Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2017-18281 A bool variable in Video function, which gets typecasted to int before being read could result in an out of bound read access in all Android releases from CAF using the linux kernel | N/A | NONE | β | 0 |
| CVE-2018-11867 Lack of buffer length check before copying in WLAN function while processing FIPS event, can lead to a buffer overflow in Snapdragon Mobile in version SD 845. | N/A | NONE | β | 0 |
| CVE-2018-11856 Improper input validation leads to buffer overwrite in the WLAN function that handles WMI commands in Snapdragon Mobile in version SD 835, SD 845, SD 850. | N/A | NONE | β | 0 |
| CVE-2018-11857 Improper input validation in WLAN encrypt/decrypt module can lead to a buffer copy in Snapdragon Mobile in version SD 835, SD 845, SD 850 | N/A | NONE | β | 0 |
| CVE-2018-11858 When processing IE set command, buffer overwrite may occur due to lack of input validation of the IE length in Snapdragon Mobile in version SD 835, SD 845, SD 850. | N/A | NONE | β | 0 |
| CVE-2018-11859 Buffer overwrite can happen in WLAN due to lack of validation of the input length in Snapdragon Mobile in version SD 845, SD 850. | N/A | NONE | β | 0 |
| CVE-2018-11870 Buffer overwrite can occur when the legacy rates count received from the host is not checked against the maximum number of legacy rates in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in ... | N/A | NONE | β | 0 |
| CVE-2018-11861 Buffer overflow can happen in WLAN function due to lack of validation of the input length in Snapdragon Mobile in version SD 845, SD 850, SDA660. | N/A | NONE | β | 0 |
| CVE-2018-11862 Buffer overflow can happen in WLAN module due to lack of validation of the input length in Snapdragon Mobile in version SD 845, SD 850, SDA660. | N/A | NONE | β | 0 |
| CVE-2018-11865 Integer overflow may happen when calculating an internal structure size due to lack of validation of the input length in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210... | N/A | NONE | β | 0 |
| CVE-2018-11866 Integer overflow may happen in WLAN when calculating an internal structure size due to lack of validation of the input length in Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607... | N/A | NONE | β | 0 |
| CVE-2018-11871 Buffer overwrite can happen in WLAN function while processing set pdev parameter command due to lack of input validation in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version IPQ4019... | N/A | NONE | β | 0 |
| CVE-2018-11872 Improper input validation leads to buffer overwrite in the WLAN function that handles WMI commands in Snapdragon Mobile in version SD 845, SD 850, SDA660 | N/A | NONE | β | 0 |
| CVE-2018-11873 Improper input validation leads to buffer overwrite in the WLAN function that handles WLAN roam buffer in Snapdragon Mobile in version SD 845. | N/A | NONE | β | 0 |
| CVE-2018-11874 Buffer overflow if the length of passphrase is more than 32 when setting up secure NDP connection in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660. | N/A | NONE | β | 0 |
| CVE-2018-11875 Lack of check of buffer size before copying in a WLAN function can lead to a buffer overflow in Snapdragon Mobile in version SD 845, SD 850. | N/A | NONE | β | 0 |
| CVE-2018-11876 Lack of input validation while copying to buffer in WLAN will lead to a buffer overflow in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660. | N/A | NONE | β | 0 |
| CVE-2018-11877 When the buffer length passed is very large in WLAN, bounds check could be bypassed leading to potential buffer overwrite in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660. | N/A | NONE | β | 0 |
| CVE-2018-11879 When the buffer length passed is very large, bounds check could be bypassed leading to potential buffer overwrite in Snapdragon Mobile in version SD 845 | N/A | NONE | β | 0 |
| CVE-2018-11880 Incorrect bound check can lead to potential buffer overwrite in WLAN function in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660. | N/A | NONE | β | 0 |
| CVE-2018-11882 Incorrect bound check can lead to potential buffer overwrite in WLAN controller in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660. | N/A | NONE | β | 0 |
| CVE-2018-18829 There exists a NULL pointer dereference in ff_vc1_parse_frame_header_adv in vc1.c in Libav 12.3, which allows attackers to cause a denial-of-service through a crafted aac file. | N/A | NONE | β | 0 |
| CVE-2018-11884 Improper input validation leads to buffer overflow while processing network list offload command in WLAN function in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660 | N/A | NONE | β | 0 |
| CVE-2018-17908 WebAccess Versions 8.3.2 and prior. During installation, the application installer disables user access control and does not re-enable it after the installation is complete. This could allow an attack... | N/A | NONE | β | 0 |
| CVE-2018-17910 WebAccess Versions 8.3.2 and prior. The application fails to properly validate the length of user-supplied data, causing a buffer overflow condition that allows for arbitrary remote code execution. | N/A | NONE | β | 0 |
| CVE-2018-18387 playSMS through 1.4.2 allows Privilege Escalation through Daemon abuse. | N/A | NONE | β | 0 |
| CVE-2018-17615 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the targ... | N/A | NONE | β | 0 |
| CVE-2018-18830 An issue was discovered in com\mingsoft\basic\action\web\FileAction.java in MCMS 4.6.5. Since the upload interface does not verify the user login status, you can use this interface to upload files wit... | N/A | NONE | β | 0 |
| CVE-2018-16478 A Path Traversal in simplehttpserver versions <=0.2.1 allows to list any file in another folder of web root. | N/A | NONE | β | 0 |
| CVE-2018-17616 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the targ... | N/A | NONE | β | 0 |
| CVE-2018-17617 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the targ... | N/A | NONE | β | 0 |
| CVE-2018-17618 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the targ... | N/A | NONE | β | 0 |
| CVE-2018-17619 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the targ... | N/A | NONE | β | 0 |
| CVE-2018-18831 An issue was discovered in com\mingsoft\cms\action\GeneraterAction.java in MCMS 4.6.5. An attacker can write a .jsp file (in the position parameter) to an arbitrary directory via a ../ Directory Trave... | N/A | NONE | β | 0 |
| CVE-2018-17620 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the targ... | N/A | NONE | β | 0 |
| CVE-2018-17621 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the targ... | N/A | NONE | β | 0 |
| CVE-2018-17622 This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.1.0.5096. User interaction is required to exploit this vulnerability in that ... | 6.5 | MEDIUM | β | 0 |
| CVE-2018-17623 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the targ... | N/A | NONE | β | 0 |
| CVE-2018-18832 admin/check.asp in DKCMS 9.4 allows SQL Injection via an ASPSESSIONID cookie to admin/admin.asp. | N/A | NONE | β | 0 |
| CVE-2018-17624 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.1.0.5096. User interaction is required to exploit this vulnerability in that the targ... | N/A | NONE | β | 0 |
| CVE-2018-17706 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF Phantom PDF 9.1.5096. User interaction is required to exploit this vulnerability in... | N/A | NONE | β | 0 |
| CVE-2018-18817 The Leostream Agent before Build 7.0.1.0 when used with Leostream Connection Broker 8.2.72 or earlier allows remote attackers to modify registry keys via the Leostream Agent API. | N/A | NONE | β | 0 |
| CVE-2018-18822 Grapixel New Media v2.0 allows SQL Injection via the pages.aspx pageref parameter. | N/A | NONE | β | 0 |
| CVE-2018-18825 Pagoda Linux panel V6.0 has XSS via the verification code associated with an invalid account login. A crafted code is mishandled during rendering of the login log. | N/A | NONE | β | 0 |
| CVE-2018-18826 There exists a heap-based buffer overflow in vc1_decode_p_mb_intfi in vc1_block.c in Libav 12.3, which allows attackers to cause a denial-of-service via a crafted aac file. | N/A | NONE | β | 0 |
| CVE-2018-18827 There exists a heap-based buffer over-read in ff_vc1_pred_dc in vc1_block.c in Libav 12.3, which allows attackers to cause a denial-of-service via a crafted aac file. | N/A | NONE | β | 0 |
| CVE-2018-18828 There exists a heap-based buffer overflow in vc1_decode_i_block_adv in vc1_block.c in Libav 12.3, which allows attackers to cause a denial-of-service via a crafted aac file. | N/A | NONE | β | 0 |
| CVE-2018-18842 CSRF exists in zb_users/plugin/AppCentre/theme.js.php in Z-BlogPHP 1.5.2.1935 (Zero), which allows remote attackers to execute arbitrary PHP code. | N/A | NONE | β | 0 |
| CVE-2018-0734 The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in Open... | 5.9 | MEDIUM | β | 0 |
| CVE-2015-7266 The Interactive Advertising Bureau (IAB) OpenRTB 2.3 protocol implementation might allow remote attackers to conceal the status of ad transactions and potentially compromise bid integrity by leveragin... | N/A | NONE | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.