Security Vulnerabilities - CVEs Published In August 2018
An issue has been found in jpeg_encoder through 2015-11-27. It is a heap-based buffer overflow in the function readFromBMP in jpeg_encoder.cpp.
CVSS Score
7.8
EPSS Score
0.002
Published
2018-08-05
An issue has been found in PDF2JSON 0.69. The HtmlString class in ImgOutputDev.cc has Mismatched Memory Management Routines (malloc versus operator delete).
CVSS Score
8.8
EPSS Score
0.004
Published
2018-08-05
An issue has been found in PDF2JSON 0.69. XmlFontAccu::CSStyle in XmlFonts.cc has Mismatched Memory Management Routines (operator new [] versus operator delete).
CVSS Score
8.8
EPSS Score
0.004
Published
2018-08-05
An issue has been found in dilawar sound through 2017-11-27. The end of openWavFile in wav-file.cc has Mismatched Memory Management Routines (operator new [] versus operator delete).
CVSS Score
7.8
EPSS Score
0.002
Published
2018-08-05
The mail message display page in SquirrelMail through 1.4.22 has XSS via a "<svg><a xlink:href=" attack.
CVSS Score
6.1
EPSS Score
0.004
Published
2018-08-05
The mail message display page in SquirrelMail through 1.4.22 has XSS via a "<form action='data:text" attack.
CVSS Score
6.1
EPSS Score
0.004
Published
2018-08-05
The mail message display page in SquirrelMail through 1.4.22 has XSS via a "<math><maction xlink:href=" attack.
CVSS Score
6.1
EPSS Score
0.004
Published
2018-08-05
The mail message display page in SquirrelMail through 1.4.22 has XSS via a "<math xlink:href=" attack.
CVSS Score
6.1
EPSS Score
0.004
Published
2018-08-05
The mail message display page in SquirrelMail through 1.4.22 has XSS via the formaction attribute.
CVSS Score
6.1
EPSS Score
0.004
Published
2018-08-05
The mail message display page in SquirrelMail through 1.4.22 has XSS via SVG animations (animate to attribute).
CVSS Score
6.1
EPSS Score
0.004
Published
2018-08-05