CVE-2018-1470

IBM Sterling File Gateway 2.2.0 through 2.2.6 could allow a remote authenticated attacker to obtain sensitive information displayed in the URL that could lead to further attacks against the system. IBM X-Force ID: 140688.

Source: CVE-2018-1470

CVE-2018-14471

dwg_obj_block_control_get_block_headers in dwg_api.c in GNU LibreDWG 0.5.1048 allows remote attackers to cause a denial of service (NULL pointer dereference and SEGV) via a crafted dwg file.

Source: CVE-2018-14471

CVE-2018-1398

IBM Sterling File Gateway 2.2.0 through 2.2.6 could allow a remote attacker to download certain files that could contain sensitive information. IBM X-Force ID: 138434.

Source: CVE-2018-1398

CVE-2018-1679

IBM Sterling B2B Integrator Standard Edition 5.2 through 5.2.6 could allow an unauthenticated user to obtain sensitive information that could be used in further attacks against the system. IBM X-Force ID: 145180.

Source: CVE-2018-1679

CVE-2018-14453

An issue was discovered in libgig 4.1.0. There is a heap-based buffer overflow in pData[1] access in the function store16 in helper.h.

Source: CVE-2018-14453

CVE-2018-14449

An issue was discovered in libgig 4.1.0. There is an out of bounds read in gig::File::UpdateChunks in gig.cpp.

Source: CVE-2018-14449

CVE-2018-14450

An issue was discovered in libgig 4.1.0. There is an out-of-bounds read in the "update dimension region’s chunks" feature of the function gig::Region::UpdateChunks in gig.cpp.

Source: CVE-2018-14450

CVE-2018-14451

An issue was discovered in libgig 4.1.0. There is a heap-based buffer overflow in the function RIFF::Chunk::Read in RIFF.cpp.

Source: CVE-2018-14451

CVE-2018-14459

An issue was discovered in libgig 4.1.0. There is an out-of-bounds write in pData[0] access in the function store16 in helper.h.

Source: CVE-2018-14459

CVE-2018-14460

An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_sdspace_decode in H5Osdspace.c.

Source: CVE-2018-14460