HuffmanTree_makeFromFrequencies in lodepng.c in LodePNG through 2019-09-28, as used in WinPR in FreeRDP and other products, has a memory leak because a supplied realloc pointer (i.e., the first argument to realloc) is also used for a realloc return...
7.5CVSS
7.3AI Score
0.003EPSS
libfreerdp/codec/region.c in FreeRDP through 1.1.x and 2.x through 2.0.0-rc4 has memory leaks because a supplied realloc pointer (i.e., the first argument to realloc) is also used for a realloc return...
7.5CVSS
7.3AI Score
0.012EPSS
In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer...
9.8CVSS
8.9AI Score
0.012EPSS
sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating...
5.3CVSS
6.1AI Score
0.005EPSS
lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds...
7.5CVSS
8.4AI Score
0.005EPSS
7.5CVSS
8.5AI Score
0.003EPSS
The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print()...
7.5CVSS
8.5AI Score
0.003EPSS
The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 2, a different vulnerability than...
7.5CVSS
8.6AI Score
0.003EPSS
7.5CVSS
8.5AI Score
0.003EPSS
7.5CVSS
8.5AI Score
0.003EPSS
7.5CVSS
8.5AI Score
0.003EPSS
7.5CVSS
8.5AI Score
0.003EPSS
7.5CVSS
8.5AI Score
0.003EPSS
The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags...
7.5CVSS
8.5AI Score
0.003EPSS
7.5CVSS
8.5AI Score
0.003EPSS
7.5CVSS
8.5AI Score
0.003EPSS
7.5CVSS
8.5AI Score
0.003EPSS
The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and...
7.5CVSS
8.5AI Score
0.003EPSS
7.5CVSS
8.5AI Score
0.003EPSS
The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in...
7CVSS
8.3AI Score
0.002EPSS
The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and...
7.5CVSS
8.5AI Score
0.003EPSS
The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print()...
7.5CVSS
8.5AI Score
0.003EPSS
7.5CVSS
8.5AI Score
0.003EPSS
The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print()...
7.5CVSS
8.5AI Score
0.003EPSS
PuTTY before 0.73 might allow remote SSH-1 servers to cause a denial of service by accessing freed memory locations via an SSH1_MSG_DISCONNECT...
7.5CVSS
7.2AI Score
0.007EPSS
PuTTY before 0.73 mishandles the "bracketed paste mode" protection mechanism, which may allow a session to be affected by malicious clipboard...
7.5CVSS
7.3AI Score
0.001EPSS
base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka...
3.3CVSS
6.4AI Score
0.0005EPSS
7.5CVSS
7.5AI Score
0.01EPSS
In the Linux kernel before 5.0.3, a memory leak exits in hsr_dev_finalize() in net/hsr/hsr_device.c if hsr_add_port fails to add a port, which may cause denial of service, aka...
7.5CVSS
6.9AI Score
0.007EPSS
In the Linux kernel before 5.0, a memory leak exists in sit_init_net() in net/ipv6/sit.c when register_netdev() fails to register sitn->fb_tunnel_dev, which may cause denial of service, aka...
4.7CVSS
5.2AI Score
0.001EPSS
In libvpx, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID:...
6.5CVSS
6.1AI Score
0.008EPSS
In libvpx, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID:...
6.5CVSS
6.8AI Score
0.009EPSS
In libexif, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege in the media content provider with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android...
8.8CVSS
8AI Score
0.01EPSS
In libvpx, there is a possible information disclosure due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID:...
6.5CVSS
6.2AI Score
0.008EPSS
In libvpx, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID:...
7.5CVSS
6.8AI Score
0.011EPSS
In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the mod_proxy error page. An attacker could cause the link on the error page to be malformed and instead point to a page of their choice. This would only be exploitable where a server was set up with...
6.1CVSS
7.2AI Score
0.071EPSS
runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc...
7.5CVSS
7.4AI Score
0.003EPSS
It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. Version affected: 1.8.4-5, 1.7.6-2+deb9u3, and 1.6.3-2+deb8u4. Versions fixed: 1.8.5-2 and...
6.3CVSS
6.3AI Score
0.002EPSS
In QEMU 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg-8~deb10u1, 1:3.1+dfsg-8+deb10u2, and 1:2.1+dfsg-12+deb8u12 (fixed), when executing script in lsi_execute_script(), the LSI scsi adapter emulator advances 's->dsp' index to read next opcode. This can lead to an infinite loop i...
3.8CVSS
5AI Score
0.0005EPSS
An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not check the length of variable elements in a beacon head, leading to a buffer...
9.8CVSS
8.9AI Score
0.009EPSS
6.5CVSS
7.2AI Score
0.003EPSS
6.5CVSS
7.4AI Score
0.001EPSS
ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in...
6.5CVSS
7.5AI Score
0.001EPSS
ImageMagick 7.0.8-43 has a memory leak in Huffman2DEncodeImage in coders/ps3.c, as demonstrated by...
6.5CVSS
7.5AI Score
0.001EPSS
ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in...
6.5CVSS
7.5AI Score
0.001EPSS
6.5CVSS
7.5AI Score
0.001EPSS
process_http_response in OpenConnect before 8.05 has a Buffer Overflow when a malicious server uses HTTP chunked encoding with crafted chunk...
9.8CVSS
9.2AI Score
0.007EPSS
9.8CVSS
9.2AI Score
0.012EPSS
9.8CVSS
9.7AI Score
0.098EPSS
In Wireshark 3.0.0 to 3.0.3 and 2.6.0 to 2.6.10, the Gryphon dissector could go into an infinite loop. This was addressed in plugins/epan/gryphon/packet-gryphon.c by checking for a message length of...
7.5CVSS
7.2AI Score
0.002EPSS