CVE-2018-16864

HIGH Year: 2018
CVSS v3 Score
7.4
High
CVSS v2 Score
4.6
Medium
Weakness Type
CWE-770
View all →

Vulnerability Description

An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash systemd-journald or escalate his privileges. Versions through v240 are vulnerable.

Related Vulnerabilities

CVE-2020-8203

HIGH
CVSS:7.4(High)

Prototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20.

CWE-7702020

CVE-2021-1285

HIGH
CVSS:7.4(High)

Multiple Cisco products are affected by a vulnerability in the Ethernet Frame Decoder of the Snort detection engine that could allow an unauthenticated, adjacent attacker to cause a denial of ser...

CWE-7702021

CVE-2025-20141

HIGH
CVSS:7.4(High)

A vulnerability in the handling of specific packets that are punted from a line card to a route processor in Cisco IOS XR Software Release 7.9.2 could allow an unauthenticated, adjacent attacker to ca...

CWE-7702025

CVE-2016-20013

HIGH
CVSS:7.5(High)

sha256crypt and sha512crypt through 0.6 allow attackers to cause a denial of service (CPU consumption) because the algorithm's runtime is proportional to the square of the length of the password.

CWE-7702016

CVE-2016-4074

HIGH
CVSS:7.5(High)

The jv_dump_term function in jq 1.5 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted JSON file. This issue has been fixed in jq 1.6_rc1-r0.

CWE-7702016

CVE-2017-11468

HIGH
CVSS:7.5(High)

Docker Registry before 2.6.2 in Docker Distribution does not properly restrict the amount of content accepted from a user, which allows remote attackers to cause a denial of service (memory consumptio...

CWE-7702017