CVE-2018-14450

An issue was discovered in libgig 4.1.0. There is an out-of-bounds read in the "update dimension region's chunks" feature of the function gig::Region::UpdateChunks in gig.cpp.

Publication date: Fri, 20 Jul 2018 20:29:00 +0000

Cyber News related to CVE-2018-14450

CVE-2018-1000672 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-16391, CVE-2018-16392, CVE-2018-16393, CVE-2018-16418, CVE-2018-16419, CVE-2018-16420, CVE-2018-16421, CVE-2018-16422, CVE-2018-16423, CVE-2018-16424, CVE-2018-16425, ...
55 years ago Tenable.com

CVE-2018-14450 - An issue was discovered in libgig 4.1.0. There is an out-of-bounds read in the "update dimension region's chunks" feature of the function gig::Region::UpdateChunks in gig.cpp. ...
6 years ago

CVE-2019-14451 - RepetierServer.exe in Repetier-Server 0.8 through 0.91 does not properly validate the XML data structure provided when uploading a new printer configuration. When this is combined with CVE-2019-14450, an attacker can upload an "external ...
5 years ago

CVE-2019-14450 - A directory traversal vulnerability was discovered in RepetierServer.exe in Repetier-Server 0.8 through 0.91 that allows for the creation of a user controlled XML file at an unintended location. When this is combined with CVE-2019-14451, an attacker ...
5 years ago

CVE-2020-14450 - An issue was discovered in Mattermost Server before 5.22.0. The markdown renderer allows attackers to cause a denial of service (client-side), aka MMSA-2020-0017. ...
4 years ago

CVE-2017-14450 - A buffer overflow vulnerability exists in the GIF image parsing functionality of SDL2_image-2.0.2. A specially crafted GIF image can lead to a buffer overflow on a global section. An attacker can display an image to trigger this vulnerability. ...
2 years ago

CVE-2018-0912 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0923 - Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from ...
5 years ago

CVE-2018-0916 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0914 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0921 - Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from ...
5 years ago

CVE-2018-0909 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0911 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0947 - Microsoft SharePoint Foundation 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0917 - Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from ...
5 years ago

CVE-2018-0910 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0944 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0913 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0769 - Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine ...
4 years ago

CVE-2018-0778 - Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID ...
4 years ago

CVE-2018-0773 - Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID ...
4 years ago

CVE-2018-0772 - Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 ...
4 years ago

CVE-2018-0758 - Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine ...
4 years ago

CVE-2018-0781 - Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine ...
4 years ago

CVE-2018-0770 - Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine ...
4 years ago

Latest Cyber News

Threat Actors Exploiting DeepSeek's Popularity To Deploy Malware - 28 minutes ago
Windows 11’s New Compression Formats Pose Security Risks with libarchive - 46 minutes ago
Russian Hackers Leverages Weaponized Microsoft Key Management Service (KMS) To Hack Windows Systems - 2 hours ago
New Malware Exploiting Outlook As a Communication Channel via The Microsoft Graph API - 2 hours ago
Have I Been Pwned likely to Ban Resellers - 3 hours ago
Path Confusion in Nginx/Apache Leads to Critical Auth Bypass in PAN-OS - 3 hours ago
Amazon Machine Image Name Confusion Attack Let Attackers Publish Resource - 3 hours ago
KASLR Exploited: Breaking macOS Apple Silicon Kernel Hardening Techniques - 4 hours ago
Hackers Using Pyramid Pentesting Tool For Stealthy C2 Communications - 5 hours ago
BadPilot Attacking Network Devices To Expand Russian Seashell Blizzard's Attacks - 6 hours ago
CrowdStrike Falcon Sensor for Linux TLS Vulnerability Enabling MiTM Attack - 8 hours ago
Massive IoT Data Breach Exposes 2.7 Billion Records, Including Wi-Fi Passwords - 9 hours ago
PAN-OS Vulnerability Let Attackers Bypass Web Interface Authentication - 10 hours ago
Chrome use-after-free Vulnerability Let Attackers Execute Code Remotely - 10 hours ago
Japan Goes on Offense With New 'Active Cyber Defense' Bill - 10 hours ago
zkLend loses $9.5M in crypto heist, asks hacker to return 90% - 13 hours ago
Surge in attacks exploiting old ThinkPHP and ownCloud flaws - 13 hours ago
Trump to Nominate Ex-RNC Official as National Cyber Director - 13 hours ago
Cybercrime evolving into national security threat: Google | The Record from Recorded Future News - 14 hours ago
Ransomware attack disrupting Michigan's Sault Tribe operations | The Record from Recorded Future News - 15 hours ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

Threat Actors Exploiting DeepSeek's Popularity To Deploy Malware - 28 minutes ago
Windows 11’s New Compression Formats Pose Security Risks with libarchive - 46 minutes ago
Russian Hackers Leverages Weaponized Microsoft Key Management Service (KMS) To Hack Windows Systems - 2 hours ago
New Malware Exploiting Outlook As a Communication Channel via The Microsoft Graph API - 2 hours ago
Have I Been Pwned likely to Ban Resellers - 3 hours ago
Path Confusion in Nginx/Apache Leads to Critical Auth Bypass in PAN-OS - 3 hours ago
Amazon Machine Image Name Confusion Attack Let Attackers Publish Resource - 3 hours ago
KASLR Exploited: Breaking macOS Apple Silicon Kernel Hardening Techniques - 4 hours ago
Hackers Using Pyramid Pentesting Tool For Stealthy C2 Communications - 5 hours ago
BadPilot Attacking Network Devices To Expand Russian Seashell Blizzard's Attacks - 6 hours ago
CrowdStrike Falcon Sensor for Linux TLS Vulnerability Enabling MiTM Attack - 8 hours ago
Massive IoT Data Breach Exposes 2.7 Billion Records, Including Wi-Fi Passwords - 9 hours ago
PAN-OS Vulnerability Let Attackers Bypass Web Interface Authentication - 10 hours ago
Chrome use-after-free Vulnerability Let Attackers Execute Code Remotely - 10 hours ago
Japan Goes on Offense With New 'Active Cyber Defense' Bill - 10 hours ago
zkLend loses $9.5M in crypto heist, asks hacker to return 90% - 13 hours ago
Surge in attacks exploiting old ThinkPHP and ownCloud flaws - 13 hours ago
Trump to Nominate Ex-RNC Official as National Cyber Director - 13 hours ago
Cybercrime evolving into national security threat: Google | The Record from Recorded Future News - 14 hours ago
Ransomware attack disrupting Michigan's Sault Tribe operations | The Record from Recorded Future News - 15 hours ago