Max CVSS | 10.0 | Min CVSS | 1.2 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2019-7317 | 2.6 |
png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.
|
21-10-2024 - 13:55 | 04-02-2019 - 08:29 | |
CVE-2019-9812 | 5.8 |
Given a compromised sandboxed content process due to a separate vulnerability, it is possible to escape that sandbox by loading accounts.firefox.com in that process and forcing a log-in to a malicious Firefox Sync account. Preference settings that di
|
21-10-2024 - 13:55 | 08-01-2020 - 22:15 | |
CVE-2021-1723 | 5.0 |
ASP.NET Core and Visual Studio Denial of Service Vulnerability
|
08-10-2024 - 17:15 | 12-01-2021 - 20:15 | |
CVE-2019-19232 | 5.0 |
In Sudo through 1.8.29, an attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user by invoking sudo with a numeric uid that is not associated with any user. NOTE: The software maintainer believes that this is not a vulne
|
05-08-2024 - 02:16 | 19-12-2019 - 21:15 | |
CVE-2019-10143 | 6.9 |
It was discovered freeradius up to and including version 3.0.19 does not correctly configure logrotate, allowing a local attacker who already has control of the radiusd user to escalate his privileges to root, by tricking logrotate into writing a rad
|
04-08-2024 - 22:15 | 24-05-2019 - 17:29 | |
CVE-2019-6446 | 7.5 |
An issue was discovered in NumPy 1.16.0 and earlier. It uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, as demonstrated by a numpy.load call. NOTE: third parties dispute
|
04-08-2024 - 21:15 | 16-01-2019 - 05:29 | |
CVE-2020-12831 | 4.3 |
An issue was discovered in FRRouting FRR (aka Free Range Routing) through 7.3.1. When using the split-config feature, the init script creates an empty config file with world-readable default permissions, leading to a possible information leak via too
|
04-08-2024 - 12:15 | 13-05-2020 - 18:15 | |
CVE-2019-17626 | 7.5 |
ReportLab through 3.5.26 allows remote code execution because of toColor(eval(arg)) in colors.py, as demonstrated by a crafted XML document with '<span color="' followed by arbitrary Python code.
|
01-08-2024 - 13:41 | 16-10-2019 - 12:15 | |
CVE-2020-15999 | 4.3 |
Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
25-07-2024 - 17:25 | 03-11-2020 - 03:15 | |
CVE-2019-13272 | 7.2 |
In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with
|
24-07-2024 - 16:51 | 17-07-2019 - 13:15 | |
CVE-2019-11043 | 7.5 |
In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the p
|
16-07-2024 - 17:52 | 28-10-2019 - 15:15 | |
CVE-2020-10673 | 6.8 |
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.caucho.config.types.ResourceRef (aka caucho-quercus).
|
03-07-2024 - 01:36 | 18-03-2020 - 22:15 | |
CVE-2019-11708 | 10.0 |
Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vuln
|
02-07-2024 - 17:02 | 23-07-2019 - 14:15 | |
CVE-2019-1387 | 6.8 |
An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. Recursive clones are currently affected by a vulnerability that is caused by too-lax validation of submodule names
|
26-06-2024 - 10:15 | 18-12-2019 - 21:15 | |
CVE-2020-1971 | 4.3 |
The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they
|
21-06-2024 - 19:15 | 08-12-2020 - 16:15 | |
CVE-2019-20454 | 5.0 |
An out-of-bounds read was discovered in PCRE before 10.34 when the pattern \X is JIT compiled and used to match specially crafted subjects in non-UTF mode. Applications that use PCRE to parse untrusted input may be vulnerable to this flaw, which woul
|
27-03-2024 - 16:05 | 14-02-2020 - 14:15 | |
CVE-2020-8177 | 4.6 |
curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources that can lead too overwriting a local file when the -J flag is used.
|
27-03-2024 - 16:04 | 14-12-2020 - 20:15 | |
CVE-2020-5395 | 6.8 |
FontForge 20190801 has a use-after-free in SFD_GetFontMetaData in sfd.c.
|
08-03-2024 - 01:15 | 03-01-2020 - 20:15 | |
CVE-2019-15605 | 7.5 |
HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed
|
07-03-2024 - 21:24 | 07-02-2020 - 15:15 | |
CVE-2019-15606 | 7.5 |
Including trailing white space in HTTP header values in Nodejs 10, 12, and 13 causes bypass of authorization based on header value comparisons
|
07-03-2024 - 21:24 | 07-02-2020 - 15:15 | |
CVE-2019-20916 | 5.0 |
The pip package before 19.2 for Python allows Directory Traversal when a URL is given in an install command, because a Content-Disposition header can have ../ in a filename, as demonstrated by overwriting the /root/.ssh/authorized_keys file. This occ
|
08-02-2024 - 02:04 | 04-09-2020 - 20:15 | |
CVE-2019-14865 | 4.9 |
A flaw was found in the grub2-set-bootflag utility of grub2. A local attacker could run this utility under resource pressure (for example by setting RLIMIT), causing grub2 configuration files to be truncated and leaving the system unbootable on subse
|
06-02-2024 - 18:15 | 29-11-2019 - 10:15 | |
CVE-2019-5736 | 9.3 |
runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types
|
02-02-2024 - 12:15 | 11-02-2019 - 19:29 | |
CVE-2020-15811 | 4.0 |
An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to incorrect data validation, HTTP Request Splitting attacks may succeed against HTTP and HTTPS traffic. This leads to cache poisoning. This allows any client, including browser s
|
02-02-2024 - 03:04 | 02-09-2020 - 17:15 | |
CVE-2020-1597 | 5.0 |
A denial of service vulnerability exists when ASP.NET Core improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against an ASP.NET Core web application. The vulnerability can be ex
|
19-01-2024 - 00:15 | 17-08-2020 - 19:15 | |
CVE-2020-1045 | 5.0 |
<p>A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names.</p>
<p>The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with th
|
31-12-2023 - 22:15 | 11-09-2020 - 17:15 | |
CVE-2020-12803 | 4.3 |
ODF documents can contain forms to be filled out by the user. Similar to HTML forms, the contained form data can be submitted to a URI, for example, to an external web server. To create submittable forms, ODF implements the XForms W3C standard, which
|
31-12-2023 - 14:15 | 08-06-2020 - 16:15 | |
CVE-2019-14835 | 7.2 |
A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descript
|
15-12-2023 - 15:29 | 17-09-2019 - 16:15 | |
CVE-2020-15862 | 7.2 |
Net-SNMP through 5.7.3 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands as root.
|
31-10-2023 - 19:30 | 20-08-2020 - 01:17 | |
CVE-2020-13398 | 6.5 |
An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) write vulnerability has been detected in crypto_rsa_common in libfreerdp/crypto/crypto.c.
|
24-10-2023 - 15:31 | 22-05-2020 - 18:15 | |
CVE-2020-13397 | 2.1 |
An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in security_fips_decrypt in libfreerdp/core/security.c due to an uninitialized value.
|
24-10-2023 - 15:31 | 22-05-2020 - 18:15 | |
CVE-2019-9514 | 7.8 |
Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the p
|
19-10-2023 - 03:15 | 13-08-2019 - 21:15 | |
CVE-2020-11080 | 5.0 |
In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept attack involves a malicious client constructing a SETTINGS frame with a length of 14,400 bytes (2400 individual settings e
|
16-10-2023 - 18:15 | 03-06-2020 - 23:15 | |
CVE-2020-1108 | 5.0 |
A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests, aka '.NET Core & .NET Framework Denial of Service Vulnerability'.
|
15-10-2023 - 16:43 | 21-05-2020 - 23:15 | |
CVE-2019-11324 | 5.0 |
The urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS store of CA certificates, which results in SSL connections succeeding in situations where a verification failure i
|
08-10-2023 - 14:15 | 18-04-2019 - 21:29 | |
CVE-2020-25654 | 9.0 |
An ACL bypass flaw was found in pacemaker. An attacker having a local account on the cluster and in the haclient group could use IPC communication with various daemons directly to perform certain tasks that they would be prevented by ACLs from doing
|
29-09-2023 - 11:15 | 24-11-2020 - 20:15 | |
CVE-2019-3885 | 5.0 |
A use-after-free flaw was found in pacemaker up to and including version 2.0.1 which could result in certain sensitive information to be leaked via the system logs.
|
29-09-2023 - 11:15 | 18-04-2019 - 18:29 | |
CVE-2019-14907 | 2.6 |
All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with "log level = 3" (or above) then the string obtained from the client, after a failed character conversion, is printed. Such st
|
14-09-2023 - 17:15 | 21-01-2020 - 18:15 | |
CVE-2019-12384 | 4.3 |
FasterXML jackson-databind 2.x before 2.9.9.1 might allow attackers to have a variety of impacts by leveraging failure to block the logback-core class from polymorphic deserialization. Depending on the classpath content, remote code execution may be
|
13-09-2023 - 14:16 | 24-06-2019 - 16:15 | |
CVE-2019-11811 | 6.9 |
An issue was discovered in the Linux kernel before 5.0.4. There is a use-after-free upon attempted read access to /proc/ioports after the ipmi_si module is removed, related to drivers/char/ipmi/ipmi_si_intf.c, drivers/char/ipmi/ipmi_si_mem_io.c, and
|
11-08-2023 - 19:54 | 07-05-2019 - 14:29 | |
CVE-2019-19527 | 7.2 |
In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/hid/usbhid/hiddev.c driver, aka CID-9c09b214f30e.
|
04-08-2023 - 17:50 | 03-12-2019 - 16:15 | |
CVE-2019-6706 | 5.0 |
Lua 5.3.5 has a use-after-free in lua_upvaluejoin in lapi.c. For example, a crash outcome might be achieved by an attacker who is able to trigger a debug.upvaluejoin call in which the arguments have certain relationships.
|
23-06-2023 - 01:15 | 23-01-2019 - 19:29 | |
CVE-2020-10188 | 10.0 |
utility.c in telnetd in netkit telnet through 0.17 allows remote attackers to execute arbitrary code via short writes or urgent data, because of a buffer overflow involving the netclear and nextitem functions.
|
16-06-2023 - 17:44 | 06-03-2020 - 15:15 | |
CVE-2020-12049 | 4.9 |
An issue was discovered in dbus >= 1.3.0 before 1.12.18. The DBusServer in libdbus, as used in dbus-daemon, leaks file descriptors when a message exceeds the per-message file descriptor limit. A local attacker with access to the D-Bus system bus or a
|
12-06-2023 - 07:15 | 08-06-2020 - 17:15 | |
CVE-2018-16838 | 5.5 |
A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users to login instead of denying access.
|
29-05-2023 - 17:15 | 25-03-2019 - 18:29 | |
CVE-2019-20479 | 5.8 |
A flaw was found in mod_auth_openidc before version 2.4.1. An open redirect issue exists in URLs with a slash and backslash at the beginning.
|
25-05-2023 - 20:18 | 20-02-2020 - 06:15 | |
CVE-2020-8492 | 7.1 |
Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicA
|
24-05-2023 - 21:15 | 30-01-2020 - 19:15 | |
CVE-2017-18640 | 5.0 |
The Alias feature in SnakeYAML before 1.26 allows entity expansion during a load operation, a related issue to CVE-2003-1564.
|
21-05-2023 - 22:15 | 12-12-2019 - 03:15 | |
CVE-2019-0160 | 7.5 |
Buffer overflow in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege and/or denial of service via network access.
|
12-05-2023 - 05:15 | 27-03-2019 - 20:29 | |
CVE-2020-8597 | 7.5 |
eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eap_request and eap_response functions.
|
05-05-2023 - 17:48 | 03-02-2020 - 23:15 | |
CVE-2019-7638 | 6.8 |
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Map1toN in video/SDL_pixels.c.
|
03-05-2023 - 12:15 | 08-02-2019 - 11:29 | |
CVE-2019-13616 | 5.8 |
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c.
|
03-05-2023 - 12:15 | 16-07-2019 - 17:15 | |
CVE-2019-3883 | 5.0 |
In 389-ds-base up to version 1.4.1.2, requests are handled by workers threads. Each sockets will be waited by the worker for at most 'ioblocktimeout' seconds. However this timeout applies only for un-encrypted requests. Connections using SSL/TLS are
|
24-04-2023 - 09:15 | 17-04-2019 - 14:29 | |
CVE-2020-28367 | 5.1 |
Code injection in the go command with cgo before Go 1.14.12 and Go 1.15.5 allows arbitrary code execution at build time via malicious gcc flags specified via a #cgo directive.
|
20-04-2023 - 00:15 | 18-11-2020 - 17:15 | |
CVE-2020-10663 | 5.0 |
The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavi
|
28-03-2023 - 18:06 | 28-04-2020 - 21:15 | |
CVE-2019-12450 | 7.5 |
file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress. Instead, default permissions are used.
|
24-03-2023 - 18:29 | 29-05-2019 - 17:29 | |
CVE-2019-6111 | 5.8 |
An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned
|
24-03-2023 - 18:12 | 31-01-2019 - 18:29 | |
CVE-2019-13038 | 4.3 |
mod_auth_mellon through 0.14.2 has an Open Redirect via the login?ReturnTo= substring, as demonstrated by omitting the // after http: in the target URL.
|
13-03-2023 - 00:15 | 29-06-2019 - 14:15 | |
CVE-2019-14973 | 4.3 |
_TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c in LibTIFF through 4.0.10 mishandle Integer Overflow checks because they rely on compiler behavior that is undefined by the applicable C standards. This can, for example, lead to an application cras
|
02-03-2023 - 17:53 | 14-08-2019 - 06:15 | |
CVE-2020-13777 | 5.8 |
GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of confidentiality in TLS 1.2, and an authentication bypass in TLS 1.3). The earliest affected version is 3.6.4 (2018-09-24) because of an error in a 2018-
|
01-03-2023 - 16:48 | 04-06-2020 - 07:15 | |
CVE-2020-13867 | 2.1 |
Open-iSCSI targetcli-fb through 2.1.52 has weak permissions for /etc/target (and for the backup directory and backup files).
|
01-03-2023 - 16:48 | 05-06-2020 - 18:15 | |
CVE-2019-10906 | 5.0 |
In Pallets Jinja before 2.10.1, str.format_map allows a sandbox escape.
|
01-03-2023 - 14:56 | 07-04-2019 - 00:29 | |
CVE-2019-13313 | 2.1 |
libosinfo 1.5.0 allows local users to discover credentials by listing a process, because credentials are passed to osinfo-install-script via the command line.
|
28-02-2023 - 20:49 | 05-07-2019 - 14:15 | |
CVE-2019-12527 | 6.8 |
An issue was discovered in Squid 4.0.23 through 4.7. When checking Basic Authentication with HttpHeader::getAuth, Squid uses a global buffer to store the decoded data. Squid does not check that the decoded length isn't greater than the buffer, leadin
|
28-02-2023 - 20:49 | 11-07-2019 - 19:15 | |
CVE-2020-13430 | 4.3 |
Grafana before 7.0.0 allows tag value XSS via the OpenTSDB datasource.
|
28-02-2023 - 15:15 | 24-05-2020 - 18:15 | |
CVE-2019-9811 | 5.1 |
As part of a winning Pwn2Own entry, a researcher demonstrated a sandbox escape by installing a malicious language pack and then opening a browser feature that used the compromised translation. This vulnerability affects Firefox ESR < 60.8, Firefox <
|
28-02-2023 - 14:40 | 23-07-2019 - 14:15 | |
CVE-2019-16056 | 5.0 |
An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and imple
|
28-02-2023 - 14:30 | 06-09-2019 - 18:15 | |
CVE-2019-17450 | 4.3 |
find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32, allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file.
|
27-02-2023 - 15:32 | 10-10-2019 - 17:15 | |
CVE-2019-17451 | 4.3 |
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c, as demonstrated by nm.
|
27-02-2023 - 15:32 | 10-10-2019 - 17:15 | |
CVE-2020-24659 | 5.0 |
An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a no_renegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the app
|
27-02-2023 - 15:30 | 04-09-2020 - 15:15 | |
CVE-2020-14386 | 7.2 |
A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be exploited to gain root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity.
|
24-02-2023 - 18:42 | 16-09-2020 - 13:15 | |
CVE-2018-10910 | 2.1 |
A bug in Bluez may allow for the Bluetooth Discoverable state being set to on when no Bluetooth agent is registered with the system. This situation could lead to the unauthorized pairing of certain Bluetooth devices without any form of authentication
|
13-02-2023 - 04:51 | 28-01-2019 - 15:29 | |
CVE-2018-10896 | 3.6 |
The default cloud-init configuration, in cloud-init 0.6.2 and newer, included "ssh_deletekeys: 0", disabling cloud-init's deletion of ssh host keys. In some environments, this could lead to instances created by cloning a golden master or template sys
|
13-02-2023 - 04:51 | 01-08-2018 - 17:29 | |
CVE-2020-25662 | 3.3 |
A Red Hat only CVE-2020-12352 regression issue was found in the way the Linux kernel's Bluetooth stack implementation handled the initialization of stack memory when handling certain AMP packets. This flaw allows a remote attacker in an adjacent rang
|
12-02-2023 - 23:40 | 05-11-2020 - 21:15 | |
CVE-2020-1722 | 5.4 |
A flaw was found in all ipa versions 4.x.x through 4.8.0. When sending a very long password (>= 1,000,000 characters) to the server, the password hashing process could exhaust memory and CPU leading to a denial of service and the website becoming unr
|
12-02-2023 - 23:40 | 27-04-2020 - 21:15 | |
CVE-2020-1726 | 5.8 |
A flaw was discovered in Podman where it incorrectly allows containers when created to overwrite existing files in volumes, even if they are mounted as read-only. When a user runs a malicious container or a container based on a malicious image with a
|
12-02-2023 - 23:40 | 11-02-2020 - 20:15 | |
CVE-2020-10759 | 3.3 |
A PGP signature bypass flaw was found in fwupd (all versions), which could lead to the installation of unsigned firmware. As per upstream, a signature bypass is theoretically possible, but not practical because the Linux Vendor Firmware Service (LVFS
|
12-02-2023 - 23:39 | 15-09-2020 - 19:15 | |
CVE-2019-3816 | 5.0 |
Openwsman, versions up to and including 2.6.9, are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. A remote, unauthenticated attacker can exploit this vulnerability by sending a sp
|
12-02-2023 - 23:38 | 14-03-2019 - 22:29 | |
CVE-2019-3833 | 5.0 |
Openwsman, versions up to and including 2.6.9, are vulnerable to infinite loop in process_connection() when parsing specially crafted HTTP requests. A remote, unauthenticated attacker can exploit this vulnerability by sending malicious HTTP request t
|
12-02-2023 - 23:38 | 14-03-2019 - 22:29 | |
CVE-2019-14868 | 7.2 |
In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote una
|
12-02-2023 - 23:36 | 02-04-2020 - 17:15 | |
CVE-2019-14834 | 4.3 |
A vulnerability was found in dnsmasq before version 2.81, where the memory leak allows remote attackers to cause a denial of service (memory consumption) via vectors involving DHCP response creation.
|
12-02-2023 - 23:34 | 07-01-2020 - 17:15 | |
CVE-2019-10185 | 6.4 |
It was found that icedtea-web up to and including 1.7.2 and 1.8.2 was vulnerable to a zip-slip attack during auto-extraction of a JAR file. An attacker could use this flaw to write files to arbitrary locations. This could also be used to replace the
|
12-02-2023 - 23:33 | 31-07-2019 - 23:15 | |
CVE-2019-10183 | 2.1 |
Virt-install(1) utility used to provision new virtual machines has introduced an option '--unattended' to create VMs without user interaction. This option accepts guest VM password as command line arguments, thus leaking them to others users on the s
|
12-02-2023 - 23:33 | 03-07-2019 - 14:15 | |
CVE-2019-10132 | 6.5 |
A vulnerability was found in libvirt >= 4.1.0 in the virtlockd-admin.socket and virtlogd-admin.socket systemd units. A missing SocketMode configuration parameter allows any user on the host to connect using virtlockd-admin-sock or virtlogd-admin-sock
|
12-02-2023 - 23:32 | 22-05-2019 - 18:29 | |
CVE-2018-10932 | 3.3 |
lldptool version 1.0.1 and older can print a raw, unsanitized attacker controlled buffer when mngAddr information is displayed. This may allow an attacker to inject shell control characters into the buffer and impact the behavior of the terminal.
|
12-02-2023 - 23:31 | 21-08-2018 - 18:29 | |
CVE-2019-9959 | 4.3 |
The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attac
|
11-02-2023 - 18:27 | 22-07-2019 - 15:15 | |
CVE-2020-8624 | 4.0 |
In BIND 9.9.12 -> 9.9.13, 9.10.7 -> 9.10.8, 9.11.3 -> 9.11.21, 9.12.1 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.12-S1 -> 9.9.13-S1, 9.11.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker who has been granted privileges to ch
|
10-02-2023 - 17:42 | 21-08-2020 - 21:15 | |
CVE-2020-16845 | 5.0 |
Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.
|
03-02-2023 - 02:28 | 06-08-2020 - 18:15 | |
CVE-2020-10730 | 4.0 |
A NULL pointer dereference, or possible use-after-free flaw was found in Samba AD LDAP server in versions before 4.10.17, before 4.11.11 and before 4.12.4. Although some versions of Samba shipped with Red Hat Enterprise Linux do not support Samba in
|
03-02-2023 - 02:26 | 07-07-2020 - 14:15 | |
CVE-2020-12674 | 5.0 |
In Dovecot before 2.3.11.3, sending a specially formatted RPA request will crash the auth service because a length of zero is mishandled.
|
03-02-2023 - 02:23 | 12-08-2020 - 16:15 | |
CVE-2019-20387 | 5.0 |
repodata_schema2id in repodata.c in libsolv before 0.7.6 has a heap-based buffer over-read via a last schema whose length is less than the length of the input schema.
|
31-01-2023 - 20:49 | 21-01-2020 - 23:15 | |
CVE-2019-3003 | 4.0 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to c
|
31-01-2023 - 19:05 | 16-10-2019 - 18:15 | |
CVE-2020-12421 | 4.3 |
When performing add-on updates, certificate chains terminating in non-built-in-roots were rejected (even if they were legitimately added by an administrator.) This could have caused add-ons to become out-of-date silently without notification to the u
|
30-01-2023 - 17:21 | 09-07-2020 - 15:15 | |
CVE-2020-13112 | 6.4 |
An issue was discovered in libexif before 0.6.22. Several buffer over-reads in EXIF MakerNote handling could lead to information disclosure and crashes. This is different from CVE-2020-0093.
|
27-01-2023 - 18:45 | 21-05-2020 - 16:15 | |
CVE-2020-1983 | 2.1 |
A use after free vulnerability in ip_reass() in ip_input.c of libslirp 4.2.0 and prior releases allows crafted packets to cause a denial of service.
|
27-01-2023 - 18:40 | 22-04-2020 - 20:15 | |
CVE-2020-5313 | 5.8 |
libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow.
|
24-01-2023 - 01:43 | 03-01-2020 - 01:15 | |
CVE-2019-9517 | 7.8 |
Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. The attacker opens the HTTP/2 window so the peer can send without constraint; however, they leave the TCP window closed so
|
19-01-2023 - 20:13 | 13-08-2019 - 21:15 | |
CVE-2019-14494 | 4.3 |
An issue was discovered in Poppler through 0.78.0. There is a divide-by-zero error in the function SplashOutputDev::tilingPatternFill at SplashOutputDev.cc.
|
18-01-2023 - 21:19 | 01-08-2019 - 17:15 | |
CVE-2020-9925 | 4.3 |
A logic issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing malicious
|
09-01-2023 - 16:41 | 16-10-2020 - 17:15 | |
CVE-2019-20044 | 7.2 |
In Zsh before 5.8, attackers able to execute commands can regain privileges dropped by the --no-PRIVILEGED option. Zsh fails to overwrite the saved uid, so the original privileges can be restored by executing MODULE_PATH=/dir/with/module zmodload wit
|
09-01-2023 - 16:41 | 24-02-2020 - 14:15 | |
CVE-2020-13692 | 6.8 |
PostgreSQL JDBC Driver (aka PgJDBC) before 42.2.13 allows XXE.
