Security Vulnerabilities - CVEs Published In October 2018
When dynamic memory allocation fails, currently the process sleeps for one second and continues with infinite loop without retrying for memory allocation in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, QCN5502, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835.
CVSS Score
5.5
EPSS Score
0.0
Published
2018-10-23
Non-secure SW can cause SDCC to generate secure bus accesses, which may expose RPM access in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 835, SDA660.
CVSS Score
7.8
EPSS Score
0.001
Published
2018-10-23
Possible memory corruption when Read Val Blob Req is received with invalid parameters in Snapdragon Mobile in version QCA9379, SD 210/SD 212/SD 205, SD 625, SD 835, SD 845, SD 850, SDA660.
CVSS Score
6.5
EPSS Score
0.006
Published
2018-10-23
BigProf AppGini 5.70 stores the passwords in the database using the MD5 hash.
CVSS Score
5.3
EPSS Score
0.001
Published
2018-10-23
In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write.
CVSS Score
6.5
EPSS Score
0.027
Published
2018-10-23
chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character (such as the "/\0" name).
CVSS Score
4.3
EPSS Score
0.004
Published
2018-10-23
chmextract.c in the chmextract sample program, as distributed with libmspack before 0.8alpha, does not protect against absolute/relative pathnames in CHM files, leading to Directory Traversal. NOTE: the vendor disputes that this is a libmspack vulnerability, because chmextract.c was only intended as a source-code example, not a supported application
CVSS Score
5.3
EPSS Score
0.004
Published
2018-10-23
An issue has been found in LuPng through 2017-03-10. It is a heap-based buffer over-read in internalPrintf in miniz/lupng.c.
CVSS Score
8.8
EPSS Score
0.004
Published
2018-10-22
An issue has been found in LuPng through 2017-03-10. It is a heap-based buffer overflow in insertByte in miniz/lupng.c during a write operation for data obtained from a palette.
CVSS Score
8.8
EPSS Score
0.004
Published
2018-10-22
An issue has been found in LuPng through 2017-03-10. It is a heap-based buffer overflow in insertByte in miniz/lupng.c during a write operation for data obtained from a swap.
CVSS Score
8.8
EPSS Score
0.004
Published
2018-10-22