| Month | Quarter | Year |
|---|---|---|
| #18 | #19 | #N/A |
| CVE-ID | CWE-ID | Type | Score |
|---|---|---|---|
| CVE-2018-6966 | CWE-125 | Out-of-bounds Read | 8.1 |
|
VMware ESXi (6.7 before ESXi670-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain an out-of-bounds read vulnerability in the shader translator. Successful exploitation of this issue may lead to information disclosure or may allow attackers with normal user privileges to crash their VMs, a different vulnerability than CVE-2018-6965 and CVE-2018-6967.
|
|||
| CVE-2018-6965 | CWE-125 | Out-of-bounds Read | 8.1 |
|
VMware ESXi (6.7 before ESXi670-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain an out-of-bounds read vulnerability in the shader translator. Successful exploitation of this issue may lead to information disclosure or may allow attackers with normal user privileges to crash their VMs, a different vulnerability than CVE-2018-6966 and CVE-2018-6967.
|
|||
| CVE-2018-6957 | CWE-399 | Resource Management Errors | 5.3 |
|
VMware Workstation (14.x before 14.1.1, 12.x) and Fusion (10.x before 10.1.1 and 8.x) contain a denial-of-service vulnerability which can be triggered by opening a large number of VNC sessions. Note: In order for exploitation to be possible on Workstation and Fusion, VNC must be manually enabled.
|
|||
| CVE-2018-4996 | CWE-416 | Use After Free | 9.8 |
|
Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
|
|||
| CVE-2018-4947 | CWE-119 | Buffer Errors | 9.8 |
|
Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
|
|||
| CVE-2018-4901 | CWE-787 | Out-of-bounds Write | 8.8 |
|
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. The vulnerability is caused by the computation that writes data past the end of the intended buffer; the computation is part of the document identity representation. An attacker can potentially leverage the vulnerability to corrupt sensitive data or execute arbitrary code.
|
|||
| CVE-2018-4456 | CWE-119 | Buffer Errors | 7.8 |
|
A memory corruption issue was addressed with improved input validation. This issue affected versions prior to macOS High Sierra 10.13.6, macOS Mojave 10.14.
|
|||
| CVE-2018-4421 | CWE-119 | Buffer Errors | 7.8 |
|
A memory initialization issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.1.
|
|||
| CVE-2018-19716 | CWE-119 | Buffer Errors | 9.8 |
|
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.
|
|||
| CVE-2018-16076 | CWE-125 | Out-of-bounds Read | 8.8 |
|
Missing bounds check in PDFium in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file.
|
|||