IBM Notes Diagnostics (IBM Client Application Access and IBM Notes) could allow a local user to execute commands on the system. By crafting a command line sent via the shared memory IPC, which could be tricked into executing an executable chosen by the attacker. IBM X-Force ID: 138710.
NVD-CWE-noinfo
CVE-2018-14048
An issue has been found in libpng 1.6.34. It is a SEGV in the function png_free_data in png.c, related to the recommended error handling for png_read_image.
CVE-2018-14049
An issue has been found in libwav through 2017-04-20. It is a SEGV in the function print_info in wav_info/wav_info.c.
CVE-2018-14050
An issue has been found in libwav through 2017-04-20. It is a SEGV in the function wav_free in libwav.c.
CVE-2018-14052
An issue has been found in libwav through 2017-04-20. It is a SEGV in the function apply_gain in wav_gain/wav_gain.c.
CVE-2018-14020
An issue was discovered in the Paymorrow module 1.0.0 before 1.0.2 and 2.0.0 before 2.0.1 for OXID eShop. An attacker can bypass delivery-address change detection if the payment module doesn’t use eShop’s checkout procedure properly. To do so, the attacker must change the delivery address to one that is not verified by the Paymorrow module.