olivia

61 exploits Active since Jul 2018
CVE-2018-13866 WRITEUP CRITICAL WRITEUP
Hdfgroup Hdf5 - Out-of-Bounds Read
An issue was discovered in the HDF HDF5 1.8.20 library. There is a stack-based buffer over-read in the function H5F_addr_decode_len in H5Fint.c.
CVSS 9.8
CVE-2018-13867 WRITEUP CRITICAL WRITEUP
Hdfgroup Hdf5 - Out-of-Bounds Read
An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in the function H5F__accum_read in H5Faccum.c.
CVSS 9.8
CVE-2018-13868 WRITEUP CRITICAL WRITEUP
Hdfgroup Hdf5 - Out-of-Bounds Read
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_fill_old_decode in H5Ofill.c.
CVSS 9.8
CVE-2018-13870 WRITEUP CRITICAL WRITEUP
Hdfgroup Hdf5 - Out-of-Bounds Read
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_link_decode in H5Olink.c.
CVSS 9.8
CVE-2018-13871 WRITEUP CRITICAL WRITEUP
Hdfgroup Hdf5 - Out-of-Bounds Write
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer overflow in the function H5FL_blk_malloc in H5FL.c.
CVSS 9.8
CVE-2018-13873 WRITEUP CRITICAL WRITEUP
Hdfgroup Hdf5 < 1.8.20 - Out-of-Bounds Read
An issue was discovered in the HDF HDF5 1.8.20 library. There is a buffer over-read in H5O_chunk_deserialize in H5Ocache.c.
CVSS 9.8
CVE-2018-13874 WRITEUP CRITICAL WRITEUP
Hdfgroup Hdf5 - Out-of-Bounds Write
An issue was discovered in the HDF HDF5 1.8.20 library. There is a stack-based buffer overflow in the function H5FD_sec2_read in H5FDsec2.c, related to HDmemset.
CVSS 9.8
CVE-2018-13875 WRITEUP HIGH WRITEUP
Hdfgroup Hdf5 - Out-of-Bounds Read
An issue was discovered in the HDF HDF5 1.8.20 library. There is an out-of-bounds read in the function H5VM_memcpyvv in H5VM.c.
CVSS 7.8
CVE-2018-13876 WRITEUP CRITICAL WRITEUP
Hdfgroup Hdf5 - Out-of-Bounds Write
An issue was discovered in the HDF HDF5 1.8.20 library. There is a stack-based buffer overflow in the function H5FD_sec2_read in H5FDsec2.c, related to HDread.
CVSS 9.8
CVE-2018-16368 WRITEUP MEDIUM WRITEUP
Xpdf - Out-of-Bounds Read
SplashXPath::strokeAdjust in splash/SplashXPath.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm.
CVSS 5.5
CVE-2018-16369 WRITEUP MEDIUM WRITEUP
Xpdf - Denial of Service
XRef::fetch in XRef.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (stack consumption) via a crafted pdf file, related to AcroForm::scanField, as demonstrated by pdftohtml. NOTE: this might overlap CVE-2018-7453.
CVSS 5.5
CVE-2018-16438 WRITEUP HIGH WRITEUP
Hdfgroup Hdf5 - Out-of-Bounds Read
An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in H5L_extern_query at H5Lexternal.c.
CVSS 8.8
CVE-2018-17096 WRITEUP MEDIUM WRITEUP
Olli Parviainen SoundTouch 2.0 - DoS
The BPMDetect class in BPMDetect.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (assertion failure and application exit), as demonstrated by SoundStretch.
CVSS 6.5
CVE-2018-18454 WRITEUP MEDIUM WRITEUP
Xpdf - Out-of-Bounds Read
CCITTFaxStream::readRow() in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm.
CVSS 5.5
CVE-2018-18455 WRITEUP MEDIUM WRITEUP
Xpdf - Out-of-Bounds Read
The GfxImageColorMap class in GfxState.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm.
CVSS 5.5
CVE-2018-18456 WRITEUP MEDIUM WRITEUP
Xpdf - Out-of-Bounds Read
The function Object::isName() in Object.h (called from Gfx::opSetFillColorN) in Xpdf 4.00 allows remote attackers to cause a denial of service (stack-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm.
CVSS 5.5
CVE-2018-18457 WRITEUP MEDIUM WRITEUP
Xpdf - NULL Pointer Dereference
The function DCTStream::readScan in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm.
CVSS 5.5
CVE-2018-18458 WRITEUP MEDIUM WRITEUP
Xpdf - NULL Pointer Dereference
The function DCTStream::decodeImage in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm.
CVSS 5.5
CVE-2018-18459 WRITEUP MEDIUM WRITEUP
Xpdf - NULL Pointer Dereference
The function DCTStream::getBlock in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm.
CVSS 5.5
CVE-2018-18662 WRITEUP MEDIUM WRITEUP
Artifex Mupdf - Out-of-Bounds Read
There is an out-of-bounds read in fz_run_t3_glyph in fitz/font.c in Artifex MuPDF 1.14.0, as demonstrated by mutool.
CVSS 5.5
CVE-2018-19503 WRITEUP HIGH WRITEUP
Freeware Advanced Audio Decoder 2 <2.8.1 - Buffer Overflow
An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.1. There was a stack-based buffer overflow in the function calculate_gain() in libfaad/sbr_hfadj.c.
CVSS 7.8
CVE-2018-19504 WRITEUP HIGH WRITEUP
Freeware Advanced Audio Decoder 2 <2.8.1 - Memory Corruption
An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.1. There is a NULL pointer dereference in ifilter_bank() in libfaad/filtbank.c.
CVSS 7.8
CVE-2018-19881 WRITEUP MEDIUM WRITEUP
Artifex MuPDF 1.14.0 - DoS
In Artifex MuPDF 1.14.0, svg/svg-run.c allows remote attackers to cause a denial of service (recursive calls followed by a fitz/xml.c fz_xml_att crash from excessive stack consumption) via a crafted svg file, as demonstrated by mupdf-gl.
CVSS 5.5
CVE-2018-19882 WRITEUP MEDIUM WRITEUP
Artifex MuPDF <1.14.0 - DoS
In Artifex MuPDF 1.14.0, the svg_run_image function in svg/svg-run.c allows remote attackers to cause a denial of service (href_att NULL pointer dereference and application crash) via a crafted svg file, as demonstrated by mupdf-gl.
CVSS 5.5
CVE-2018-20096 WRITEUP MEDIUM WRITEUP
Exiv2 <0.27-RC3 - Buffer Overflow
There is a heap-based buffer over-read in the Exiv2::tEXtToDataBuf function of pngimage.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.
CVSS 6.5