| 2018-09-04 | CVE-2018-10907 | It was found that glusterfs server is vulnerable to multiple stack based buffer overflows due to functions in server-rpc-fopc.c allocating fixed size buffers using 'alloca(3)'. | 8.8 |
| 2018-09-04 | CVE-2018-10904 | It was found that glusterfs server does not properly sanitize file paths in the "trusted.io-stats-dump" extended attribute which is used by the "debug/io-stats" translator. | 8.8 |
| 2018-09-04 | CVE-2018-16430 | Out-of-bounds Read vulnerability in multiple products
GNU Libextractor through 1.7 has an out-of-bounds read vulnerability in EXTRACTOR_zip_extract_method() in zip_extractor.c. | 8.8 |
| 2018-09-02 | CVE-2018-16335 | Out-of-bounds Write vulnerability in multiple products
newoffsets handling in ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf. | 8.8 |
| 2018-08-31 | CVE-2018-16276 | Out-of-bounds Write vulnerability in multiple products
An issue was discovered in yurex_read in drivers/usb/misc/yurex.c in the Linux kernel before 4.17.7. | 7.8 |
| 2018-08-30 | CVE-2018-14622 | Unchecked Return Value vulnerability in multiple products
A null-pointer dereference vulnerability was found in libtirpc before version 0.3.3-rc3. | 7.5 |
| 2018-08-30 | CVE-2018-16058 | Improper Initialization vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth AVDTP dissector could crash. | 7.5 |
| 2018-08-30 | CVE-2018-16057 | In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Radiotap dissector could crash. | 7.5 |
| 2018-08-30 | CVE-2018-16056 | In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth Attribute Protocol dissector could crash. | 7.5 |
| 2018-08-29 | CVE-2018-1318 | Improper Input Validation vulnerability in multiple products
Adding method ACLs in remap.config can cause a segfault when the user makes a carefully crafted request. | 7.5 |