8.8CVSS
8.6AI Score
0.002EPSS
GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bit_search_sentinel in...
8.1CVSS
8.3AI Score
0.002EPSS
GNU LibreDWG 0.9.3.2564 has an invalid pointer dereference in dwg_dynapi_entity_value in dynapi.c (dynapi.c is generated by...
6.5CVSS
7.3AI Score
0.001EPSS
GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in copy_compressed_bytes in...
8.1CVSS
8.3AI Score
0.002EPSS
8.1CVSS
8.3AI Score
0.002EPSS
When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur. This could have caused heap corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR <...
8.8CVSS
8.7AI Score
0.003EPSS
nlist.c in libbsd before 0.10.0 has an out-of-bounds read during a comparison for a symbol name from the string table...
9.1CVSS
8.9AI Score
0.005EPSS
A code execution vulnerability exists in the directory rehashing functionality of E2fsprogs e2fsck 1.45.4. A specially crafted ext4 directory can cause an out-of-bounds write on the stack, resulting in code execution. An attacker can corrupt a partition to trigger this...
7.5CVSS
6.9AI Score
0.001EPSS
An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.12, and Community Edition 5.0.x through 5.0.38 and 6.0.x through 6.0.23. An attacker who is logged into OTRS as an agent is able to list tickets assigned to other agents, even tickets in a queue where the attacker...
4.3CVSS
5.5AI Score
0.003EPSS
Out of bounds access in SwiftShader in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML...
6.5CVSS
7AI Score
0.019EPSS
Out of bounds access in SwiftShader in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML...
6.5CVSS
7AI Score
0.019EPSS
Out of bounds access in SwiftShader in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML...
6.5CVSS
7AI Score
0.019EPSS
FontForge 20190801 has a heap-based buffer overflow in the Type2NotDefSplines() function in...
8.8CVSS
8.7AI Score
0.005EPSS
8.8CVSS
8.4AI Score
0.005EPSS
Ansible, versions 2.9.x before 2.9.1, 2.8.x before 2.8.7 and Ansible versions 2.7.x before 2.7.15, is not respecting the flag no_log set it to True when Sumologic and Splunk callback plugins are used send tasks results events to collectors. This would discloses and collects any sensitive...
6.5CVSS
6.4AI Score
0.003EPSS
In the Linux kernel 5.0.0-rc7 (as distributed in ubuntu/linux.git on kernel.ubuntu.com), mounting a crafted f2fs filesystem image and performing some operations can lead to slab-out-of-bounds read access in ttm_put_pages in drivers/gpu/drm/ttm/ttm_page_alloc.c. This is related to the vmwgfx or ttm....
6CVSS
6.6AI Score
0.001EPSS
mwifiex_tm_cmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c in the Linux kernel before 5.1.6 has some error-handling cases that did not free allocated hostcmd memory, aka CID-003b686ace82. This will cause a memory leak and denial of...
5.5CVSS
6.5AI Score
0.0004EPSS
An invalid memory address dereference was discovered in the canUnpack function in p_mach.cpp in UPX 3.95 via a crafted Mach-O...
5.5CVSS
5.3AI Score
0.001EPSS
An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_HATCH_private in...
6.5CVSS
7.4AI Score
0.001EPSS
An issue was discovered in GNU LibreDWG 0.92. There is a use-after-free in resolve_objectref_vector in...
8.8CVSS
8.8AI Score
0.003EPSS
An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_LWPOLYLINE_private in...
6.5CVSS
7.4AI Score
0.001EPSS
An issue was discovered in GNU LibreDWG 0.92. There is a heap-based buffer over-read in decode_R13_R2000 in...
8.8CVSS
8.2AI Score
0.003EPSS
An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in decode_3dsolid in...
6.5CVSS
7.4AI Score
0.001EPSS
An issue was discovered in GNU LibreDWG before 0.93. There is a double-free in dwg_free in...
8.8CVSS
8.8AI Score
0.001EPSS
An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_SPLINE_private in...
6.5CVSS
7.4AI Score
0.001EPSS
TigerVNC version prior to 1.10.1 is vulnerable to stack buffer overflow, which could be triggered from CMsgReader::readSetCursor. This vulnerability occurs due to insufficient sanitization of PixelFormat. Since remote attacker can choose offset from start of the buffer to start writing his values,....
7.2CVSS
7.3AI Score
0.006EPSS
TigerVNC version prior to 1.10.1 is vulnerable to stack use-after-return, which occurs due to incorrect usage of stack memory in ZRLEDecoder. If decoding routine would throw an exception, ZRLEDecoder may try to access stack variable, which has been already freed during the process of stack...
7.2CVSS
7.2AI Score
0.006EPSS
TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow, which could be triggered from DecodeManager::decodeRect. Vulnerability occurs due to the signdness error in processing MemOutStream. Exploitation of this vulnerability could potentially result into remote code execution. This.....
7.2CVSS
7.3AI Score
0.002EPSS
TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow. Vulnerability could be triggered from CopyRectDecoder due to incorrect value checks. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network...
7.2CVSS
7.3AI Score
0.003EPSS
In the Linux kernel through 5.4.6, there is a NULL pointer dereference in drivers/scsi/libsas/sas_discover.c because of mishandling of port disconnection during discovery, related to a PHY down race condition, aka...
4.7CVSS
6.2AI Score
0.001EPSS
In the Linux kernel before 5.1.6, there is a use-after-free in cpia2_exit() in drivers/media/usb/cpia2/cpia2_v4l.c that will cause denial of service, aka...
4.6CVSS
6.1AI Score
0.001EPSS
zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP...
7.5CVSS
7.8AI Score
0.011EPSS
flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect...
7.5CVSS
7.8AI Score
0.011EPSS
In GraphicsMagick 1.4 snapshot-20190403 Q8, there is a use-after-free in ThrowException and ThrowLoggedException of...
9.8CVSS
9.2AI Score
0.007EPSS
In GraphicsMagick 1.4 snapshot-20191208 Q8, there is a heap-based buffer over-read in the function EncodeImage of...
9.1CVSS
9.3AI Score
0.003EPSS
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and...
9.1CVSS
9.2AI Score
0.003EPSS
In GraphicsMagick 1.4 snapshot-20190423 Q8, there is a heap-based buffer overflow in the function ImportRLEPixels of...
9.8CVSS
9.5AI Score
0.012EPSS
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of...
9.8CVSS
9.4AI Score
0.009EPSS
When Apache Tomcat 9.0.0.M1 to 9.0.28, 8.5.0 to 8.5.47, 7.0.0 and 7.0.97 is configured with the JMX Remote Lifecycle Listener, a local attacker without access to the Tomcat process or configuration files is able to manipulate the RMI registry to perform a man-in-the-middle attack to capture user...
7CVSS
7.2AI Score
0.0005EPSS
When using FORM authentication with Apache Tomcat 9.0.0.M1 to 9.0.29, 8.5.0 to 8.5.49 and 7.0.0 to 7.0.98 there was a narrow window where an attacker could perform a session fixation attack. The window was considered too narrow for an exploit to be practical but, erring on the side of caution,...
7.5CVSS
7.7AI Score
0.004EPSS
A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via VIRGL_CCMD_RESOURCE_INLINE_WRITE...
5.5CVSS
5.8AI Score
0.001EPSS
A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service, or QEMU guest-to-host escape and code execution, via VIRGL_CCMD_RESOURCE_INLINE_WRITE...
7.8CVSS
7.4AI Score
0.001EPSS
An out-of-bounds read in the vrend_blit_need_swizzle function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via VIRGL_CCMD_BLIT...
7.1CVSS
6.6AI Score
0.0004EPSS
A NULL pointer dereference in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via malformed...
5.5CVSS
5.8AI Score
0.0004EPSS
In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP bcmath extension functions on some systems, including Windows, can be tricked into reading beyond the allocated space by supplying it with string containing characters that are identified as numeric by the OS but aren't ASCII...
5.3CVSS
6AI Score
0.004EPSS
When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information...
6.5CVSS
7.4AI Score
0.004EPSS
In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP DirectoryIterator class accepts filenames with embedded \0 byte and treats them as terminating at that byte. This could lead to security vulnerabilities, e.g. in applications checking paths that the code is allowed to...
5.9CVSS
7.3AI Score
0.008EPSS
multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for...
7.5CVSS
8.2AI Score
0.014EPSS
7.8CVSS
7.6AI Score
0.001EPSS
7.8CVSS
7.6AI Score
0.001EPSS