1 MEDIUM | 7.8 HIGH |
| In 2345 Security Guard 3.6, the driver file (2345DumpBlock.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x00222040. | |||||