CVE-2018-9145

In Exiv2 0.26, there is a reachable assertion abort in the function Exiv2::DataBuf::DataBuf at include/exiv2/types.hpp.

Source: CVE-2018-9145

CVE-2018-9144

In Exiv2 0.26, there is an out-of-bounds read in Exiv2::Internal::binaryToString in image.cpp. It could result in denial of service or information disclosure.

Source: CVE-2018-9144

CVE-2018-9143

On Samsung mobile devices with M(6.0) and N(7.x) software, a heap overflow in the sensorhub binder service leads to code execution in a privileged process, aka SVE-2017-10991.

Source: CVE-2018-9143

CVE-2018-9142

On Samsung mobile devices with N(7.x) software, attackers can install an arbitrary APK in the Secure Folder SD Card area because of faulty validation of a package signature and package name, aka SVE-2017-10932.

Source: CVE-2018-9142

CVE-2018-9141

On Samsung mobile devices with L(5.x), M(6.0), and N(7.x) software, Gallery allows remote attackers to execute arbitrary code via a BMP file with a crafted resolution, aka SVE-2017-11105.

Source: CVE-2018-9141

CVE-2018-9130

IBOS 4.4.3 has XSS via a company full name.

Source: CVE-2018-9130

CVE-2018-9140

On Samsung mobile devices with M(6.0) software, the Email application allows XSS via an event attribute and arbitrary file loading via a src attribute, aka SVE-2017-10747.

Source: CVE-2018-9140

CVE-2018-9132

libming 0.4.8 has a NULL pointer dereference in the getInt function of the decompile.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file.

Source: CVE-2018-9132

CVE-2018-9133

ImageMagick 7.0.7-26 Q16 has excessive iteration in the DecodeLabImage and EncodeLabImage functions (coders/tiff.c), which results in a hang (tens of minutes) with a tiny PoC file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tiff file.

Source: CVE-2018-9133

CVE-2018-9135

In ImageMagick 7.0.7-24 Q16, there is a heap-based buffer over-read in IsWEBPImageLossless in coders/webp.c.

Source: CVE-2018-9135