Overflow に分類される脆弱性に紐づく CVE を、公開年で絞り込みます。一覧は新しい公開が上に来る並びで、CVSS / EPSS のリスク指標でもさらに絞り込めます。
直近の脆弱性公開や傾向を押さえ、セキュリティチームが高リスクな事象や悪用の可能性を素早く把握するためのビューです。
2018 年に公開され、Overflow に分類される CVE を表示しています。 CVE の一覧へ
| CVE | 説明 | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|
| CVE-2018-6344 | A heap corruption in WhatsApp can be caused by a malformed RTP packet being sent after a call is established. The vulnerability can be used to cause denial of service. It affects WhatsApp for Android prior to v2.18.293, WhatsApp for iOS prior to v2.18.93, and WhatsApp for Windows Phone prior to v2.18.172. | 7.5 | 0.57% | 2018-12-31 | 2025-05-06 |
| CVE-2018-6340 | The Memcache::getextendedstats function can be used to trigger an out-of-bounds read. Exploiting this issue requires control over memcached server hostnames and/or ports. This affects all supported versions of HHVM (3.30 and 3.27.4 and below). | 8.1 | 0.43% | 2018-12-31 | 2025-05-06 |
| CVE-2018-6337 | folly::secureRandom will re-use a buffer between parent and child processes when fork() is called. That will result in multiple forked children producing repeat (or similar) results. This affects HHVM 3.26 prior to 3.26.3 and the folly library between v2017.12.11.00 and v2018.08.09.00. | 7.5 | 0.29% | 2018-12-31 | 2025-05-06 |
| CVE-2018-18601 | The TK_set_deviceModel_req_handle function in the cloud communication component in Guardzilla GZ621W devices with firmware 0.5.1.4 has a Buffer Overflow. | 8.1 | 0.46% | 2018-12-31 | 2025-05-06 |
| CVE-2018-20618 | ok-file-formats through 2018-10-16 has a heap-based buffer over-read in the ok_mo_decode2 function in ok_mo.c. | 8.8 | 0.40% | 2018-12-31 | 2025-05-06 |
| CVE-2018-20591 | A heap-based buffer over-read was discovered in decompileJUMP function in util/decompile.c of libming v0.4.8. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by swftocxx. | 6.5 | 0.28% | 2018-12-30 | 2024-11-21 |
| CVE-2018-20588 | lib/support/unicodeconv/unicodeconv.c in libotfcc.a in otfcc v0.10.3-alpha has a buffer over-read. | 6.5 | 0.29% | 2018-12-30 | 2024-11-21 |
| CVE-2018-18667 | The mintToken function of Pylon (PYLNT) aka PylonToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value, a related issue to CVE-2018-11812. | 7.5 | 0.29% | 2018-12-28 | 2024-11-21 |
| CVE-2018-18666 | The mintToken function of SwftCoin (SWFTC) aka SwftCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 | 0.29% | 2018-12-28 | 2024-11-21 |
| CVE-2018-18665 | The mintToken function of Nexxus (NXX) aka NexxusToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 7.5 | 0.41% | 2018-12-28 | 2024-11-21 |
| CVE-2018-20574 | The SingleDocParser::HandleFlowMap function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file. | 6.5 | 1.24% | 2018-12-28 | 2025-11-03 |
| CVE-2018-20573 | The Scanner::EnsureTokensInQueue function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file. | 6.5 | 1.24% | 2018-12-28 | 2025-11-03 |
| CVE-2018-20570 | jp2_encode in jp2/jp2_enc.c in JasPer 2.0.14 has a heap-based buffer over-read. | 6.5 | 1.00% | 2018-12-28 | 2024-11-21 |
| CVE-2018-20553 | Tcpreplay before 4.3.1 has a heap-based buffer over-read in get_l2len in common/get.c. | 7.8 | 0.25% | 2018-12-28 | 2024-11-21 |
| CVE-2018-20552 | Tcpreplay before 4.3.1 has a heap-based buffer over-read in packet2tree in tree.c. | 7.8 | 0.25% | 2018-12-28 | 2024-11-21 |
| CVE-2018-20549 | There is an illegal WRITE memory access at caca/file.c (function caca_file_read) in libcaca 0.99.beta19. | 8.8 | 0.93% | 2018-12-28 | 2024-11-21 |
| CVE-2018-20548 | There is an illegal WRITE memory access at common-image.c (function load_image) in libcaca 0.99.beta19 for 1bpp data. | 8.8 | 0.81% | 2018-12-28 | 2024-11-21 |
| CVE-2018-20547 | There is an illegal READ memory access at caca/dither.c (function get_rgba_default) in libcaca 0.99.beta19 for 24bpp data. | 8.1 | 1.01% | 2018-12-28 | 2024-11-21 |
| CVE-2018-20546 | There is an illegal READ memory access at caca/dither.c (function get_rgba_default) in libcaca 0.99.beta19 for the default bpp case. | 8.1 | 2.27% | 2018-12-28 | 2024-11-21 |
| CVE-2018-20545 | There is an illegal WRITE memory access at common-image.c (function load_image) in libcaca 0.99.beta19 for 4bpp data. | 8.8 | 1.91% | 2018-12-28 | 2024-11-21 |