Skip to main content
CVE-2018-5855 CRITICAL PATCH Act Now

While padding or shrinking a nested wmi packet in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, a. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Linux Google Mozilla +1
NVD
CVSS 3.0
9.8
EPSS
1.1%
CVE-2018-3608 CRITICAL Act Now

A vulnerability in Trend Micro Maximum Security's (Consumer) 2018 (versions 12.0.1191 and below) User-Mode Hooking (UMH) driver could allow an attacker to create a specially crafted packet that could. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection Trend Micro RCE Antivirus Security Internet Security +4
NVD
CVSS 3.0
9.8
EPSS
3.4%
CVE-2018-3586 CRITICAL Act Now

An integer overflow to buffer overflow vulnerability exists in the ADSPRPC heap manager in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Integer Overflow Linux Google Mozilla +1
NVD
CVSS 3.0
9.8
EPSS
0.6%
CVE-2018-13410 CRITICAL Act Now

Info-ZIP Zip 3.0, when the -T and -TT command-line options are used, allows attackers to cause a denial of service (invalid free and application crash) or possibly have unspecified other impact. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Denial Of Service Use After Free Zip
NVD
CVSS 3.0
9.8
EPSS
4.0%
CVE-2018-5885 CRITICAL Act Now

While loading dynamic fonts, a buffer overflow may occur if the number of segments in the font file is out of range in Snapdragon Mobile and Snapdragon Wear. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Msm8909W Firmware Msm8996au Firmware Sd 210 Firmware +9
NVD
CVSS 3.0
9.8
EPSS
1.0%
CVE-2018-5882 CRITICAL Act Now

While parsing a Flac file with a corrupted comment block, a buffer over-read can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Qualcomm Mdm9206 Firmware Mdm9607 Firmware +22
NVD
CVSS 3.0
9.8
EPSS
0.7%
CVE-2018-5878 CRITICAL Act Now

While sending the response to a RIL_REQUEST_GET_SMSC_ADDRESS message, a buffer overflow can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Mdm9206 Firmware Mdm9607 Firmware Mdm9635M Firmware +9
NVD
CVSS 3.0
9.8
EPSS
0.9%
CVE-2018-13347 CRITICAL PATCH Act Now

mpatch.c in Mercurial before 4.6.1 mishandles integer addition and subtraction, aka OVE-20180430-0002. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Mercurial
NVD
CVSS 3.0
9.8
EPSS
2.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy