Total
12745 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-9209 | 4 Canonical, Debian, Opensuse and 1 more | 4 Ubuntu Linux, Debian Linux, Leap and 1 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the ASN.1 BER and related dissectors could crash. This was addressed in epan/dissectors/packet-ber.c by preventing a buffer overflow associated with excessive digits in time values. | |||||
| CVE-2019-9200 | 3 Canonical, Debian, Freedesktop | 3 Ubuntu Linux, Debian Linux, Poppler | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| A heap-based buffer underwrite exists in ImageStream::getLine() located at Stream.cc in Poppler 0.74.0 that can (for example) be triggered by sending a crafted PDF file to the pdfimages binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. | |||||
| CVE-2019-9183 | 2 Contiki-ng, Contiki-os | 2 Contiki-ng, Contiki | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Contiki-NG through 4.3 and Contiki through 3.0. A buffer overflow is present due to an integer underflow during 6LoWPAN fragment processing in the face of truncated fragments in os/net/ipv6/sicslowpan.c. This results in accesses of unmapped memory, crashing the application. An attacker can cause a denial-of-service via a crafted 6LoWPAN frame. | |||||
| CVE-2019-9162 | 3 Canonical, Linux, Netapp | 7 Ubuntu Linux, Linux Kernel, Cn1610 and 4 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| In the Linux kernel before 4.20.12, net/ipv4/netfilter/nf_nat_snmp_basic_main.c in the SNMP NAT module has insufficient ASN.1 length checks (aka an array index error), making out-of-bounds read and write operations possible, leading to an OOPS or local privilege escalation. This affects snmp_version and snmp_helper. | |||||
| CVE-2019-9136 | 1 Datools | 1 Daviewindy | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| DaviewIndy 8.98.7 and earlier versions have a Heap-based overflow vulnerability, triggered when the user opens a malformed JPEG2000 format file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution. | |||||
| CVE-2019-9135 | 1 Datools | 1 Daviewindy | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| DaviewIndy 8.98.7 and earlier versions have a Heap-based overflow vulnerability, triggered when the user opens a malformed DIB format file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution. | |||||
| CVE-2019-9134 | 1 Solideos | 1 Architectural Information System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Architectural Information System 1.0 and earlier versions have a Stack-based buffer overflow, allows remote attackers to execute arbitrary code. | |||||
| CVE-2019-9125 | 2 D-link, Dlink | 2 Dir-878 Firmware, Dir-878 | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on D-Link DIR-878 1.12B01 devices. Because strncpy is misused, there is a stack-based buffer overflow vulnerability that does not require authentication via the HNAP_AUTH HTTP header. | |||||
| CVE-2019-9114 | 1 Libming | 1 Ming | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Ming (aka libming) 0.4.8 has an out of bounds write vulnerability in the function strcpyext() in the decompile.c file in libutil.a. | |||||
| CVE-2019-9077 | 4 Canonical, F5, Gnu and 1 more | 4 Ubuntu Linux, Traffix Signaling Delivery Controller, Binutils and 1 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in process_mips_specific in readelf.c via a malformed MIPS option section. | |||||
| CVE-2019-9075 | 4 Canonical, F5, Gnu and 1 more | 18 Ubuntu Linux, Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager and 15 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is a heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap in archive64.c. | |||||
| CVE-2019-9036 | 1 Matio Project | 1 Matio | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a heap-based buffer overflow in the function ReadNextFunctionHandle() in mat5.c. | |||||
| CVE-2019-9032 | 1 Matio Project | 1 Matio | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is an out-of-bounds write problem causing a SEGV in the function Mat_VarFree() in mat.c. | |||||
| CVE-2019-9027 | 1 Matio Project | 1 Matio | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a heap-based buffer overflow problem in the function ReadNextCell() in mat5.c. | |||||
| CVE-2019-9026 | 1 Matio Project | 1 Matio | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a heap-based buffer overflow in the function InflateVarName() in inflate.c when called from ReadNextCell in mat5.c. | |||||
| CVE-2019-9025 | 2 Netapp, Php | 2 Storage Automation Store, Php | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in PHP 7.3.x before 7.3.1. An invalid multibyte string supplied as an argument to the mb_split() function in ext/mbstring/php_mbregex.c can cause PHP to execute memcpy() with a negative argument, which could read and write past buffers allocated for the data. | |||||
| CVE-2019-9017 | 1 Solarwinds | 1 Dameware Mini Remote Control | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| DWRCC in SolarWinds DameWare Mini Remote Control 10.0 x64 has a Buffer Overflow associated with the size field for the machine name. | |||||
| CVE-2019-8985 | 1 Netis-systems | 4 Wf2411, Wf2411 Firmware, Wf2880 and 1 more | 2024-11-21 | 9.0 HIGH | 9.8 CRITICAL |
| On Netis WF2411 with firmware 2.1.36123 and other Netis WF2xxx devices (possibly WF2411 through WF2880), there is a stack-based buffer overflow that does not require authentication. This can cause denial of service (device restart) or remote code execution. This vulnerability can be triggered by a GET request with a long HTTP "Authorization: Basic" header that is mishandled by user_auth->user_ok in /bin/boa. | |||||
| CVE-2019-8981 | 1 Axtls Project | 1 Axtls | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| tls1.c in Cameron Hamilton-Rich axTLS before 2.1.5 has a Buffer Overflow via a crafted sequence of TLS packets because the need_bytes value is mismanaged. | |||||
| CVE-2019-8956 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| In the Linux Kernel before versions 4.20.8 and 4.19.21 a use-after-free error in the "sctp_sendmsg()" function (net/sctp/socket.c) when handling SCTP_SENDALL flag can be exploited to corrupt memory. | |||||