CVE-2018-17336
UDisks 2.8.0 has a format string vulnerability in udisks_log in udiskslogging.c, allowing attackers to obtain sensitive information (stack contents), cause a denial of service (memory corruption), or possibly have unspecified other impact via a malformed filesystem label, as demonstrated by %d or %n substrings.
Source: CVE-2018-17336
CVE-2018-17334
An issue was discovered in libsvg2 through 2012-10-19. A stack-based buffer overflow in the svgGetNextPathField function in svg_string.c allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact because a strncpy copy limit is miscalculated.
Source: CVE-2018-17334
CVE-2018-17332
An issue was discovered in libsvg2 through 2012-10-19. The svgGetNextPathField function in svg_string.c returns its input pointer in certain circumstances, which might result in a memory leak caused by wasteful malloc calls.
Source: CVE-2018-17332
CVE-2018-17333
An issue was discovered in libsvg2 through 2012-10-19. A stack-based buffer overflow in svgStringToLength in svg_types.c allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact because sscanf is misused.
Source: CVE-2018-17333
CVE-2018-17321
An issue was discovered in SeaCMS 6.64. XSS exists in admin_datarelate.php via the time or maxHit parameter in a dorandomset action.
Source: CVE-2018-17321
CVE-2018-17322
Cross-site scripting (XSS) vulnerability in index.php/index/category/index in YUNUCMS 1.1.4 allows remote attackers to inject arbitrary web script or HTML via the area parameter.
Source: CVE-2018-17322
CVE-2018-14889
CouchDB in Vectra Networks Cognito Brain and Sensor before 4.3 contains a local code execution vulnerability.
Source: CVE-2018-14889
CVE-2018-14891
Management Console in Vectra Networks Cognito Brain and Sensor before 4.3 contains a local privilege escalation vulnerability.
Source: CVE-2018-14891
CVE-2018-14890
Vectra Networks Cognito Brain and Sensor before 4.2 contains a cross-site scripting (XSS) vulnerability in the Web Management Console.
Source: CVE-2018-14890
CVE-2018-12169
Platform sample code firmware in 4th Generation Intel Core Processor, 5th Generation Intel Core Processor, 6th Generation Intel Core Processor, 7th Generation Intel Core Processor and 8th Generation Intel Core Processor contains a logic error which may allow physical attacker to potentially bypass firmware authentication.
Source: CVE-2018-12169