Vulnerabilities > Critical

DATE CVE VULNERABILITY TITLE RISK
2018-02-28 CVE-2018-7553 Out-of-bounds Write vulnerability in multiple products
There is a heap-based buffer overflow in the pcxLoadRaster function of in_pcx.cpp in sam2p 0.49.4.
network
low complexity
sam2p-project debian CWE-787
critical
 9.8
9.8
2018-02-28 CVE-2018-7552 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
There is an invalid free in Mapping::DoubleHash::clear in mapping.cpp that leads to a Segmentation fault in sam2p 0.49.4.
network
low complexity
sam2p-project debian CWE-119
critical
 9.8
9.8
2018-02-28 CVE-2018-7551 Use After Free vulnerability in multiple products
There is an invalid free in MiniPS::delete0 in minips.cpp that leads to a Segmentation fault in sam2p 0.49.4.
network
low complexity
sam2p-project debian CWE-416
critical
 9.8
9.8
2018-02-28 CVE-2018-6641 Use After Free vulnerability in Wiris Mathtype 6.9C
An Arbitrary Free (Remote Code Execution) issue was discovered in Design Science MathType 6.9c.
network
low complexity
wiris CWE-416
critical
 9.8
9.8
2018-02-28 CVE-2018-6640 Out-of-bounds Write vulnerability in Wiris Mathtype 6.9C
A Heap Overflow (Remote Code Execution) issue was discovered in Design Science MathType 6.9c.
network
low complexity
wiris CWE-787
critical
 9.8
9.8
2018-02-28 CVE-2018-6639 Out-of-bounds Write vulnerability in Wiris Mathtype 6.9C
An out-of-bounds write (Remote Code Execution) issue was discovered in Design Science MathType 6.9c.
network
low complexity
wiris CWE-787
critical
 9.8
9.8
2018-02-28 CVE-2018-6638 Out-of-bounds Write vulnerability in Wiris Mathtype 6.9C
A stack-based buffer overflow (Remote Code Execution) issue was discovered in Design Science MathType 6.9c.
network
low complexity
wiris CWE-787
critical
 9.8
9.8
2018-02-27 CVE-2018-7548 NULL Pointer Dereference vulnerability in multiple products
In subst.c in zsh through 5.4.2, there is a NULL pointer dereference when using ${(PA)...} on an empty array result.
network
low complexity
zsh canonical CWE-476
critical
 9.8
9.8
2018-02-27 CVE-2017-18206 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
In utils.c in zsh before 5.4, symlink expansion had a buffer overflow.
network
low complexity
zsh canonical CWE-119
critical
 9.8
9.8
2018-02-27 CVE-2016-10714 Numeric Errors vulnerability in multiple products
In zsh before 5.3, an off-by-one error resulted in undersized buffers that were intended to support PATH_MAX characters.
network
low complexity
zsh canonical CWE-189
critical
 9.8
9.8