CVEs

CVE Aggregator

CVE ID

Severity

Classification Group

Target

Description

Report Date

CVE-2018-18385

Medium

Denial of Service

asciidoctor

Denial of Service in Asciidoctor parser given malicious input was discovered by fuzzing the Asciidoctor Ruby code. Fixed in Asciidoctor 1.5.8

October 16, 2018

CVE-2018-11506

High

Stack Overflow

Linux Kernel

Linux kernel through 4.16.12 allows local users to cause a stack-based buffer overflow due to buffers have different sizes at the CDROM layer and the SCSI layer

May 31, 2018

CVE-2018-10839

QEMU

CVE RESERVED for possible out of bound access in ne2000

May 21, 2018

CVE-2018-1098

High

CSRF

etcd

A cross-site request forgery flaw in etcd 3.3.1 and earlier. An attacker can set up a website that tries to send a POST request to the etcd server and modify a key.

February 25, 2018

CVE-2018-1099

Medium

Input Validation

etcd

DNS rebinding vulnerability in etcd 3.3.1 and earlier

February 25, 2018

CVE-2017-16544

Medium

Output Sanitization

Busybox

The Busybox shell does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code execution, arbitrary file writes, or other attacks.

November 7, 2017

CVE-2017-15873

Medium

Integer Overflow

Busybox

The get_next_block function in archival/libarchive/decompress_bunzip2.c in BusyBox 1.27.2 has an Integer Overflow that may lead to a write access violation.

October 22, 2017

CVE-2017-15874

Medium

Integer Underflow

Busybox

archival/libarchive/decompress_unlzma.c in BusyBox 1.27.2 has an Integer Underflow that leads to a read access violation.

October 22, 2017

CVE-2017-9951

High

Integer Overflow

memcached

The try_read_command function in memcached.c in memcached before 1.4.39 allows remote attackers to cause a denial of service (segmentation fault) via a request to add/set a key.

July 13, 2017

CVE-2017-9669

High

Heap Overflow

Alpine Linux

A heap overflow in apk (Alpine Linux's package manager) allows a remote attacker to cause a denial of service, or achieve code execution by crafting a malicious APKINDEX.tar.gz file.

June 25, 2017

CVE-2017-9671

High

Heap overflow

Alpine Linux

A heap overflow in apk (Alpine Linux's package manager) allows a remote attacker to cause a denial of service, or achieve code execution, by crafting a malicious APKINDEX.tar.gz file with a bad pax header block.

June 25, 2017

Ready to see Twistlock in action?

Get Twistlock