CVE-2018-19756
There is a heap-based buffer over-read at stb_image.h (function: stbi__tga_load) in libsixel 1.8.2 that will cause a denial of service.
Source: CVE-2018-19756
CVE-2018-19756
There is a heap-based buffer over-read at stb_image.h (function: stbi__tga_load) in libsixel 1.8.2 that will cause a denial of service.
Source: CVE-2018-19756
CVE-2018-19757
There is a NULL pointer dereference at function sixel_helper_set_additional_message (status.c) in libsixel 1.8.2 that will cause a denial of service.
Source: CVE-2018-19757
CVE-2018-19763
There is a heap-based buffer over-read at writer.c (function: write_png_to_file) in libsixel 1.8.2 that will cause a denial of service.
Source: CVE-2018-19763
CVE-2018-19759
There is a heap-based buffer over-read at stb_image_write.h (function: stbi_write_png_to_mem) in libsixel 1.8.2 that will cause a denial of service.
Source: CVE-2018-19759
CVE-2018-19758
There is a heap-based buffer over-read at wav.c in wav_write_header in libsndfile 1.0.28 that will cause a denial of service.
Source: CVE-2018-19758
CVE-2018-19527
i4 assistant 7.85 allows XSS via a crafted machine name field within iOS settings.
Source: CVE-2018-19527
CVE-2018-19497
In The Sleuth Kit (TSK) through 4.6.4, hfs_cat_traverse in tsk/fs/hfs.c does not properly determine when a key length is too large, which allows attackers to cause a denial of service (SEGV on unknown address with READ memory access in a tsk_getu16 call in hfs_dir_open_meta_cb in tsk/fs/hfs_dent.c).
Source: CVE-2018-19497
CVE-2018-19752
DomainMOD through 4.11.01 has XSS via the assets/add/registrar.php notes field for the Registrar.
Source: CVE-2018-19752
CVE-2018-18619
internal/advanced_comment_system/admin.php in Advanced Comment System 1.0 is prone to an SQL injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query, allowing remote attackers to execute the sqli attack via a URL in the "page" parameter. NOTE: The product is discontinued.
Source: CVE-2018-18619