Skip to main content
CVE-2018-20365 MEDIUM POC This Month

LibRaw::raw2image() in libraw_cxx.cpp has a heap-based buffer overflow. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Libraw
NVD GitHub
CVSS 3.0
6.5
EPSS
2.8%
CVE-2018-20364 MEDIUM POC This Month

LibRaw::copy_bayer in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointer dereference. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Libraw
NVD GitHub
CVSS 3.0
6.5
EPSS
2.6%
CVE-2018-20363 MEDIUM POC This Month

LibRaw::raw2image in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointer dereference. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Libraw
NVD GitHub
CVSS 3.0
6.5
EPSS
2.8%
CVE-2018-20349 MEDIUM POC This Month

The igraph_i_strdiff function in igraph_trie.c in igraph through 0.7.1 has an NULL pointer dereference that allows attackers to cause a denial of service (application crash) via a crafted object. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Igraph
NVD GitHub
CVSS 3.0
6.5
EPSS
1.6%
CVE-2018-20367 MEDIUM POC This Month

The "mall some commodity details: commodity consultation" component in WSTMart 2.0.8_181212 has stored XSS via the consultContent parameter, as demonstrated by the. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Wstmart
NVD GitHub
CVSS 3.0
6.1
EPSS
0.7%
CVE-2018-20362 MEDIUM POC This Month

A NULL pointer dereference was discovered in ifilter_bank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Freeware Advanced Audio Decoder 2
NVD GitHub
CVSS 3.0
5.5
EPSS
1.2%
CVE-2018-20361 MEDIUM POC This Month

An invalid memory address dereference was discovered in the hf_assembly function of libfaad/sbr_hfadj.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Freeware Advanced Audio Decoder 2
NVD GitHub
CVSS 3.0
5.5
EPSS
1.2%
CVE-2018-20360 MEDIUM POC This Month

An invalid memory address dereference was discovered in the sbr_process_channel function of libfaad/sbr_dec.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Freeware Advanced Audio Decoder 2 Debian Linux
NVD GitHub
CVSS 3.1
5.5
EPSS
1.1%
CVE-2018-20359 MEDIUM POC This Month

An invalid memory address dereference was discovered in the sbrDecodeSingleFramePS function of libfaad/sbr_dec.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Freeware Advanced Audio Decoder 2
NVD GitHub
CVSS 3.0
5.5
EPSS
1.2%
CVE-2018-20358 MEDIUM POC This Month

An invalid memory address dereference was discovered in the lt_prediction function of libfaad/lt_predict.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Freeware Advanced Audio Decoder 2
NVD GitHub
CVSS 3.0
5.5
EPSS
1.2%
CVE-2018-20357 MEDIUM POC This Month

A NULL pointer dereference was discovered in sbr_process_channel of libfaad/sbr_dec.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Freeware Advanced Audio Decoder 2
NVD GitHub
CVSS 3.0
5.5
EPSS
1.2%
CVE-2018-20348 MEDIUM POC This Month

libpff_item_tree_create_node in libpff_item_tree.c in libpff before experimental-20180714 allows attackers to cause a denial of service (infinite recursion) via a crafted file, related to. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Libpff
NVD GitHub
CVSS 3.0
5.5
EPSS
0.4%
CVE-2018-20351 MEDIUM This Month

The Markdown component in Evernote (Chinese) before 8.3.2 on macOS allows stored XSS, aka MAC-832. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Apple Evernote
NVD
CVSS 3.0
6.1
EPSS
0.6%
CVE-2018-19863 MEDIUM This Month

An issue was discovered in 1Password 7.2.3.BETA before 7.2.3.BETA-3 on macOS. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Apple 1Password
NVD
CVSS 3.0
5.5
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy