|
246901
|
6.5 |
MEDIUM
Network
|
ffmpeg
|
ffmpeg
|
An inconsistent bits-per-sample value in the ff_mpeg4_decode_picture_header function in libavcodec/mpeg4videodec.c in FFmpeg 4.0 may trigger an assertion violation while converting a crafted AVI file…
|
CWE-20
Improper Input Validation
|
CVE-2018-12459
|
2024-11-21 12:45 |
2018-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246902
|
6.5 |
MEDIUM
Network
|
ffmpeg
debian
|
ffmpeg
debian_linux
|
An improper integer type in the mpeg4_encode_gop_header function in libavcodec/mpeg4videoenc.c in FFmpeg 2.8 and 4.0 may trigger an assertion violation while converting a crafted AVI file to MPEG4, l…
|
CWE-20
Improper Input Validation
|
CVE-2018-12458
|
2024-11-21 12:45 |
2018-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246903
|
8.8 |
HIGH
Network
|
expresscart_project
|
expresscart
|
expressCart before 1.1.6 allows remote attackers to create an admin user via a /admin/setup Referer header.
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2018-12457
|
2024-11-21 12:45 |
2018-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246904
|
8.8 |
HIGH
Network
|
libbpg_project
|
libbpg
|
The restore_tqb_pixels function in hevc_filter.c in libavcodec, as used in libbpg 0.9.8 and other products, has an integer overflow that leads to a heap-based buffer overflow and remote code executio…
|
CWE-787
CWE-190
Out-of-bounds Write
Integer Overflow or Wraparound
|
CVE-2018-12447
|
2024-11-21 12:45 |
2018-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246905
|
4.7 |
MEDIUM
Local
|
google
|
boringssl
|
BoringSSL through 2018-06-14 allows a memory-cache side-channel attack on DSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover a DSA key, the attacker needs access to eit…
|
CWE-200
Information Exposure
|
CVE-2018-12440
|
2024-11-21 12:45 |
2018-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246906
|
4.7 |
MEDIUM
Local
|
matrixssl
|
matrixssl
|
MatrixSSL through 3.9.5 Open allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access t…
|
CWE-200
Information Exposure
|
CVE-2018-12439
|
2024-11-21 12:45 |
2018-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246907
|
4.9 |
MEDIUM
Physics
|
libsunec_project
|
libsunec
|
The Elliptic Curve Cryptography library (aka sunec or libsunec) allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECD…
|
CWE-200
CWE-320
Information Exposure
Key Management Errors
|
CVE-2018-12438
|
2024-11-21 12:45 |
2018-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246908
|
4.9 |
MEDIUM
Physics
|
libtom
linaro
|
libtomcrypt
op-tee
|
LibTomCrypt through 1.18.1 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to …
|
CWE-200
Information Exposure
|
CVE-2018-12437
|
2024-11-21 12:45 |
2018-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246909
|
4.7 |
MEDIUM
Local
|
wolfssl
|
wolfssl
|
wolfcrypt/src/ecc.c in wolfSSL before 3.15.1.patch allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the a…
|
CWE-200
Information Exposure
|
CVE-2018-12436
|
2024-11-21 12:45 |
2018-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246910
|
5.9 |
MEDIUM
Local
|
botan_project
|
botan
|
Botan 2.5.0 through 2.6.0 before 2.7.0 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP, related to dsa/dsa.cpp, ec_group/ec_group.c…
|
CWE-200
Information Exposure
|
CVE-2018-12435
|
2024-11-21 12:45 |
2018-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
