Total
12304 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-13217 | 2 Debian, Stb Vorbis Project | 2 Debian Linux, Stb Vorbis | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A heap buffer overflow in the start_decoder function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis file. | |||||
| CVE-2019-13207 | 1 Nlnetlabs | 1 Name Server Daemon | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| nsd-checkzone in NLnet Labs NSD 4.2.0 has a Stack-based Buffer Overflow in the dname_concatenate() function in dname.c. | |||||
| CVE-2019-13193 | 1 Brother | 600 Ads-2400n, Ads-2400n Firmware, Ads-2800w and 597 more | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| Some Brother printers (such as the HL-L8360CDW v1.20) were affected by a stack buffer overflow vulnerability as the web server did not parse the cookie value properly. This would allow an attacker to execute arbitrary code on the device. | |||||
| CVE-2019-13192 | 1 Brother | 600 Ads-2400n, Ads-2400n Firmware, Ads-2800w and 597 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Some Brother printers (such as the HL-L8360CDW v1.20) were affected by a heap buffer overflow vulnerability as the IPP service did not parse attribute names properly. This would allow an attacker to execute arbitrary code on the device. | |||||
| CVE-2019-13171 | 1 Xerox | 2 Phaser 3320, Phaser 3320 Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by one or more stack-based buffer overflow vulnerabilities in the Google Cloud Print implementation that would allow an unauthenticated attacker to execute arbitrary code on the device. This was caused by an insecure handling of the register parameters, because the size used within a memcpy() function, which copied the action value into a local variable, was not checked properly. | |||||
| CVE-2019-13156 | 1 Naver | 1 Cloud Explorer | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| NDrive(1.2.2).sys in Naver Cloud Explorer has a stack-based buffer overflow, which allows attackers to cause a denial of service when reading data from IOCTL handle. | |||||
| CVE-2019-13132 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| In ZeroMQ libzmq before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.3.2, a remote, unauthenticated client connecting to a libzmq application, running with a socket listening with CURVE encryption/authentication enabled, may cause a stack overflow and overwrite the stack with arbitrary data, due to a buffer overflow in the library. Users running public servers with the above configuration are highly encouraged to upgrade as soon as possible, as there are no known mitigations. | |||||
| CVE-2019-13106 | 2 Denx, Opensuse | 2 U-boot, Leap | 2024-11-21 | 8.3 HIGH | 7.8 HIGH |
| Das U-Boot versions 2016.09 through 2019.07-rc4 can memset() too much data while reading a crafted ext4 filesystem, which results in a stack buffer overflow and likely code execution. | |||||
| CVE-2019-13104 | 2 Denx, Opensuse | 2 U-boot, Leap | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| In Das U-Boot versions 2016.11-rc1 through 2019.07-rc4, an underflow can cause memcpy() to overwrite a very large amount of data (including the whole stack) while reading a crafted ext4 filesystem. | |||||
| CVE-2019-13085 | 1 Xnview | 1 Xnview | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x000000000030ecfa. | |||||
| CVE-2019-13084 | 1 Xnview | 1 Xnview | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x000000000026b739. | |||||
| CVE-2019-13083 | 1 Xnview | 1 Xnview | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000000000384e2a. | |||||
| CVE-2019-12951 | 1 Cesanta | 1 Mongoose | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Mongoose before 6.15. The parse_mqtt() function in mg_mqtt.c has a critical heap-based buffer overflow. | |||||
| CVE-2019-12937 | 1 Toaruos Project | 1 Toaruos | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| apps/gsudo.c in gsudo in ToaruOS through 1.10.9 has a buffer overflow allowing local privilege escalation to the root user via the DISPLAY environment variable. | |||||
| CVE-2019-12899 | 1 Deltaww | 1 Devicenet Builder | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Delta Electronics DeviceNet Builder 2.04 has a User Mode Write AV starting at ntdll!RtlQueueWorkItem+0x00000000000005e3. | |||||
| CVE-2019-12898 | 1 Deltaww | 1 Devicenet Builder | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Delta Electronics DeviceNet Builder 2.04 has a User Mode Write AV starting at image00400000+0x000000000017a45e. | |||||
| CVE-2019-12896 | 1 Edrawsoft | 1 Edraw Max | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Edraw Max 7.9.3 has Heap Corruption starting at ntdll!RtlpNtMakeTemporaryKey+0x0000000000001a77. | |||||
| CVE-2019-12895 | 1 Alternate-tools | 1 Alternate Pic View | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In Alternate Pic View 2.600, the Exception Handler Chain is Corrupted starting at PicViewer!PerfgrapFinalize+0x00000000000b916d. | |||||
| CVE-2019-12893 | 1 Alternate-tools | 1 Alternate Pic View | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Alternate Pic View 2.600 has a User Mode Write AV starting at PicViewer!PerfgrapFinalize+0x00000000000a8868. | |||||
| CVE-2019-12835 | 1 Leanify Project | 1 Leanify | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| formats/xml.cpp in Leanify 0.4.3 allows for a controlled out-of-bounds write in xml_memory_writer::write via characters that require escaping. | |||||