|
246391
|
7.5 |
HIGH
Network
|
axml_parser_project
|
axml_parser
|
CopyData in AxmlParser.c in AXML Parser through 2018-01-04 has an out-of-bounds read.
|
CWE-125
Out-of-bounds Read
|
CVE-2018-14401
|
2024-11-21 12:48 |
2018-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246392
|
9.8 |
CRITICAL
Network
|
phpcms_project
|
phpcms
|
libs\classes\attachment.class.php in PHPCMS 9.6.0 allows remote attackers to upload and execute arbitrary PHP code via a .txt?.php#.jpg URI in the SRC attribute of an IMG element within info[content]…
|
CWE-94
Code Injection
|
CVE-2018-14399
|
2024-11-21 12:48 |
2018-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246393
|
6.5 |
MEDIUM
Network
|
debian
ffmpeg
|
debian_linux
ffmpeg
|
libavformat/movenc.c in FFmpeg 3.2 and 4.0.2 allows attackers to cause a denial of service (application crash caused by a divide-by-zero error) with a user crafted audio file when converting to the M…
|
CWE-369
Divide By Zero
|
CVE-2018-14395
|
2024-11-21 12:48 |
2018-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246394
|
6.5 |
MEDIUM
Network
|
ffmpeg
|
ffmpeg
|
libavformat/movenc.c in FFmpeg before 4.0.2 allows attackers to cause a denial of service (application crash caused by a divide-by-zero error) with a user crafted Waveform audio file.
|
CWE-369
Divide By Zero
|
CVE-2018-14394
|
2024-11-21 12:48 |
2018-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246395
|
6.1 |
MEDIUM
Network
|
mybb
|
new_threads
|
The New Threads plugin before 1.2 for MyBB has XSS.
|
CWE-79
Cross-site Scripting
|
CVE-2018-14392
|
2024-11-21 12:48 |
2018-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246396
|
7.5 |
HIGH
Network
|
wireshark
|
wireshark
|
In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the IEEE 802.11 protocol dissector could crash. This was addressed in epan/crypt/airpdcap.c via bounds checking that prevents a buffer over-read.
|
CWE-125
Out-of-bounds Read
|
CVE-2018-14370
|
2024-11-21 12:48 |
2018-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246397
|
7.5 |
HIGH
Network
|
wireshark
debian
|
wireshark
debian_linux
|
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the HTTP2 dissector could crash. This was addressed in epan/dissectors/packet-http2.c by verifying that header data was found before …
|
CWE-20
Improper Input Validation
|
CVE-2018-14369
|
2024-11-21 12:48 |
2018-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246398
|
7.5 |
HIGH
Network
|
wireshark
debian
|
wireshark
debian_linux
|
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the Bazaar protocol dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-bzr.c by properly handling…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2018-14368
|
2024-11-21 12:48 |
2018-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246399
|
7.5 |
HIGH
Network
|
wireshark
|
wireshark
|
In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the CoAP protocol dissector could crash. This was addressed in epan/dissectors/packet-coap.c by properly checking for a NULL condition.
|
CWE-252
Unchecked Return Value
|
CVE-2018-14367
|
2024-11-21 12:48 |
2018-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246400
|
7.5 |
HIGH
Network
|
wireshark
|
wireshark
|
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ISMP dissector could crash. This was addressed in epan/dissectors/packet-ismp.c by validating the IPX address length to avoid a b…
|
CWE-125
Out-of-bounds Read
|
CVE-2018-14344
|
2024-11-21 12:48 |
2018-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