|
13-12-2022 - 15:02 | 04-06-2020 - 16:15 | |
CVE-2019-16167 | 4.3 |
sysstat before 12.1.6 has memory corruption due to an Integer Overflow in remap_struct() in sa_common.c.
|
08-12-2022 - 22:18 | 09-09-2019 - 17:15 | |
CVE-2019-20446 | 4.3 |
In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing. The attacker constructs pattern elements so that the number of final rendered objects grows expon
|
08-12-2022 - 22:16 | 02-02-2020 - 14:15 | |
CVE-2019-19221 | 2.1 |
In Libarchive 3.4.0, archive_wstring_append_from_mbs in archive_string.c has an out-of-bounds read because of an incorrect mbrtowc or mbtowc call. For example, bsdtar crashes via a crafted archive.
|
03-12-2022 - 14:24 | 21-11-2019 - 23:15 | |
CVE-2020-10737 | 3.7 |
A race condition was found in the mkhomedir tool shipped with the oddjob package in versions before 0.34.5 and 0.34.6 wherein, during the home creation, mkhomedir copies the /etc/skel directory into the newly created home and changes its ownership to
|
03-12-2022 - 02:26 | 27-05-2020 - 01:15 | |
CVE-2020-11653 | 5.0 |
An issue was discovered in Varnish Cache before 6.0.6 LTS, 6.1.x and 6.2.x before 6.2.3, and 6.3.x before 6.3.2. It occurs when communication with a TLS termination proxy uses PROXY version 2. There can be an assertion failure and daemon restart, whi
|
29-11-2022 - 19:19 | 08-04-2020 - 23:15 | |
CVE-2020-1712 | 4.6 |
A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. A local unprivileged attacker can abuse this flaw to crash systemd services or potentially
|
29-11-2022 - 16:25 | 31-03-2020 - 17:15 | |
CVE-2020-14355 | 6.5 |
Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. Both the SPICE client (spice-gtk) and server are affected by these flaws. These flaws allow a malicious
|
21-11-2022 - 19:17 | 07-10-2020 - 15:15 | |
CVE-2020-15678 | 6.8 |
When recursing through graphical layers while scrolling, an iterator may have become invalid, resulting in a potential use-after-free. This occurs because the function APZCTreeManager::ComputeClippedCompositionBounds did not follow iterator invalidat
|
16-11-2022 - 16:17 | 01-10-2020 - 19:15 | |
CVE-2020-25211 | 3.6 |
In the Linux kernel through 5.8.7, local attackers able to inject conntrack netlink configuration could overflow a local buffer, causing crashes or triggering use of incorrect protocol numbers in ctnetlink_parse_tuple_filter in net/netfilter/nf_connt
|
16-11-2022 - 15:08 | 09-09-2020 - 16:15 | |
CVE-2020-14364 | 4.4 |
An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its 'data_buf[4096]' in the do_token_in, do_tok
|
16-11-2022 - 14:06 | 31-08-2020 - 18:15 | |
CVE-2020-12137 | 4.3 |
GNU Mailman 2.x before 2.1.30 uses the .obj extension for scrubbed application/octet-stream MIME parts. This behavior may contribute to XSS attacks against list-archive visitors, because an HTTP reply from an archive web server may lack a MIME type,
|
16-11-2022 - 03:14 | 24-04-2020 - 13:15 | |
CVE-2020-10699 | 7.2 |
A flaw was found in Linux, in targetcli-fb versions 2.1.50 and 2.1.51 where the socket used by targetclid was world-writable. If a system enables the targetclid socket, a local attacker can use this flaw to modify the iSCSI configuration and escalate
|
16-11-2022 - 03:11 | 15-04-2020 - 14:15 | |
CVE-2019-17026 | 6.8 |
Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 68.4.1, Thunderbird < 68.4.1, an
|
16-11-2022 - 03:00 | 02-03-2020 - 05:15 | |
CVE-2020-12888 | 4.7 |
The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.
|
14-11-2022 - 19:44 | 15-05-2020 - 18:15 | |
CVE-2020-1730 | 5.0 |
A flaw was found in libssh versions before 0.8.9 and before 0.9.4 in the way it handled AES-CTR (or DES ciphers if enabled) ciphers. The server or client could crash when the connection hasn't been fully initialized and the system tries to cleanup th
|
08-11-2022 - 20:09 | 13-04-2020 - 19:15 | |
CVE-2020-12865 | 5.2 |
A heap buffer overflow in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-084.
|
08-11-2022 - 03:26 | 24-06-2020 - 13:15 | |
CVE-2019-19126 | 2.1 |
On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping ad
|
08-11-2022 - 03:16 | 19-11-2019 - 22:15 | |
CVE-2019-14818 | 5.0 |
A flaw was found in all dpdk version 17.x.x before 17.11.8, 16.x.x before 16.11.10, 18.x.x before 18.11.4 and 19.x.x before 19.08.1 where a malicious master, or a container with access to vhost_user socket, can send specially crafted VRING_SET_NUM me
|
07-11-2022 - 19:45 | 14-11-2019 - 17:15 | |
CVE-2020-1752 | 3.7 |
A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker
|
28-10-2022 - 20:06 | 30-04-2020 - 17:15 | |
CVE-2020-2922 | 4.3 |
Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.18 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with ne
|
28-10-2022 - 17:39 | 15-04-2020 - 14:15 | |
CVE-2020-14621 | 5.0 |
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JAXP). Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Easily exploitable vulnerability allows unauthenti
|
27-10-2022 - 22:58 | 15-07-2020 - 18:15 | |
CVE-2020-12825 | 5.8 |
libcroco through 0.6.13 has excessive recursion in cr_parser_parse_any_core in cr-parser.c, leading to stack consumption.
|
27-10-2022 - 01:04 | 12-05-2020 - 18:15 | |
CVE-2019-9433 | 4.3 |
In libvpx, there is a possible information disclosure due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVers
|
14-10-2022 - 02:09 | 27-09-2019 - 19:15 | |
CVE-2019-9213 | 4.9 |
In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check
|
12-10-2022 - 15:56 | 05-03-2019 - 22:29 | |
CVE-2019-11135 | 2.1 |
TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.
|
07-10-2022 - 15:03 | 14-11-2019 - 19:15 | |
CVE-2019-11498 | 4.3 |
WavpackSetConfiguration64 in pack_utils.c in libwavpack.a in WavPack through 5.1.0 has a "Conditional jump or move depends on uninitialised value" condition, which might allow attackers to cause a denial of service (application crash) via a DFF file
|
07-10-2022 - 13:44 | 24-04-2019 - 05:29 | |
CVE-2020-9490 | 5.0 |
Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards. Configuring the HTTP/2 feature via
|
07-10-2022 - 12:58 | 07-08-2020 - 16:15 | |
CVE-2020-11100 | 6.5 |
In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution.
|
06-10-2022 - 20:51 | 02-04-2020 - 15:15 | |
CVE-2019-2842 | 4.3 |
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JCE). The supported version that is affected is Java SE: 8u212. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to c
|
06-10-2022 - 18:47 | 23-07-2019 - 23:15 | |
CVE-2019-2684 | 4.3 |
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Difficult to exploit vulnerability allows unauthen
|
06-10-2022 - 17:54 | 23-04-2019 - 19:32 | |
CVE-2020-0549 | 2.1 |
Cleanup errors in some data cache evictions for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
|
05-10-2022 - 20:46 | 28-01-2020 - 01:15 | |
CVE-2020-8617 | 4.3 |
Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server. Since BIND, by default, configures a local se
|
09-09-2022 - 17:47 | 19-05-2020 - 14:15 | |
CVE-2018-12121 | 5.0 |
Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers (almost 80 KB per connection), and carefully timed completion of
|
06-09-2022 - 17:54 | 28-11-2018 - 17:29 | |
CVE-2020-10726 | 2.1 |
A vulnerability was found in DPDK versions 19.11 and above. A malicious container that has direct access to the vhost-user socket can keep sending VHOST_USER_GET_INFLIGHT_FD messages, causing a resource leak (file descriptors and virtual memory), whi
|
02-09-2022 - 15:34 | 20-05-2020 - 14:15 | |
CVE-2019-20892 | 4.0 |
net-snmp before 5.8.1.pre1 has a double free in usm_free_usmStateReference in snmplib/snmpusm.c via an SNMPv3 GetBulk request. NOTE: this affects net-snmp packages shipped to end users by multiple Linux distributions, but might not affect an upstream
|
02-09-2022 - 15:31 | 25-06-2020 - 10:15 | |
CVE-2019-20807 | 4.6 |
In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfaces (e.g., Python, Ruby, or Lua).
|
01-09-2022 - 15:14 | 28-05-2020 - 14:15 | |
CVE-2020-2814 | 4.0 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.6.47 and prior, 5.7.28 and prior and 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with net
|
29-08-2022 - 21:00 | 15-04-2020 - 14:15 | |
CVE-2019-3880 | 5.5 |
A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to create a new registry hive file anywhere they have unix permissions which could lead to creation
|
29-08-2022 - 20:02 | 09-04-2019 - 16:29 | |
CVE-2019-9513 | 7.8 |
Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the
|
12-08-2022 - 18:41 | 13-08-2019 - 21:15 | |
CVE-2019-9518 | 7.8 |
Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker sends a stream of frames with an empty payload and without the end-of-stream flag. These frames can be DATA, HEADERS, CONT
|
12-08-2022 - 18:40 | 13-08-2019 - 21:15 | |
CVE-2020-10531 | 6.8 |
An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp.
|
12-08-2022 - 18:28 | 12-03-2020 - 19:15 | |
CVE-2019-2698 | 6.8 |
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 7u211 and 8u202. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protoc
|
12-08-2022 - 18:03 | 23-04-2019 - 19:32 | |
CVE-2019-9516 | 6.8 |
Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of service. The attacker sends a stream of headers with a 0-length header name and 0-length header value, optionally Huffman encoded into 1-byte or greater h
|
05-08-2022 - 14:52 | 13-08-2019 - 21:15 | |
CVE-2019-16777 | 5.5 |
Versions of the npm CLI prior to 6.13.4 are vulnerable to an Arbitrary File Overwrite. It fails to prevent existing globally-installed binaries to be overwritten by other package installations. For example, if a package was installed globally and cre
|
02-08-2022 - 20:45 | 13-12-2019 - 01:15 | |
CVE-2020-11524 | 6.0 |
libfreerdp/codec/interleaved.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write.
|
30-07-2022 - 03:38 | 15-05-2020 - 17:15 | |
CVE-2019-15903 | 5.0 |
In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-r
|
28-07-2022 - 11:23 | 04-09-2019 - 06:15 | |
CVE-2019-9636 | 5.0 |
Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding (with an incorrect netloc) during NFKC normalization. The impact is: Information disclosure (credentials, cookies, etc. that are cached against a
|
25-07-2022 - 18:15 | 08-03-2019 - 21:29 | |
CVE-2020-7595 | 5.0 |
xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation.
|
25-07-2022 - 18:15 | 21-01-2020 - 23:15 | |
CVE-2019-0220 | 5.0 |
A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When the path component of a request URL contains multiple consecutive slashes ('/'), directives such as LocationMatch and RewriteRule must account for duplicates in regular expressions
|
25-07-2022 - 18:15 | 11-06-2019 - 21:29 | |
CVE-2020-6820 | 6.8 |
Under certain conditions, when handling a ReadableStream, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Thunderbird < 68.7.0, Firefox < 74.0.1, and Firefox ESR
|
12-07-2022 - 17:42 | 24-04-2020 - 16:15 | |
CVE-2020-1147 | 6.8 |
A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, SharePoint Server, and Visual Studio Remote Code Execut
|
12-07-2022 - 17:42 | 14-07-2020 - 23:15 | |
CVE-2020-2830 | 5.0 |
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Concurrency). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily exploitable vulnerability allows unauthe
|
30-06-2022 - 20:07 | 15-04-2020 - 14:15 | |
CVE-2019-9948 | 6.4 |
urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen('local_file:///etc/passwd') call
|
30-06-2022 - 17:14 | 23-03-2019 - 18:29 | |
CVE-2019-5094 | 4.6 |
An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. A specially crafted ext4 partition can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can corrupt a partition
|
27-06-2022 - 17:23 | 24-09-2019 - 22:15 | |
CVE-2019-14822 | 3.6 |
A flaw was discovered in ibus in versions before 1.5.22 that allows any unprivileged user to monitor and send method calls to the ibus bus of another user due to a misconfiguration in the DBus server setup. A local attacker may use this flaw to inter
|
07-06-2022 - 18:41 | 25-11-2019 - 12:15 | |
CVE-2020-8252 | 4.6 |
The implementation of realpath in libuv < 10.22.1, < 12.18.4, and < 14.9.0 used within Node.js incorrectly determined the buffer size which can result in a buffer overflow if the resolved path is longer than 256 bytes.
|
24-05-2022 - 17:16 | 18-09-2020 - 21:15 | |
CVE-2019-2999 | 4.0 |
Vulnerability in the Java SE product of Oracle Java SE (component: Javadoc). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via mul
|
13-05-2022 - 14:57 | 16-10-2019 - 18:15 | |
CVE-2020-8174 | 9.3 |
napi_get_value_string_*() allows various kinds of memory corruption in node < 10.21.0, 12.18.0, and < 14.4.0.
|
12-05-2022 - 15:01 | 24-07-2020 - 22:15 | |
CVE-2020-15719 | 4.0 |
libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName (SAN). This is fixed in, for example, openl
|
12-05-2022 - 15:01 | 14-07-2020 - 14:15 | |
CVE-2020-8277 | 5.0 |
A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial of Service in versions < 15.2.1, < 14.15.1, and < 12.19.1 by getting the application to resolve a DNS record with a larger number
|
10-05-2022 - 15:25 | 19-11-2020 - 01:15 | |
CVE-2020-7066 | 4.3 |
In PHP versions 7.2.x below 7.2.29, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using get_headers() with user-supplied URL, if the URL contains zero (\0) character, the URL will be silently truncated at it. This may cause some software to make in
|
08-05-2022 - 23:51 | 01-04-2020 - 04:15 | |
CVE-2019-19783 | 3.5 |
An issue was discovered in Cyrus IMAP before 2.5.15, 3.0.x before 3.0.13, and 3.1.x through 3.1.8. If sieve script uploading is allowed (3.x) or certain non-default sieve options are enabled (2.x), a user with a mail account on the service can use a
|
03-05-2022 - 14:27 | 16-12-2019 - 14:15 | |
CVE-2019-11356 | 7.5 |
The CalDAV feature in httpd in Cyrus IMAP 2.5.x through 2.5.12 and 3.0.x through 3.0.9 allows remote attackers to execute arbitrary code via a crafted HTTP PUT operation for an event with a long iCalendar property name.
|
03-05-2022 - 14:27 | 03-06-2019 - 20:29 | |
CVE-2020-12410 | 9.3 |
Mozilla developers reported memory safety bugs present in Firefox 76 and Firefox ESR 68.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. T
|
03-05-2022 - 13:57 | 09-07-2020 - 15:15 | |
CVE-2020-6851 | 5.0 |
OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of opj_j2k_update_image_dimensions validation.
|
29-04-2022 - 13:24 | 13-01-2020 - 06:15 | |
CVE-2020-15780 | 7.2 |
An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7. Injection of malicious ACPI tables via configfs could be used by attackers to bypass lockdown and secure boot restrictions, aka CID-75b0cea7bf30.
|
27-04-2022 - 15:44 | 15-07-2020 - 22:15 | |
CVE-2020-13114 | 5.0 |
An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data.
|
27-04-2022 - 14:45 | 21-05-2020 - 16:15 | |
CVE-2020-11736 | 3.3 |
fr-archive-libarchive.c in GNOME file-roller through 3.36.1 allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink to a directory outside of the intended extraction location.
|
27-04-2022 - 13:20 | 13-04-2020 - 19:15 | |
CVE-2020-16166 | 4.3 |
The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG, aka CID-f227e3ec3b5c. This is related to drivers/char/random.c and kernel/time/timer.c
|
26-04-2022 - 17:06 | 30-07-2020 - 21:15 | |
CVE-2020-1934 | 5.0 |
In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server.
|
26-04-2022 - 17:05 | 01-04-2020 - 20:15 | |
CVE-2020-8698 | 2.1 |
Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
|
26-04-2022 - 16:33 | 12-11-2020 - 18:15 | |
CVE-2020-0452 | 7.5 |
In exif_entry_get_value of exif-entry.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution if a third party app used this library to process remote image data with no additional execution pri
|
26-04-2022 - 16:31 | 10-11-2020 - 13:15 | |
CVE-2019-18934 | 6.8 |
Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. This issue can only be triggered if unbound was compiled with `--enable-ipsecmod` support, and ips
|
22-04-2022 - 19:57 | 19-11-2019 - 18:15 | |
CVE-2019-0155 | 7.2 |
Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G390
|
22-04-2022 - 19:57 | 14-11-2019 - 19:15 | |
CVE-2019-17185 | 5.0 |
In FreeRADIUS 3.0.x before 3.0.20, the EAP-pwd module used a global OpenSSL BN_CTX instance to handle all handshakes. This mean multiple threads use the same BN_CTX instance concurrently, resulting in crashes when concurrent EAP-pwd handshakes are in
|
22-04-2022 - 19:04 | 21-03-2020 - 01:15 | |
CVE-2020-0556 | 5.8 |
Improper access control in subsystem for BlueZ before version 5.54 may allow an unauthenticated user to potentially enable escalation of privilege and denial of service via adjacent access
|
22-04-2022 - 19:02 | 12-03-2020 - 21:15 | |
CVE-2020-10711 | 4.3 |
A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible bitmap via the
|
22-04-2022 - 18:53 | 22-05-2020 - 15:15 | |
CVE-2019-1551 | 5.0 |
There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this d
|
19-04-2022 - 15:36 | 06-12-2019 - 18:15 | |
CVE-2019-9503 | 7.9 |
The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f is vulnerable to a frame validation bypass. If the brcmfmac driver receives a firmware event frame from a remote source, the is_wlc_event_frame function will c
|
18-04-2022 - 18:09 | 16-01-2020 - 21:15 | |
CVE-2018-20843 | 7.8 |
In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks).
|
18-04-2022 - 17:17 | 24-06-2019 - 17:15 | |
CVE-2019-14287 | 9.0 |
In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !r
|
18-04-2022 - 15:45 | 17-10-2019 - 18:15 | |
CVE-2020-6814 | 7.5 |
Mozilla developers reported memory safety bugs present in Firefox and Thunderbird 68.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This
|
18-04-2022 - 15:15 | 25-03-2020 - 22:15 | |
CVE-2019-15166 | 5.0 |
lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.
|
13-04-2022 - 14:48 | 03-10-2019 - 17:15 | |
CVE-2019-19906 | 5.0 |
cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by an off-by-one error in _sasl_add_string in common.c
|
12-04-2022 - 18:41 | 19-12-2019 - 18:15 | |
CVE-2019-1010238 | 7.5 |
Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pango_log2vis_get_embedding_levels, assignment of nchars and the loop condit
|
12-04-2022 - 16:51 | 19-07-2019 - 17:15 | |
CVE-2019-17012 | 6.8 |
Mozilla developers reported memory safety bugs present in Firefox 70 and Firefox ESR 68.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. T
|
08-04-2022 - 14:33 | 08-01-2020 - 22:15 | |
CVE-2019-15165 | 5.0 |
sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory.
|
08-04-2022 - 13:27 | 03-10-2019 - 19:15 | |
CVE-2020-26950 | 9.3 |
In certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition. This vulnerability affects Firefox < 82.0.3, Firefox ESR < 78.4.1, and Thunderbird < 78.4.2.
|
08-04-2022 - 11:28 | 09-12-2020 - 01:15 | |
CVE-2020-9327 | 5.0 |
In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations.
|
08-04-2022 - 10:33 | 21-02-2020 - 22:15 | |
CVE-2019-20372 | 4.3 |
NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer.
|
06-04-2022 - 16:10 | 09-01-2020 - 21:15 | |
CVE-2019-9640 | 5.0 |
An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an Invalid Read in exif_process_SOFn.
|
05-04-2022 - 20:48 | 09-03-2019 - 00:29 | |
CVE-2017-18922 | 7.5 |
It was discovered that websockets.c in LibVNCServer prior to 0.9.12 did not properly decode certain WebSocket frames. A malicious attacker could exploit this by sending specially crafted WebSocket frames to a server, causing a heap-based buffer overf
|
01-04-2022 - 18:08 | 30-06-2020 - 11:15 | |
CVE-2019-13734 | 6.8 |
Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
29-03-2022 - 19:37 | 10-12-2019 - 22:15 | |
CVE-2019-20788 | 7.5 |
libvncclient/cursor.c in LibVNCServer through 0.9.12 has a HandleCursorShape integer overflow and heap-based buffer overflow via a large height or width value. NOTE: this may overlap CVE-2019-15690.
|
10-03-2022 - 14:54 | 23-04-2020 - 19:15 | |
CVE-2019-15718 | 3.6 |
In systemd 240, bus_open_system_watch_bind_with_description in shared/bus-util.c (as used by systemd-resolved to connect to the system D-Bus instance), calls sd_bus_set_trusted, which disables access controls for incoming D-Bus messages. An unprivile
|
20-02-2022 - 06:15 | 04-09-2019 - 12:15 | |
CVE-2019-6454 | 4.9 |
An issue was discovered in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An unprivileged local user can expl
|
20-02-2022 - 06:08 | 21-03-2019 - 16:01 | |
CVE-2019-3844 | 4.6 |
It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker
|
31-01-2022 - 18:52 | 26-04-2019 - 21:29 | |
CVE-2019-20386 | 2.1 |
An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.
|
28-01-2022 - 21:27 | 21-01-2020 - 06:15 | |
CVE-2020-12402 | 1.2 |
During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. This allowed an attacker able to perform electromagnetic-based side channel attacks to re
|
04-01-2022 - 16:38 | 09-07-2020 - 15:15 | |
CVE-2019-18609 | 7.5 |
An issue was discovered in amqp_handle_input in amqp_connection.c in rabbitmq-c 0.9.0. There is an integer overflow that leads to heap memory corruption in the handling of CONNECTION_STATE_HEADER. A rogue server could return a malicious frame header
|
01-01-2022 - 20:06 | 01-12-2019 - 22:15 | |
CVE-2019-13456 | 2.9 |
In FreeRADIUS 3.0 through 3.0.19, on average 1 in every 2048 EAP-pwd handshakes fails because the password element cannot be found within 10 iterations of the hunting and pecking loop. This leaks information that an attacker can use to recover the pa
|
01-01-2022 - 20:06 | 03-12-2019 - 20:15 | |
CVE-2020-8632 | 2.1 |
In cloud-init through 19.4, rand_user_password in cloudinit/config/cc_set_passwords.py has a small default pwlen value, which makes it easier for attackers to guess passwords.
|
01-01-2022 - 20:03 | 05-02-2020 - 14:15 | |
CVE-2020-6800 | 6.8 |
Mozilla developers and community members reported memory safety bugs present in Firefox 72 and Firefox ESR 68.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to
|
01-01-2022 - 19:35 | 02-03-2020 - 05:15 | |
CVE-2020-14382 | 6.8 |
A vulnerability was found in upstream release cryptsetup-2.2.0 where, there's a bug in LUKS2 format validation code, that is effectively invoked on every device/image presenting itself as LUKS2 container. The bug is in segments validation code in fil
|
01-01-2022 - 18:39 | 16-09-2020 - 15:15 | |
CVE-2019-14563 | 4.6 |
Integer truncation in EDK II may allow an authenticated user to potentially enable escalation of privilege via local access.
