GNU LibreDWG 0.9.3.2564 has a NULL pointer dereference in get_next_owned_entity in...
6.5CVSS
8.6AI Score
0.001EPSS
8.8CVSS
8.7AI Score
0.002EPSS
GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bit_search_sentinel in...
8.1CVSS
8.7AI Score
0.002EPSS
GNU LibreDWG 0.9.3.2564 has an invalid pointer dereference in dwg_dynapi_entity_value in dynapi.c (dynapi.c is generated by...
6.5CVSS
8.6AI Score
0.001EPSS
GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in copy_compressed_bytes in...
8.1CVSS
8.7AI Score
0.002EPSS
8.1CVSS
8.7AI Score
0.002EPSS
An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.12, and Community Edition 5.0.x through 5.0.38 and 6.0.x through 6.0.23. An attacker who is logged into OTRS as an agent is able to list tickets assigned to other agents, even tickets in a queue where the attacker...
4.3CVSS
4.6AI Score
0.003EPSS
An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_HATCH_private in...
6.5CVSS
9AI Score
0.001EPSS
An issue was discovered in GNU LibreDWG 0.92. There is a use-after-free in resolve_objectref_vector in...
8.8CVSS
9.1AI Score
0.003EPSS
An issue was discovered in GNU LibreDWG 0.92. There is a heap-based buffer over-read in decode_R13_R2000 in...
8.8CVSS
8.7AI Score
0.003EPSS
An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_LWPOLYLINE_private in...
6.5CVSS
9AI Score
0.001EPSS
An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in decode_3dsolid in...
6.5CVSS
9AI Score
0.001EPSS
An issue was discovered in GNU LibreDWG before 0.93. There is a double-free in dwg_free in...
8.8CVSS
9AI Score
0.001EPSS
An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_SPLINE_private in...
6.5CVSS
9AI Score
0.001EPSS
zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP...
7.5CVSS
7.8AI Score
0.011EPSS
flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect...
7.5CVSS
7.8AI Score
0.011EPSS
multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for...
7.5CVSS
8AI Score
0.014EPSS
7.8CVSS
7.6AI Score
0.001EPSS
7.8CVSS
7.6AI Score
0.001EPSS
exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are...
7.5CVSS
7.8AI Score
0.011EPSS
An exploitable code execution vulnerability exists in the ss-manager binary of Shadowsocks-libev 3.3.2. Specially crafted network packets sent to ss-manager can cause an arbitrary binary to run, resulting in code execution and privilege escalation. An attacker can send network packets to trigger...
7.8CVSS
7.7AI Score
0.001EPSS
An issue was discovered in phpMyAdmin before 4.9.2. A crafted database/table name can be used to trigger a SQL injection attack through the designer...
9.8CVSS
9.4AI Score
0.005EPSS
GDAL through 3.0.1 has a poolDestroy double free in OGRExpatRealloc in ogr/ogr_expat.cpp when the 10MB threshold is...
9.8CVSS
9.3AI Score
0.011EPSS
Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read in buildSmbNtlmAuthRequest in smbutil.c for a crafted NTLM...
9.8CVSS
9.2AI Score
0.006EPSS
BIRD Internet Routing Daemon 1.6.x through 1.6.7 and 2.x through 2.0.5 has a stack-based buffer overflow. The BGP daemon's support for RFC 8203 administrative shutdown communication messages included an incorrect logical expression when checking the validity of an input message. Sending a shutdown....
7.5CVSS
7.5AI Score
0.003EPSS
7.5CVSS
7.3AI Score
0.005EPSS
In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates to libKF5ConfigCore.so, and the mishandling of .desktop and .directory files, as demonstrated by a shell command on an Icon line in a .desktop....
7.8CVSS
7.6AI Score
0.003EPSS
An exploitable code execution vulnerability exists in the XPM image rendering function of SDL2_image 2.0.4. A specially crafted XPM image can cause an integer overflow in the colorhash function, allocating too small of a buffer. This buffer can then be written out of bounds, resulting in a heap...
8.8CVSS
8.8AI Score
0.002EPSS
An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image 2.0.4. A specially crafted XCF image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this...
8.8CVSS
8.6AI Score
0.004EPSS
An exploitable code execution vulnerability exists in the PCX image-rendering functionality of SDL2_image 2.0.4. A specially crafted PCX image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this...
8.8CVSS
8.6AI Score
0.004EPSS
An exploitable code execution vulnerability exists in the XPM image rendering functionality of SDL2_image 2.0.4. A specially crafted XPM image can cause an integer overflow, allocating too small of a buffer. This buffer can then be written out of bounds resulting in a heap overflow, ultimately...
8.8CVSS
8.8AI Score
0.003EPSS
An Integer underflow in VLC Media Player versions < 3.0.7 leads to an out-of-band...
7.1CVSS
7.8AI Score
0.001EPSS
5.5CVSS
5.6AI Score
0.001EPSS
lavc_CopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC media player through 3.0.7 has a heap-based buffer over-read because it does not properly validate the width and...
9.8CVSS
9.3AI Score
0.009EPSS
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in...
8.1CVSS
8.3AI Score
0.003EPSS
An Integer Underflow in MP4_EIA608_Convert() in modules/demux/mp4/mp4.c in VideoLAN VLC media player through 3.0.7.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and crash) or possibly have unspecified other impact via a crafted .mp4...
7.8CVSS
8.9AI Score
0.007EPSS
An exploitable heap-based buffer overflow vulnerability exists when loading a PCX file in SDL2_image, version 2.0.4. A missing error handler can lead to a buffer overflow and potential code execution. An attacker can provide a specially crafted image file to trigger this...
8.8CVSS
8.7AI Score
0.003EPSS
An exploitable integer overflow vulnerability exists when loading a PCX file in SDL2_image 2.0.4. A specially crafted file can cause an integer overflow, resulting in too little memory being allocated, which can lead to a buffer overflow and potential code execution. An attacker can provide a...
8.8CVSS
8.7AI Score
0.005EPSS
An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a SEGV in the SDL function SDL_free_REAL at...
6.5CVSS
7.1AI Score
0.004EPSS
In the client side of Heimdal before 7.6.0, failure to verify anonymous PKINIT PA-PKINIT-KX key exchange permits a man-in-the-middle attack. This issue is in krb5_init_creds_step in...
7.4CVSS
7AI Score
0.004EPSS
In GraphicsMagick from version 1.3.8 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WritePDBImage of coders/pdb.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. This is related to...
8.8CVSS
8.9AI Score
0.003EPSS
In GraphicsMagick from version 1.3.30 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WriteMATLABImage of coders/mat.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. This is related to...
8.8CVSS
8.9AI Score
0.004EPSS
coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause a denial of service (floating-point exception and application crash) by crafting an XWD image file, a different vulnerability than CVE-2019-11008 and...
6.5CVSS
6.9AI Score
0.006EPSS
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable proto property, it could extend the native...
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer overflow in the function WriteXWDImage of coders/xwd.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image...
8.8CVSS
7.7AI Score
0.009EPSS
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the ReadMNGImage function of coders/png.c, which allows attackers to cause a denial of service or information disclosure via an image...
8.1CVSS
8.3AI Score
0.012EPSS
In Roundcube Webmail before 1.3.10, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the...
4.3CVSS
5.4AI Score
0.003EPSS
In PuTTY versions before 0.71 on Windows, local attackers could hijack the application by putting a malicious help file in the same directory as the...
7.8CVSS
7.9AI Score
0.0004EPSS
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer overflow in the function dwg_decode_eed_data at decode.c for the y...
7.5CVSS
9.3AI Score
0.003EPSS
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LEADER at...
7.5CVSS
9AI Score
0.114EPSS