Search Results (21038 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2018-13898 1 Qualcomm 80 Mdm9150, Mdm9150 Firmware, Mdm9206 and 77 more 2024-11-21 N/A
Out-of-Bounds write due to incorrect array index check in PMIC in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607, MDM9650, MDM9655, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016, SXR1130
CVE-2018-13876 1 Hdfgroup 1 Hdf5 2024-11-21 N/A
An issue was discovered in the HDF HDF5 1.8.20 library. There is a stack-based buffer overflow in the function H5FD_sec2_read in H5FDsec2.c, related to HDread.
CVE-2018-13874 1 Hdfgroup 1 Hdf5 2024-11-21 N/A
An issue was discovered in the HDF HDF5 1.8.20 library. There is a stack-based buffer overflow in the function H5FD_sec2_read in H5FDsec2.c, related to HDmemset.
CVE-2018-13872 1 Hdfgroup 1 Hdf5 2024-11-21 N/A
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer overflow in the function H5G_ent_decode in H5Gent.c.
CVE-2018-13871 1 Hdfgroup 1 Hdf5 2024-11-21 N/A
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer overflow in the function H5FL_blk_malloc in H5FL.c.
CVE-2018-13833 1 Cmft Project 1 Cmft 2024-11-21 N/A
An issue was discovered in cmft through 2017-09-24. The cmft::rwReadFile function in image.cpp allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact.
CVE-2018-13797 1 Node-macaddress Project 1 Node-macaddress 2024-11-21 N/A
The macaddress module before 0.2.9 for Node.js is prone to an arbitrary command injection flaw, due to allowing unsanitized input to an exec (rather than execFile) call.
CVE-2018-13794 1 Catimg Project 1 Catimg 2024-11-21 9.8 Critical
A heap-based buffer overflow exists in stbi__bmp_load_cont in stb_image.h in catimg 2.4.0.
CVE-2018-13443 1 Block 1 Jit-wasm 2024-11-21 N/A
EOS.IO jit-wasm 4.1 has a heap-based buffer overflow via a crafted wast file.
CVE-2018-13418 1 Terra-master 1 Terramaster Operating System 2024-11-21 N/A
System command injection in ajaxdata.php in TerraMaster TOS 3.1.03 allows attackers to execute system commands via the "newname" parameter.
CVE-2018-13358 1 Terra-master 1 Terramaster Operating System 2024-11-21 N/A
System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands via the "checkName" parameter.
CVE-2018-13354 1 Terra-master 1 Terramaster Operating System 2024-11-21 N/A
System command injection in logtable.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands via the "Event" parameter.
CVE-2018-13353 1 Terra-master 1 Terramaster Operating System 2024-11-21 N/A
System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute commands via the "checkport" parameter.
CVE-2018-13347 2 Mercurial, Redhat 2 Mercurial, Enterprise Linux 2024-11-21 N/A
mpatch.c in Mercurial before 4.6.1 mishandles integer addition and subtraction, aka OVE-20180430-0002.
CVE-2018-13338 1 Terra-master 1 Terramaster Operating System 2024-11-21 N/A
System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands via the "username" parameter during user creation.
CVE-2018-13336 1 Terra-master 1 Terramaster Operating System 2024-11-21 N/A
System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands via the "pwd" parameter during user creation.
CVE-2018-13330 1 Terra-master 1 Terramaster Operating System 2024-11-21 N/A
System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands during group creation via the "groupname" parameter.
CVE-2018-13320 1 Buffalo 2 Ts5600d1206, Ts5600d1206 Firmware 2024-11-21 N/A
System Command Injection in network.set_auth_settings in Buffalo TS5600D1206 version 3.70-0.10 allows attackers to execute system commands via the adminUsername and adminPassword parameters.
CVE-2018-13318 1 Buffalo 2 Ts5600d1206, Ts5600d1206 Firmware 2024-11-21 N/A
System command injection in User.create method in Buffalo TS5600D1206 version 3.61-0.10 allows attackers to execute system commands via the "name" parameter.
CVE-2018-13316 1 Totolink 2 A3002ru, A3002ru Firmware 2024-11-21 N/A
System command injection in formAliasIp in TOTOLINK A3002RU version 1.0.8 allows attackers to execute system commands via the "subnet" POST parameter.