|
01-01-2022 - 18:11 | 23-11-2020 - 17:15 | |
CVE-2019-14559 | 5.0 |
Uncontrolled resource consumption in EDK II may allow an unauthenticated user to potentially enable denial of service via network access.
|
01-01-2022 - 18:10 | 23-11-2020 - 16:15 | |
CVE-2020-2930 | 3.5 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported versions that are affected are 8.0.19 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple prot
|
30-12-2021 - 22:15 | 15-04-2020 - 14:15 | |
CVE-2020-5208 | 6.5 |
It's been found that multiple functions in ipmitool before 1.8.19 neglect proper checking of the data received from a remote LAN party, which may lead to buffer overflows and potentially to remote code execution on the ipmitool side. This is especial
|
30-12-2021 - 21:13 | 05-02-2020 - 14:15 | |
CVE-2020-8649 | 3.6 |
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vgacon_invert_region function in drivers/video/console/vgacon.c.
|
30-12-2021 - 20:44 | 06-02-2020 - 01:15 | |
CVE-2019-17042 | 7.5 |
An issue was discovered in Rsyslog v8.1908.0. contrib/pmcisconames/pmcisconames.c has a heap overflow in the parser for Cisco log messages. The parser tries to locate a log message delimiter (in this case, a space or a colon), but fails to account fo
|
06-12-2021 - 18:12 | 07-10-2019 - 16:15 | |
CVE-2020-2659 | 4.3 |
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u241 and 8u231; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated at
|
06-12-2021 - 15:07 | 15-01-2020 - 17:15 | |
CVE-2019-8822 | 6.8 |
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing malici
|
01-12-2021 - 17:44 | 18-12-2019 - 18:15 | |
CVE-2019-8768 | 5.0 |
"Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Catalina 10.15. A user may be unable to delete browsing history items.
|
01-12-2021 - 16:47 | 18-12-2019 - 18:15 | |
CVE-2018-10393 | 5.0 |
bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a stack-based buffer over-read.
|
30-11-2021 - 21:59 | 26-04-2018 - 05:29 | |
CVE-2019-7665 | 4.3 |
In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32_xlatetom in elf32_xlatetom.c in libelf. A crafted ELF input can cause a segmentation fault leading to denial of service (program crash) because ebl_core_note does n
|
30-11-2021 - 19:53 | 09-02-2019 - 16:29 | |
CVE-2019-7548 | 6.8 |
SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be controlled.
|
30-11-2021 - 19:52 | 06-02-2019 - 21:29 | |
CVE-2019-17596 | 5.0 |
Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. There are several attack scenarios, such as traffic from a client to a server that verifies client certificates.
|
30-11-2021 - 19:42 | 24-10-2019 - 22:15 | |
CVE-2019-1010305 | 4.3 |
libmspack 0.9.1alpha is affected by: Buffer Overflow. The impact is: Information Disclosure. The component is: function chmd_read_headers() in libmspack(file libmspack/mspack/chmd.c). The attack vector is: the victim must open a specially crafted chm
|
30-11-2021 - 18:50 | 15-07-2019 - 15:15 | |
CVE-2019-5482 | 7.5 |
Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.
|
03-11-2021 - 19:34 | 16-09-2019 - 19:15 | |
CVE-2020-10754 | 4.0 |
It was found that nmcli, a command line interface to NetworkManager did not honour 802-1x.ca-path and 802-1x.phase2-ca-path settings, when creating a new profile. When a user connects to a network using this profile, the authentication does not happe
|
02-11-2021 - 17:12 | 08-06-2020 - 18:15 | |
CVE-2020-12268 | 7.5 |
jbig2_image_compose in jbig2_image.c in Artifex jbig2dec before 0.18 has a heap-based buffer overflow.
|
02-11-2021 - 14:25 | 27-04-2020 - 02:15 | |
CVE-2019-10193 | 6.5 |
A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By corrupting a hyperloglog using the SETRANGE command, an attacker could cause Redis to perfo
|
28-10-2021 - 12:14 | 11-07-2019 - 19:15 | |
CVE-2020-15707 | 4.4 |
Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-based buffe
|
13-09-2021 - 14:25 | 29-07-2020 - 18:15 | |
CVE-2020-13962 | 5.0 |
Qt 5.12.2 through 5.14.2, as used in unofficial builds of Mumble 1.3.0 and other products, mishandles OpenSSL's error queue, which can cause a denial of service to QSslSocket users. Because errors leak in unrelated TLS sessions, an unrelated session
|
11-08-2021 - 14:29 | 09-06-2020 - 00:15 | |
CVE-2019-8457 | 7.5 |
SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.
|
31-07-2021 - 08:15 | 30-05-2019 - 16:29 | |
CVE-2019-1543 | 5.8 |
ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. RFC 7539 specifies that the nonce value (IV) should be 96 bits (12 bytes). OpenSSL allows a variable nonce length and front pads the nonce with 0 b
|
31-07-2021 - 08:15 | 06-03-2019 - 21:29 | |
CVE-2019-1563 | 4.3 |
In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decryp
|
31-07-2021 - 08:15 | 10-09-2019 - 17:15 | |
CVE-2020-16044 | 6.8 |
Use after free in WebRTC in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted SCTP packet.
|
21-07-2021 - 11:39 | 09-02-2021 - 14:15 | |
CVE-2020-12321 | 5.8 |
Improper buffer restriction in some Intel(R) Wireless Bluetooth(R) products before version 21.110 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
|
21-07-2021 - 11:39 | 12-11-2020 - 18:15 | |
CVE-2020-15969 | 6.8 |
Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
21-07-2021 - 11:39 | 03-11-2020 - 03:15 | |
CVE-2020-3898 | 4.6 |
A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15.4. An application may be able to gain elevated privileges.
|
21-07-2021 - 11:39 | 22-10-2020 - 18:15 | |
CVE-2020-15646 | 4.3 |
If an attacker intercepts Thunderbird's initial attempt to perform automatic account setup using the Microsoft Exchange autodiscovery mechanism, and the attacker sends a crafted response, then Thunderbird sends username and password over https to a s
|
21-07-2021 - 11:39 | 08-10-2020 - 14:15 | |
CVE-2020-6825 | 7.5 |
Mozilla developers and community members Tyson Smith and Christian Holler reported memory safety bugs present in Firefox 74 and Firefox ESR 68.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of t
|
21-07-2021 - 11:39 | 24-04-2020 - 16:15 | |
CVE-2020-6831 | 7.5 |
A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.
|
21-07-2021 - 11:39 | 26-05-2020 - 18:15 | |
CVE-2020-6514 | 4.3 |
Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream.
|
21-07-2021 - 11:39 | 22-07-2020 - 17:15 | |
CVE-2020-8450 | 7.5 |
An issue was discovered in Squid before 4.10. Due to incorrect buffer management, a remote client can cause a buffer overflow in a Squid instance acting as a reverse proxy.
|
21-07-2021 - 11:39 | 04-02-2020 - 20:15 | |
CVE-2019-6471 | 4.3 |
A race condition which may occur when discarding malformed packets can result in BIND exiting due to a REQUIRE assertion failure in dispatch.c. Versions affected: BIND 9.11.0 -> 9.11.7, 9.12.0 -> 9.12.4-P1, 9.14.0 -> 9.14.2. Also all releases of the
|
21-07-2021 - 11:39 | 09-10-2019 - 16:15 | |
CVE-2019-13627 | 2.6 |
It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. Version affected: 1.8.4-5, 1.7.6-2+deb9u3, and 1.6.3-2+deb8u4. Versions fixed: 1.8.5-2 and 1.6.3-2+deb8u7.
|
21-07-2021 - 11:39 | 25-09-2019 - 15:15 | |
CVE-2020-1161 | 5.0 |
A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'.
|
21-07-2021 - 11:39 | 21-05-2020 - 23:15 | |
CVE-2019-1010180 | 6.8 |
GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging.
|
21-07-2021 - 11:39 | 24-07-2019 - 13:15 | |
CVE-2020-11501 | 5.8 |
GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. The earliest affected version is 3.6.3 (2018-07-16) because of an error in a 2017-10-06 commit. The DTLS client always uses 32 '\0' bytes instead of a random value, and thus contributes
|
21-07-2021 - 11:39 | 03-04-2020 - 13:15 | |
CVE-2019-0203 | 5.0 |
In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server process may exit when a client sends certain sequences of protocol commands. This can lead to disruption for users of the server.
|
21-07-2021 - 11:39 | 26-09-2019 - 16:15 | |
CVE-2020-0603 | 9.3 |
A remote code execution vulnerability exists in ASP.NET Core software when the software fails to handle objects in memory.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka 'ASP.N
|
21-07-2021 - 11:39 | 14-01-2020 - 23:15 | |
CVE-2019-12779 | 6.6 |
libqb before 1.0.5 allows local users to overwrite arbitrary files via a symlink attack, because it uses predictable filenames (under /dev/shm and /tmp) without O_EXCL.
|
03-07-2021 - 05:15 | 07-06-2019 - 20:29 | |
CVE-2019-13050 | 5.0 |
Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through 2.2.16, makes it risky to have a GnuPG keyserver configuration line referring to a host on the SKS keyserver network. Retrieving data from this n
|
29-06-2021 - 15:15 | 29-06-2019 - 17:15 | |
CVE-2019-0215 | 6.0 |
In Apache HTTP Server 2.4 releases 2.4.37 and 2.4.38, a bug in mod_ssl when using per-location client certificate verification with TLSv1.3 allowed a client to bypass configured access control restrictions.
|
06-06-2021 - 11:15 | 08-04-2019 - 20:29 | |
CVE-2020-1721 | 4.3 |
A flaw was found in the Key Recovery Authority (KRA) Agent Service in pki-core 10.10.5 where it did not properly sanitize the recovery ID during a key recovery request, enabling a reflected cross-site scripting (XSS) vulnerability. An attacker could
|
10-05-2021 - 20:16 | 30-04-2021 - 12:15 | |
CVE-2020-1763 | 5.0 |
An out-of-bounds buffer read flaw was found in the pluto daemon of libreswan from versions 3.27 till 3.31 where, an unauthenticated attacker could use this flaw to crash libreswan by sending specially-crafted IKEv1 Informational Exchange packets. The
|
05-05-2021 - 13:41 | 12-05-2020 - 14:15 | |
CVE-2020-8112 | 6.8 |
opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through 2020-01-28 has a heap-based buffer overflow in the qmfbid==1 case, a different issue than CVE-2020-6851.
|
02-04-2021 - 12:15 | 28-01-2020 - 18:15 | |
CVE-2020-25687 | 7.1 |
A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. This flaw allows a remote attacker, who can create valid DNS replies, to
|
26-03-2021 - 18:40 | 20-01-2021 - 17:15 | |
CVE-2019-9741 | 4.3 |
An issue was discovered in net/http in Go 1.11.5. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the second argument to http.NewRequest with \r\n followed by an HTTP header or a Redis command.
|
22-03-2021 - 13:05 | 13-03-2019 - 08:29 | |
CVE-2020-5260 | 5.0 |
Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. Git uses external "credential helper" programs to store and retrieve passwords or other credentials from se
|
19-03-2021 - 18:21 | 14-04-2020 - 23:15 | |
CVE-2020-11945 | 7.5 |
An issue was discovered in Squid before 5.0.2. A remote attacker can replay a sniffed Digest Authentication nonce to gain access to resources that are otherwise forbidden. This occurs because the attacker can overflow the nonce reference counter (a s
|
17-03-2021 - 12:40 | 23-04-2020 - 15:15 | |
CVE-2019-3823 | 5.0 |
libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to `smtp_endofresp()` isn't NUL terminated and contains no character ending the parsed n
|
09-03-2021 - 15:15 | 06-02-2019 - 20:29 | |
CVE-2018-12900 | 6.8 |
Heap-based buffer overflow in the cpSeparateBufToContigBuf function in tiffcp.c in LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0beta7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8
|
05-03-2021 - 19:15 | 26-06-2018 - 22:29 | |
CVE-2020-2601 | 4.3 |
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unau
|
04-03-2021 - 20:49 | 15-01-2020 - 17:15 | |
CVE-2020-25690 | 6.8 |
An out-of-bounds write flaw was found in FontForge in versions before 20200314 while parsing SFD files containing certain LayerCount tokens. This flaw allows an attacker to manipulate the memory allocated on the heap, causing the application to crash
|
01-03-2021 - 21:19 | 23-02-2021 - 04:15 | |
CVE-2020-14803 | 5.0 |
Vulnerability in the Java SE product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 11.0.8 and 15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocol
|
24-02-2021 - 21:42 | 21-10-2020 - 15:15 | |
CVE-2019-11745 | 6.8 |
When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur. This could have caused heap corruption and a potentially exploitable crash. This vulnerabilit
|
19-02-2021 - 17:22 | 08-01-2020 - 20:15 | |
CVE-2019-17007 | 5.0 |
In Network Security Services before 3.44, a malformed Netscape Certificate Sequence can cause NSS to crash, resulting in a denial of service.
|
19-02-2021 - 16:58 | 22-10-2020 - 21:15 | |
CVE-2020-12663 | 5.0 |
Unbound before 1.10.1 has an infinite loop via malformed DNS answers received from upstream servers.
|
17-02-2021 - 20:58 | 19-05-2020 - 14:15 | |
CVE-2020-8608 | 6.8 |
In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.
|
14-02-2021 - 03:50 | 06-02-2020 - 17:15 | |
CVE-2020-7039 | 6.8 |
tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute
|
14-02-2021 - 03:50 | 16-01-2020 - 23:15 | |
CVE-2020-13379 | 6.4 |
The avatar feature in Grafana 3.0.1 through 7.0.1 has an SSRF Incorrect Access Control issue. This vulnerability allows any unauthenticated user/client to make Grafana send HTTP requests to any URL and return its result to the user/client. This can b
|
29-01-2021 - 16:41 | 03-06-2020 - 19:15 | |
CVE-2020-35113 | 6.8 |
Mozilla developers reported memory safety bugs present in Firefox 83 and Firefox ESR 78.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. T
|
12-01-2021 - 19:15 | 07-01-2021 - 14:15 | |
CVE-2020-25696 | 7.6 |
A flaw was found in the psql interactive terminal of PostgreSQL in versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If an interactive psql session uses \gset when querying a compromised server, the attac
|
15-12-2020 - 19:37 | 23-11-2020 - 22:15 | |
CVE-2020-26970 | 9.3 |
When reading SMTP server status codes, Thunderbird writes an integer value to a position on the stack that is intended to contain just one byte. Depending on processor architecture and stack layout, this leads to stack corruption that may be exploita
|
10-12-2020 - 18:52 | 09-12-2020 - 01:15 | |
CVE-2020-26968 | 9.3 |
Mozilla developers reported memory safety bugs present in Firefox 82 and Firefox ESR 78.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. T
|
10-12-2020 - 16:19 | 09-12-2020 - 01:15 | |
CVE-2020-14040 | 5.0 |
The x/text package before 0.3.3 for Go has a vulnerability in encoding/unicode that could lead to the UTF-16 decoder entering an infinite loop, causing the program to crash or run out of memory. An attacker could provide a single byte to a UTF16 deco
|
18-11-2020 - 14:44 | 17-06-2020 - 20:15 | |
CVE-2020-14352 | 8.5 |
A flaw was found in librepo in versions before 1.12.1. A directory traversal vulnerability was found where it failed to sanitize paths in remote repository metadata. An attacker controlling a remote repository may be able to copy files outside of the
|
09-11-2020 - 14:28 | 30-08-2020 - 15:15 | |
CVE-2019-8696 | 6.5 |
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execu
|
30-10-2020 - 02:22 | 27-10-2020 - 20:15 | |
CVE-2018-19662 | 5.8 |
An issue was discovered in libsndfile 1.0.28. There is a buffer over-read in the function i2alaw_array in alaw.c that will lead to a denial of service.
|
29-10-2020 - 19:15 | 29-11-2018 - 08:29 | |
CVE-2019-6477 | 5.0 |
With pipelining enabled each incoming query on a TCP connection requires a similar resource allocation to a query received via UDP or via TCP without pipelining enabled. A client using a TCP-pipelined connection to a server could consume more resourc
|
20-10-2020 - 12:15 | 26-11-2019 - 16:15 | |
CVE-2019-19339 | 4.9 |
It was found that the Red Hat Enterprise Linux 8 kpatch update did not include the complete fix for CVE-2018-12207. A flaw was found in the way Intel CPUs handle inconsistency between, virtual to physical memory address translations in CPU's local ca
|
19-10-2020 - 19:52 | 17-01-2020 - 19:15 | |
CVE-2019-3827 | 3.3 |
An incorrect permission check in the admin backend in gvfs before version 1.39.4 was found that allows reading and modify arbitrary files by privileged users without asking for password when no authentication agent is running. This vulnerability can
|
19-10-2020 - 18:06 | 25-03-2019 - 18:29 | |
CVE-2019-15695 | 6.5 |
TigerVNC version prior to 1.10.1 is vulnerable to stack buffer overflow, which could be triggered from CMsgReader::readSetCursor. This vulnerability occurs due to insufficient sanitization of PixelFormat. Since remote attacker can choose offset from
|
16-10-2020 - 20:00 | 26-12-2019 - 16:15 | |
CVE-2019-14817 | 6.8 |
A flaw was found in, ghostscript versions prior to 9.50, in the .pdfexectoken and other procedures where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could dis
|
16-10-2020 - 13:21 | 03-09-2019 - 16:15 | |
CVE-2019-3839 | 6.8 |
It was found that in ghostscript some privileged operators remained accessible from various places after the CVE-2019-6116 fix. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside o
|
15-10-2020 - 14:31 | 16-05-2019 - 19:29 | |
CVE-2019-10168 | 4.6 |
The virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorCPU() libvirt APIs, 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accept an "emulator" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will ex
|
15-10-2020 - 13:28 | 02-08-2019 - 13:15 | |
CVE-2020-10967 | 5.0 |
In Dovecot before 2.3.10.1, remote unauthenticated attackers can crash the lmtp or submission process by sending mail with an empty localpart.
|
13-10-2020 - 22:15 | 18-05-2020 - 15:15 | |
CVE-2019-14869 | 6.8 |
A flaw was found in all versions of ghostscript 9.x before 9.50, where the `.charkeys` procedure, where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating
|
09-10-2020 - 13:12 | 15-11-2019 - 12:15 | |
CVE-2019-15043 | 5.0 |
In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use. This makes it possible to run a denial of service attack against the server running Grafana.
|
04-10-2020 - 18:15 | 03-09-2019 - 12:15 | |
CVE-2020-15669 | 6.8 |
When aborting an operation, such as a fetch, an abort signal may be deleted while alerting the objects to be notified. This results in a use-after-free and we presume that with enough effort it could have been exploited to run arbitrary code. This vu
|
02-10-2020 - 19:02 | 01-10-2020 - 19:15 | |
CVE-2019-10164 | 9.0 |
PostgreSQL versions 10.x before 10.9 and versions 11.x before 11.4 are vulnerable to a stack-based buffer overflow. Any authenticated user can overflow a stack-based buffer by changing the user's own password to a purpose-crafted value. This often su
|
02-10-2020 - 14:34 | 26-06-2019 - 16:15 | |
CVE-2020-15811 | 4.0 |
An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to incorrect data validation, HTTP Request Splitting attacks may succeed against HTTP and HTTPS traffic. This leads to cache poisoning. This allows any client, including browser s
|
30-09-2020 - 22:15 | 02-09-2020 - 17:15 | |
CVE-2020-8252 | 7.5 |
The implementation of realpath in libuv < 10.22.1, < 12.18.4, and < 14.9.0 used within Node.js incorrectly determined the buffer size which can result in a buffer overflow if the resolved path is longer than 256 bytes.
|
30-09-2020 - 20:15 | 18-09-2020 - 21:15 | |
CVE-2019-10216 | 6.8 |
In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that coul
|
30-09-2020 - 18:17 | 27-11-2019 - 13:15 | |
CVE-2019-10216 | 6.8 |
In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that coul
|
30-09-2020 - 18:17 | 27-11-2019 - 13:15 | |
CVE-2020-13962 | 5.0 |
Qt 5.12.2 through 5.14.2, as used in unofficial builds of Mumble 1.3.0 and other products, mishandles OpenSSL's error queue, which can cause a denial of service to QSslSocket users. Because errors leak in unrelated TLS sessions, an unrelated session
|
30-09-2020 - 18:15 | 09-06-2020 - 00:15 | |
CVE-2020-14364 | 4.4 |
An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its 'data_buf[4096]' in the do_token_in, do_tok
|
30-09-2020 - 18:15 | 31-08-2020 - 18:15 | |
CVE-2019-11745 | 6.8 |
When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur. This could have caused heap corruption and a potentially exploitable crash. This vulnerabilit
|
30-09-2020 - 18:15 | 08-01-2020 - 20:15 | |
CVE-2020-12402 | 1.2 |
During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. This allowed an attacker able to perform electromagnetic-based side channel attacks to re
|
30-09-2020 - 18:15 | 09-07-2020 - 15:15 | |
CVE-2020-10663 | 5.0 |
The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavi
|
30-09-2020 - 18:15 | 28-04-2020 - 21:15 | |
CVE-2019-10143 | 6.9 |
** DISPUTED ** It was discovered freeradius up to and including version 3.0.19 does not correctly configure logrotate, allowing a local attacker who already has control of the radiusd user to escalate his privileges to root, by tricking logrotate int
|
30-09-2020 - 14:22 | 24-05-2019 - 17:29 | |
CVE-2020-16166 | 4.3 |
The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG, aka CID-f227e3ec3b5c. This is related to drivers/char/random.c and kernel/time/timer.c
|
28-09-2020 - 16:15 | 30-07-2020 - 21:15 | |
CVE-2020-12888 | 4.7 |
The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.
|
28-09-2020 - 16:15 | 15-05-2020 - 18:15 | |
CVE-2020-14386 | 7.2 |
A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be exploited to gain root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity.
|
28-09-2020 - 16:15 | 16-09-2020 - 13:15 | |
CVE-2020-1726 | 5.8 |
A flaw was discovered in Podman where it incorrectly allows containers when created to overwrite existing files in volumes, even if they are mounted as read-only. When a user runs a malicious container or a container based on a malicious image with a
|
28-09-2020 - 15:15 | 11-02-2020 - 20:15 | |
CVE-2019-14973 | 4.3 |
_TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c in LibTIFF through 4.0.10 mishandle Integer Overflow checks because they rely on compiler behavior that is undefined by the applicable C standards. This can, for example, lead to an application cras
|
28-09-2020 - 15:15 | 14-08-2019 - 06:15 | |
CVE-2018-19873 | 7.5 |
An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data.
|
28-09-2020 - 09:15 | 26-12-2018 - 21:29 | |
CVE-2018-19872 | 4.3 |
An issue was discovered in Qt 5.11. A malformed PPM image causes a division by zero and a crash in qppmhandler.cpp.
|
28-09-2020 - 09:15 | 21-03-2019 - 16:00 | |
CVE-2018-19872 | 4.3 |
An issue was discovered in Qt 5.11. A malformed PPM image causes a division by zero and a crash in qppmhandler.cpp.
|
28-09-2020 - 09:15 | 21-03-2019 - 16:00 | |
CVE-2018-19873 | 7.5 |
An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data.
|
28-09-2020 - 09:15 | 26-12-2018 - 21:29 | |
CVE-2020-24659 | 5.0 |
An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a no_renegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the app
|
25-09-2020 - 20:15 | 04-09-2020 - 15:15 | |
CVE-2020-14382 | 6.8 |
A vulnerability was found in upstream release cryptsetup-2.2.0 where, there's a bug in LUKS2 format validation code, that is effectively invoked on every device/image presenting itself as LUKS2 container. The bug is in segments validation code in fil
|
25-09-2020 - 20:15 | 16-09-2020 - 15:15 | |
CVE-2020-1597 | 5.0 |
A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'.
|
25-09-2020 - 20:15 | 17-08-2020 - 19:15 | |
CVE-2020-12674 | 5.0 |
In Dovecot before 2.3.11.3, sending a specially formatted RPA request will crash the auth service because a length of zero is mishandled.
|
25-09-2020 - 19:15 | 12-08-2020 - 16:15 | |
CVE-2020-10967 | 5.0 |
In Dovecot before 2.3.10.1, remote unauthenticated attackers can crash the lmtp or submission process by sending mail with an empty localpart.
|
25-09-2020 - 19:15 | 18-05-2020 - 15:15 | |
CVE-2020-16845 | 5.0 |
Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.
|
24-09-2020 - 12:15 | 06-08-2020 - 18:15 | |
CVE-2020-10768 | 2.1 |
A flaw was found in the Linux Kernel before 5.8-rc1 in the prctl() function, where it can be used to enable indirect branch speculation after it has been disabled. This call incorrectly reports it as being 'force disabled' when it is not and opens th
|
22-09-2020 - 19:10 | 16-09-2020 - 00:15 | |
CVE-2019-15847 | 5.0 |
The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operati
|
17-09-2020 - 13:38 | 02-09-2019 - 23:15 | |
CVE-2017-18640 | 5.0 |
The Alias feature in SnakeYAML 1.18 allows entity expansion during a load operation, a related issue to CVE-2003-1564.
|
16-09-2020 - 10:15 | 12-12-2019 - 03:15 | |
CVE-2020-10720 | 4.9 |
A flaw was found in the Linux kernel's implementation of GRO in versions before 5.2. This flaw allows an attacker with local access to crash the system.
|
10-09-2020 - 14:46 | 03-09-2020 - 18:15 | |
CVE-2018-18751 | 7.5 |
An issue was discovered in GNU gettext 0.19.8. There is a double free in default_add_message in read-catalog.c, related to an invalid free in po_gram_parse in po-gram-gen.y, as demonstrated by lt-msgfmt.
|
08-09-2020 - 18:15 | 29-10-2018 - 12:29 | |
CVE-2019-9824 | 2.1 |
tcp_emu in slirp/tcp_subr.c (aka slirp/src/tcp_subr.c) in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to Information disclosure.
|
24-08-2020 - 17:37 | 03-06-2019 - 21:29 | |
CVE-2019-9143 | 6.8 |
An issue was discovered in Exiv2 0.27. There is infinite recursion at Exiv2::Image::printTiffStructure in the file image.cpp. This can be triggered by a crafted file. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly h
|
24-08-2020 - 17:37 | 25-02-2019 - 15:29 | |
CVE-2019-9813 | 6.8 |
Incorrect handling of __proto__ mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read and write. This vulnerability affects Firefox < 66.0.1, Firefox ESR < 60.6.1, and Thunderbird < 60.6.1.
|
24-08-2020 - 17:37 | 26-04-2019 - 17:29 | |
CVE-2019-9854 | 6.8 |
LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. Access is intended to be restricted to scripts under the share/Scripts/python, user/Script
|
24-08-2020 - 17:37 | 06-09-2019 - 19:15 | |
CVE-2019-18197 | 5.1 |
In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be
|
24-08-2020 - 17:37 | 18-10-2019 - 21:15 | |
CVE-2018-19519 | 4.3 |
In tcpdump 4.9.2, a stack-based buffer over-read exists in the print_prefix function of print-hncp.c via crafted packet data because of missing initialization.
|
24-08-2020 - 17:37 | 25-11-2018 - 20:29 | |
CVE-2019-17546 | 6.8 |
tif_getimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image, related to a "Negative-size-param" condition.
|
24-08-2020 - 17:37 | 14-10-2019 - 02:15 | |
CVE-2019-9893 | 7.5 |
libseccomp before 2.4.0 did not correctly generate 64-bit syscall argument comparisons using the arithmetic operators (LT, GT, LE, GE), which might able to lead to bypassing seccomp filters and potential privilege escalations.
|
24-08-2020 - 17:37 | 21-03-2019 - 16:01 | |
CVE-2019-5953 | 7.5 |
Buffer overflow in GNU Wget 1.20.1 and earlier allows remote attackers to cause a denial-of-service (DoS) or may execute an arbitrary code via unspecified vectors.
|
24-08-2020 - 17:37 | 17-05-2019 - 16:29 | |
CVE-2019-8324 | 6.8 |
An issue was discovered in RubyGems 2.6 and later through 3.0.2. A crafted gem with a multi-line name is not handled correctly. Therefore, an attacker could inject arbitrary code to the stub line of gemspec, which is eval-ed by code in ensure_loadabl
|
24-08-2020 - 17:37 | 17-06-2019 - 19:15 | |
CVE-2019-2821 | 2.6 |
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JSSE). Supported versions that are affected are Java SE: 11.0.3 and 12.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to comp
|
24-08-2020 - 17:37 | 23-07-2019 - 23:15 | |
CVE-2019-14809 | 7.5 |
net/url in Go before 1.11.13 and 1.12.x before 1.12.8 mishandles malformed hosts in URLs, leading to an authorization bypass in some applications. This is related to a Host field with a suffix appearing in neither Hostname() nor Port(), and is relate
|
24-08-2020 - 17:37 | 13-08-2019 - 21:15 | |
CVE-2019-12749 | 3.6 |
dbus before 1.10.28, 1.12.x before 1.12.16, and 1.13.x before 1.13.12, as used in DBusServer in Canonical Upstart in Ubuntu 14.04 (and in some, less common, uses of dbus-daemon), allows cookie spoofing because of symlink mishandling in the reference
|
24-08-2020 - 17:37 | 11-06-2019 - 17:29 | |
CVE-2019-14378 | 6.5 |
ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment.
|
24-08-2020 - 17:37 | 29-07-2019 - 11:15 | |
CVE-2019-1301 | 5.0 |
A denial of service vulnerability exists when .NET Core improperly handles web requests, aka '.NET Core Denial of Service Vulnerability'.
|
24-08-2020 - 17:37 | 11-09-2019 - 22:15 | |
CVE-2019-12312 | 5.0 |
In Libreswan 3.27 an assertion failure can lead to a pluto IKE daemon restart. An attacker can trigger a NULL pointer dereference by initiating an IKEv2 IKE_SA_INIT exchange, followed by a bogus INFORMATIONAL exchange instead of the normallly expecte
|
24-08-2020 - 17:37 | 24-05-2019 - 14:29 | |
CVE-2019-11091 | 4.7 |
Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.
|
24-08-2020 - 17:37 | 30-05-2019 - 16:29 | |
CVE-2018-12085 | 6.8 |
Liblouis 3.6.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c, a different vulnerability than CVE-2018-11440.
|
24-08-2020 - 17:37 | 09-06-2018 - 11:29 | |
CVE-2019-0117 | 2.1 |
Insufficient access control in protected memory subsystem for Intel(R) SGX for 6th, 7th, 8th, 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Xeon(R) Processor E3-1500 v5, v6 Families; Intel(R) Xeon(R) E-2100 & E-2200 Processor Families
|
24-08-2020 - 17:37 | 14-11-2019 - 20:15 | |
CVE-2019-0804 | 4.0 |
An information disclosure vulnerability exists in the way Azure WaLinuxAgent creates swap files on resource disks, aka 'Azure Linux Agent Information Disclosure Vulnerability'.
|
24-08-2020 - 17:37 | 09-04-2019 - 03:29 | |
CVE-2019-1000020 | 4.3 |
libarchive version commit 5a98dcf8a86364b3c2c469c85b93647dfb139961 onwards (version v2.8.0 onwards) contains a CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in ISO9660 parser, archive_read_support_format_iso9660.c, rea
|
24-08-2020 - 17:37 | 04-02-2019 - 21:29 | |
CVE-2019-8325 | 5.0 |
An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::CommandManager#run calls alert_error without escaping, escape sequence injection is possible. (There are many ways to cause an error.)
|
19-08-2020 - 19:01 | 17-06-2019 - 19:15 | |
CVE-2020-11078 | 4.3 |
In httplib2 before version 0.18.0, an attacker controlling unescaped part of uri for `httplib2.Http.request()` could change request headers and body, send additional hidden requests to same server. This vulnerability impacts software that uses httpli
|
19-08-2020 - 18:56 | 20-05-2020 - 16:15 | |
CVE-2020-1720 | 3.5 |
A flaw was found in PostgreSQL's "ALTER ... DEPENDS ON EXTENSION", where sub-commands did not perform authorization checks. An authenticated attacker could use this flaw in certain configurations to perform drop objects such as function, triggers, et
|
17-08-2020 - 19:15 | 17-03-2020 - 16:15 | |
CVE-2020-14928 | 4.3 |
evolution-data-server (eds) through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3. When a server sends a "begin TLS" response, eds reads additional data and evaluates it in a TLS context, aka "response injection."
|
14-08-2020 - 15:25 | 17-07-2020 - 16:15 | |
CVE-2020-14019 | 4.6 |
Open-iSCSI rtslib-fb through 2.1.72 has weak permissions for /etc/target/saveconfig.json because shutil.copyfile (instead of shutil.copy) is used, and thus permissions are not preserved.
|
07-08-2020 - 12:15 | 19-06-2020 - 11:15 | |
CVE-2018-14498 | 4.3 |
get_8bit_row in rdbmp.c in libjpeg-turbo through 1.5.90 and MozJPEG through 3.3.1 allows attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted 8-bit BMP in which one or more of the color indices is o
|
31-07-2020 - 21:15 | 07-03-2019 - 23:29 | |
CVE-2019-19338 | 2.1 |
A flaw was found in the fix for CVE-2019-11135, in the Linux upstream kernel versions before 5.5 where, the way Intel CPUs handle speculative execution of instructions when a TSX Asynchronous Abort (TAA) error occurs. When a guest is running on a hos
|
21-07-2020 - 17:17 | 13-07-2020 - 17:15 | |
CVE-2019-13345 | 4.3 |
The cachemgr.cgi web module of Squid through 4.7 has XSS via the user_name or auth parameter.
|
11-07-2020 - 00:15 | 05-07-2019 - 16:15 | |
CVE-2020-5312 | 7.5 |
libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow.
|
10-07-2020 - 17:09 | 03-01-2020 - 01:15 | |
CVE-2019-13232 | 2.1 |
Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service (resource consumption), aka a "better zip bomb" issue.
|
16-06-2020 - 18:25 | 04-07-2019 - 13:15 | |
CVE-2020-12657 | 4.6 |
An issue was discovered in the Linux kernel before 5.6.5. There is a use-after-free in block/bfq-iosched.c related to bfq_idle_slice_timer_body.
|
13-06-2020 - 09:15 | 05-05-2020 - 07:15 | |
CVE-2020-2732 | 2.3 |
A flaw was discovered in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is enabled. Under some circumstances, an L2 guest may trick the L0 guest into accessing sensitive L1 resources that shou
|
10-06-2020 - 20:15 | 08-04-2020 - 22:15 | |
CVE-2020-10957 | 5.0 |
In Dovecot before 2.3.10.1, unauthenticated sending of malformed parameters to a NOOP command causes a NULL Pointer Dereference and crash in submission-login, submission, or lmtp.
|
28-05-2020 - 04:15 | 18-05-2020 - 14:15 | |
CVE-2019-20792 | 4.6 |
OpenSC before 0.20.0 has a double free in coolkey_free_private_data because coolkey_add_object in libopensc/card-coolkey.c lacks a uniqueness check.
|
26-05-2020 - 16:51 | 29-04-2020 - 04:15 | |
CVE-2019-11596 | 5.0 |
In memcached before 1.5.14, a NULL pointer dereference was found in the "lru mode" and "lru temp_ttl" commands. This causes a denial of service when parsing crafted lru command messages in process_lru_command in memcached.c.
|
26-05-2020 - 16:15 | 29-04-2019 - 15:29 | |
CVE-2020-11008 | 5.0 |
Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. This bug is similar to CVE-2020-5260(GHSA-qm7j-c969-7j4q). The fix for that bug still left the door open fo
|
22-05-2020 - 19:15 | 21-04-2020 - 19:15 | |
CVE-2019-19330 | 7.5 |
The HTTP/2 implementation in HAProxy before 2.0.10 mishandles headers, as demonstrated by carriage return (CR, ASCII 0xd), line feed (LF, ASCII 0xa), and the zero character (NUL, ASCII 0x0), aka Intermediary Encapsulation Attacks.
|
01-04-2020 - 21:15 | 27-11-2019 - 16:15 | |
CVE-2020-10696 | 9.3 |
A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to trick a user into building a malicious container image hosted on an HTTP(s) server and then write files to the user's system anywhere that the user
|
01-04-2020 - 13:18 | 31-03-2020 - 22:15 | |
CVE-2019-3696 | 4.4 |
A Improper Limitation of a Pathname to a Restricted Directory vulnerability in the packaging of pcp of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE Linux Enterprise High Performance Computing 15-LTSS, SUSE Linux Enterprise Module f
|
24-03-2020 - 14:00 | 03-03-2020 - 11:15 | |
CVE-2019-18634 | 4.6 |
In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. (pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for upst
|
07-02-2020 - 17:15 | 29-01-2020 - 18:15 | |
CVE-2019-14867 | 6.8 |
A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x versions before 4.7.4 and all 4.8.x versions before 4.8.3, in the way the internal function ber_scanf() was used in some components of the IPA server, which parsed kerberos key data.
|
05-02-2020 - 00:15 | 27-11-2019 - 09:15 | |
CVE-2020-1931 | 9.3 |
A command execution issue was found in Apache SpamAssassin prior to 3.4.3. Carefully crafted nefarious Configuration (.cf) files can be configured to run system commands similar to CVE-2018-11805. This issue is less stealthy and attempts to exploit t
|
02-02-2020 - 04:15 | 30-01-2020 - 18:15 | |
CVE-2020-7053 | 4.6 |
In the Linux kernel 4.14 longterm through 4.14.165 and 4.19 longterm through 4.19.96 (and 5.x before 5.2), there is a use-after-free (write) in the i915_ppgtt_close function in drivers/gpu/drm/i915/i915_gem_gtt.c, aka CID-7dc40713618c. This is relate
|
30-01-2020 - 16:15 | 14-01-2020 - 21:15 | |
CVE-2020-2655 | 5.8 |
Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 11.0.5 and 13.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to comprom
|
28-01-2020 - 13:15 | 15-01-2020 - 17:15 | |
CVE-2019-19334 | 7.5 |
In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "identityref". An application that uses libyang to parse untrusted YANG files may be vulnerable to this fl
|
18-12-2019 - 18:15 | 06-12-2019 - 16:15 | |
CVE-2018-5743 | 4.3 |
By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter which, if unset, defaults to a conservative value for most servers. Unfortunately, the co
|
18-12-2019 - 18:15 | 09-10-2019 - 16:15 | |
CVE-2019-18397 | 6.8 |
A buffer overflow in the fribidi_get_par_embedding_levels_ex() function in lib/fribidi-bidi.c of GNU FriBidi through 1.0.7 allows an attacker to cause a denial of service or possibly execute arbitrary code by delivering crafted text content to a user
|
18-12-2019 - 04:15 | 13-11-2019 - 14:15 | |
CVE-2019-13225 | 4.3 |
A NULL Pointer Dereference in match_at() in regexec.c in Oniguruma 6.9.2 allows attackers to potentially cause denial of service by providing a crafted regular expression. Oniguruma issues often affect Ruby, as well as common optional libraries for P
|
16-12-2019 - 20:23 | 10-07-2019 - 14:15 | |
CVE-2019-6465 | 4.3 |
Controls for zone transfers may not be properly applied to Dynamically Loadable Zones (DLZs) if the zones are writable Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P2, 9.12.0 -> 9.12.3-P2, and versions 9.9.3-S1 -> 9.11.5-S3 of BIND 9
|
16-12-2019 - 16:57 | 09-10-2019 - 16:15 | |
CVE-2019-6470 | 5.0 |
There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in DHCPv6 mode. There was also a bug in dhcpd relating to the use of this function per its documentation, but the bug in the library function
|
06-11-2019 - 21:52 | 01-11-2019 - 23:15 | |
CVE-2018-20657 | 5.0 |
The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, has a memory leak via a crafted string, leading to a denial of service (memory consumption), as demonstrated by cxxfilt, a related issue to CVE-201
|
06-11-2019 - 01:15 | 02-01-2019 - 14:29 | |
CVE-2019-18408 | 5.0 |
archive_read_format_rar_read_data in archive_read_support_format_rar.c in libarchive before 3.4.0 has a use-after-free in a certain ARCHIVE_FAILED situation, related to Ppmd7_DecodeSymbol.
|
01-11-2019 - 11:15 | 24-10-2019 - 14:15 | |
CVE-2019-3817 | 6.8 |
A use-after-free flaw has been discovered in libcomps before version 0.1.10 in the way ObjMRTrees are merged. An attacker, who is able to make an application read a crafted comps XML file, may be able to crash the application or execute malicious cod
|
09-10-2019 - 23:49 | 27-03-2019 - 13:29 | |
CVE-2019-3890 | 5.8 |
It was discovered evolution-ews before 3.31.3 does not check the validity of SSL certificates. An attacker could abuse this flaw to get confidential information by tricking the user into connecting to a fake server without the user noticing the diffe
|
09-10-2019 - 23:49 | 01-08-2019 - 14:15 | |
CVE-2019-3825 | 6.9 |
A vulnerability was discovered in gdm before 3.31.4. When timed login is enabled in configuration, an attacker could bypass the lock screen by selecting the timed login user and waiting for the timer to expire, at which time they would gain access to
|
09-10-2019 - 23:49 | 06-02-2019 - 20:29 | |
CVE-2019-11752 | 9.3 |
It is possible to delete an IndexedDB key value and subsequently try to extract it during conversion. This results in a use-after-free and a potentially exploitable crash. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.
|
04-10-2019 - 18:15 | 27-09-2019 - 18:15 | |
CVE-2018-9251 | 2.6 |
The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnera
|
03-10-2019 - 00:03 | 04-04-2018 - 02:29 | |
CVE-2018-12180 | 6.8 |
Buffer overflow in BlockIo service for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via network access.
|
03-10-2019 - 00:03 | 27-03-2019 - 20:29 | |
CVE-2018-11782 | 4.0 |
In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server process may exit when a well-formed read-only request produces a particular answer. This can lead to disruption for users of the server.
|
27-09-2019 - 15:33 | 26-09-2019 - 16:15 | |
CVE-2019-11500 | 7.5 |
In Dovecot before 2.2.36.4 and 2.3.x before 2.3.7.2 (and Pigeonhole before 0.5.7.2), protocol processing can fail for quoted strings. This occurs because '\0' characters are mishandled, and can lead to out-of-bounds writes and remote code execution.
|
06-09-2019 - 15:15 | 29-08-2019 - 14:15 | |
CVE-2019-13638 | 9.3 |
GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable sy
|
16-08-2019 - 12:15 | 26-07-2019 - 13:15 | |
CVE-2016-10739 | 4.6 |
In the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume tha
|
06-08-2019 - 17:15 | 21-01-2019 - 19:29 | |
CVE-2019-9820 | 7.5 |
A use-after-free vulnerability can occur in the chrome event handler when it is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.
|
26-07-2019 - 16:15 | 23-07-2019 - 14:15 | |
CVE-2019-13636 | 5.8 |
In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and util.c.
|
24-07-2019 - 17:15 | 17-07-2019 - 21:15 | |
CVE-2019-13045 | 6.8 |
Irssi before 1.0.8, 1.1.x before 1.1.3, and 1.2.x before 1.2.1, when SASL is enabled, has a use after free when sending SASL login to the server.
|
03-07-2019 - 15:15 | 29-06-2019 - 14:15 | |
CVE-2019-3814 | 4.9 |
It was discovered that Dovecot before versions 2.2.36.1 and 2.3.4.1 incorrectly handled client certificates. A remote attacker in possession of a valid certificate with an empty username field could possibly use this issue to impersonate other users.
|
14-06-2019 - 03:29 | 27-03-2019 - 13:29 | |
CVE-2019-12735 | 9.3 |
getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline, as demonstrated by execute in Vim, and assert_fails or nvim_input in Neovim.
|
13-06-2019 - 21:29 | 05-06-2019 - 14:29 | |
CVE-2018-15587 | 4.3 |
GNOME Evolution through 3.28.2 is prone to OpenPGP signatures being spoofed for arbitrary messages using a specially crafted email that contains a valid signature from the entity to be impersonated as an attachment.
|
10-06-2019 - 07:29 | 11-02-2019 - 17:29 | |
CVE-2019-3836 | 5.0 |
It was discovered in gnutls before version 3.6.7 upstream that there is an uninitialized pointer access in gnutls versions 3.6.3 or later which can be triggered by certain post-handshake messages.
|
30-05-2019 - 16:29 | 01-04-2019 - 15:29 | |
CVE-2019-0981 | 5.0 |
A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests, aka '.Net Framework and .Net Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0820, CVE-2019-0980.
|
22-05-2019 - 13:29 | 16-05-2019 - 19:29 | |
CVE-2019-3863 | 6.8 |
A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bound
|
14-05-2019 - 21:29 | 25-03-2019 - 18:29 | |
CVE-2019-11235 | 7.5 |
FreeRADIUS before 3.0.19 mishandles the "each participant verifies that the received scalar is within a range, and that the received group element is a valid point on the curve being used" protection mechanism, aka a "Dragonblood" issue, a similar is
|
13-05-2019 - 18:29 | 22-04-2019 - 11:29 | |
CVE-2019-10063 | 6.8 |
Flatpak before 1.0.8, 1.1.x and 1.2.x before 1.2.4, and 1.3.x before 1.3.1 allows a sandbox bypass. Flatpak versions since 0.8.1 address CVE-2017-5226 by using a seccomp filter to prevent sandboxed apps from using the TIOCSTI ioctl, which could other
|
13-05-2019 - 10:29 | 26-03-2019 - 14:29 | |
CVE-2019-3878 | 6.8 |
A vulnerability was found in mod_auth_mellon before v0.14.2. If Apache is configured as a reverse proxy and mod_auth_mellon is configured to only let through authenticated users (with the require valid-user directive), adding special HTTP headers tha
|
07-05-2019 - 09:29 | 26-03-2019 - 18:29 | |
CVE-2019-3877 | 4.3 |
A vulnerability was found in mod_auth_mellon before v0.14.2. An open redirect in the logout URL allows requests with backslashes to pass through by assuming that it is a relative URL, while the browsers silently convert backslash characters into forw
|
16-04-2019 - 18:29 | 27-03-2019 - 13:29 | |
CVE-2018-8037 | 4.3 |
If an async request was completed by the application at the same time as the container triggered the async timeout, a race condition existed that could result in a user seeing a response intended for a different user. An additional issue was present
|
15-04-2019 - 16:31 | 02-08-2018 - 14:29 | |
CVE-2019-6978 | 7.5 |
The GD Graphics Library (aka LibGD) 2.2.5 has a double free in the gdImage*Ptr() functions in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c. NOTE: PHP is unaffected.
|
05-04-2019 - 00:29 | 28-01-2019 - 08:29 | |
CVE-2018-17828 | 5.8 |
Directory traversal vulnerability in ZZIPlib 0.13.69 allows attackers to overwrite arbitrary files via a .. (dot dot) in a zip file, because of the function unzzip_cat in the bins/unzzipcat-mem.c file.
|
28-11-2018 - 15:00 | 01-10-2018 - 08:29 | |
CVE-2018-7263 | 6.8 |
The mad_decoder_run() function in decoder.c in Underbit libmad through 0.15.1b allows remote attackers to cause a denial of service (SIGABRT because of double free or corruption) or possibly have unspecified other impact via a crafted file. NOTE: thi
|
19-03-2018 - 18:34 | 20-02-2018 - 21:29 |