Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 28 vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2018-19840
The function WavpackPackInit in pack_utils.c in libwavpack.a in WavPack up to and including 5.1.0 allows malicious users to cause a denial-of-service (resource exhaustion caused by an infinite loop) via a crafted wav audio file because WavpackSetConfiguration64 mishandles a sampl...
Wavpack Wavpack
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.0
383
VMScore
CVE-2018-19841
The function WavpackVerifySingleBlock in open_utils.c in libwavpack.a in WavPack up to and including 5.1.0 allows malicious users to cause a denial-of-service (out-of-bounds read and application crash) via a crafted WavPack Lossless Audio file, as demonstrated by wvunpack.
Wavpack Wavpack
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Opensuse Leap 15.0
Debian Debian Linux 9.0
668
VMScore
CVE-2018-8786
FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function update_read_bitmap_update() and results in a memory corruption and probably even a remote code execution.
Freerdp Freerdp 2.0.0
Freerdp Freerdp
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Debian Debian Linux 8.0
Fedoraproject Fedora 28
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Eus 7.6
Redhat Enterprise Linux Server Aus 7.6
383
VMScore
CVE-2018-18407
A heap-based buffer over-read exists in the tcpreplay-edit binary of Tcpreplay 4.3.0 beta1, during the incremental checksum operation. The issue gets triggered in the function csum_replace4() in incremental_checksum.h, causing a denial of service.
Broadcom Tcpreplay 4.3.0
Fedoraproject Fedora 28
Fedoraproject Fedora 29
383
VMScore
CVE-2018-18409
A stack-based buffer over-read exists in setbit() at iptree.h of TCPFLOW 1.5.0, due to received incorrect values causing incorrect computation, leading to denial of service during an address_histogram call or a get_histogram call.
Digitalcorpora Tcpflow 1.5.0
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
668
VMScore
CVE-2018-18408
A use-after-free exists in the tcpbridge binary of Tcpreplay 4.3.0 beta1. The issue gets triggered in the function post_args() at tcpbridge.c, causing a denial of service or possibly unspecified other impact.
Broadcom Tcpreplay 4.3.0
Fedoraproject Fedora 28
Fedoraproject Fedora 29
445
VMScore
CVE-2018-17848
The html package (aka x/net/html) through 2018-09-25 in Go mishandles <math><template><mn><b></template>, leading to a "panic: runtime error" (index out of range) in (*insertionModeStack).pop in node.go, called from inHeadIM, during an html...
Golang Net
Fedoraproject Fedora 28
Fedoraproject Fedora 29
445
VMScore
CVE-2018-17847
The html package (aka x/net/html) through 2018-09-25 in Go mishandles <svg><template><desc><t><svg></template>, leading to a "panic: runtime error" (index out of range) in (*nodeStack).pop in node.go, called from (*parser).clearActive...
Golang Net
Fedoraproject Fedora 28
Fedoraproject Fedora 29
445
VMScore
CVE-2018-17846
The html package (aka x/net/html) through 2018-09-25 in Go mishandles <table><math><select><mi><select></table>, leading to an infinite loop during an html.Parse call because inSelectIM and inSelectInTableIM do not comply with a specification.
Golang Net
Fedoraproject Fedora 28
Fedoraproject Fedora 29
445
VMScore
CVE-2018-17143
The html package (aka x/net/html) through 2018-09-17 in Go mishandles <template><tBody><isindex/action=0>, leading to a "panic: runtime error" in inBodyIM in parse.go during an html.Parse call.
Golang Net
Fedoraproject Fedora 28
Fedoraproject Fedora 29
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »