Export limit exceeded: 86795 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (86795 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2018-3892 1 Yitechnology 2 Yi Home Camera, Yi Home Camera Firmware 2024-11-21 8.1 High
An exploitable firmware downgrade vulnerability exists in the time syncing functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted packet can cause a buffer overflow, resulting in code execution. An attacker can intercept and alter network traffic to trigger this vulnerability.
CVE-2018-3889 1 Pl32 1 Photoline 2024-11-21 7.8 High
A specially crafted PCX image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a PCX image to trigger this vulnerability and gain code execution.
CVE-2018-3888 1 Pl32 1 Photoline 2024-11-21 7.8 High
A memory corruption vulnerability exists in the PCX-parsing functionality of Computerinsel Photoline 20.53. A specially crafted PCX image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a PCX image to trigger this vulnerability and gain code execution.
CVE-2018-3887 1 Pl32 1 Photoline 2024-11-21 7.8 High
A memory corruption vulnerability exists in the PCX-parsing functionality of Computerinsel Photoline 20.53. A specially crafted PCX image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a PCX image to trigger this vulnerability and gain code execution.
CVE-2018-3886 1 Pl32 1 Photoline 2024-11-21 7.8 High
A memory corruption vulnerability exists in the PCX-parsing functionality of Computerinsel Photoline 20.53. A specially crafted PCX image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a PCX image to trigger this vulnerability and gain code execution.
CVE-2018-3879 1 Samsung 2 Sth-eth-250, Sth-eth-250 Firmware 2024-11-21 8.8 High
An exploitable JSON injection vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process incorrectly parses the user-controlled JSON payload, leading to a JSON injection which in turn leads to a SQL injection in the video-core database. An attacker can send a series of HTTP requests to trigger this vulnerability.
CVE-2018-3876 1 Samsung 2 Sth-eth-250, Sth-eth-250 Firmware 2024-11-21 8.8 High
An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 64 bytes. An attacker can send an arbitrarily long "bucket" value in order to exploit this vulnerability.
CVE-2018-3871 1 Acdsystems 1 Canvas Draw 2024-11-21 7.8 High
An exploitable out-of-bounds write exists in the PCX parsing functionality of Canvas Draw version 4.0.0. A specially crafted PCX image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a PCX image to trigger this vulnerability and gain code execution. A different vulnerability than CVE-2018-3870.
CVE-2018-3870 1 Acdsystems 1 Canvas Draw 2024-11-21 7.8 High
An exploitable out-of-bounds write exists in the PCX parsing functionality of Canvas Draw version 4.0.0. A specially crafted PCX image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a PCX image to trigger this vulnerability and gain code execution. A different vulnerability than CVE-2018-3871.
CVE-2018-3868 1 Computer-insel 1 Photoline 2024-11-21 7.8 High
A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this vulnerability and gain code execution.
CVE-2018-3865 1 Samsung 2 Sth-eth-250, Sth-eth-250 Firmware 2024-11-21 8.8 High
An exploitable buffer overflow vulnerability exists in the Samsung WifiScan handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy overflows the destination buffer, which has a size of 40 bytes. An attacker can send an arbitrarily long "cameraIp" value in order to exploit this vulnerability.
CVE-2018-3864 1 Samsung 2 Sth-eth-250, Sth-eth-250 Firmware 2024-11-21 8.8 High
An exploitable buffer overflow vulnerability exists in the Samsung WifiScan handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy overflows the destination buffer, which has a size of 40 bytes. An attacker can send an arbitrarily long "password" value in order to exploit this vulnerability.
CVE-2018-3862 1 Computer-insel 1 Photoline 2024-11-21 7.8 High
A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting
CVE-2018-3861 1 Computer-insel 1 Photoline 2024-11-21 7.8 High
A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this vulnerability and gain code execution.
CVE-2018-3860 1 Acdsystems 1 Canvas Draw 2024-11-21 7.8 High
An exploitable out-of-bounds write exists in the TIFF parsing functionality of Canvas Draw version 4.0.0. A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this vulnerability and gain the ability to execute code. A different vulnerability than CVE-2018-3859.
CVE-2018-3859 1 Acdsystems 1 Canvas Draw 2024-11-21 7.8 High
An exploitable out-of-bounds write exists in the TIFF parsing functionality of Canvas Draw version 4.0.0. A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this vulnerability and gain code execution. A different vulnerability than CVE-2018-3860.
CVE-2018-3858 1 Acdsystems 1 Canvas Draw 2024-11-21 7.8 High
An exploitable heap overflow exists in the TIFF parsing functionality of Canvas Draw version 4.0.0. A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this vulnerability and gain the ability to execute code. A different vulnerability than CVE-2018-3857.
CVE-2018-3857 1 Acdsystems 1 Canvas Draw 2024-11-21 7.8 High
An exploitable heap overflow exists in the TIFF parsing functionality of Canvas Draw version 4.0.0. A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this vulnerability and gain code execution. A different vulnerability than CVE-2018-3858.
CVE-2018-3855 1 Hyland 1 Perceptive Document Filters 2024-11-21 7.8 High
In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Linux, a crafted OpenDocument document can lead to a SkCanvas object double free resulting in direct code execution.
CVE-2018-3854 1 Intuit 1 Quicken 2018 2024-11-21 7.1 High
An exploitable information disclosure vulnerability exists in the password protection functionality of Quicken Deluxe 2018 for Mac version 5.2.2. A specially crafted sqlite3 request can cause the removal of the password protection, allowing an attacker to access and modify the data without knowing the password. An attacker needs to have access to the password-protected files to trigger this vulnerability.