Lucene search
K

4373 matches found

NVD
NVD
added 2019/09/06 10:15 p.m.29 views

CVE-2019-16088

Xpdf 3.04 has a SIGSEGV in XRef::fetch in XRef.cc after many recursive calls to Catalog::countPageTree in Catalog.cc...

5.5CVSS5.5AI score0.009EPSS
Exploits1References1
Prion
Prion
added 2019/09/06 10:15 p.m.25 views

Design/Logic Flaw

Xpdf 3.04 has a SIGSEGV in XRef::fetch in XRef.cc after many recursive calls to Catalog::countPageTree in Catalog.cc...

4.3CVSS5.3AI score0.009EPSS
Exploits1References1Affected Software1
UbuntuCve
UbuntuCve
added 2019/09/06 10:15 p.m.31 views

CVE-2019-16088

Xpdf 3.04 has a SIGSEGV in XRef::fetch in XRef.cc after many recursive calls to Catalog::countPageTree in Catalog.cc...

5.5CVSS6.8AI score0.009EPSS
Exploits1References2
Cvelist
Cvelist
added 2019/09/06 9:25 p.m.37 views

CVE-2019-16088

Xpdf 3.04 has a SIGSEGV in XRef::fetch in XRef.cc after many recursive calls to Catalog::countPageTree in Catalog.cc...

5.5AI score0.009EPSS
Exploits1References1
CVE
CVE
added 2019/09/06 9:25 p.m.304 views

CVE-2019-16088

CVE-2019-16088 affects Xpdf 3.04, with a SIGSEGV in XRef::fetch in XRef.cc after many recursive calls to Catalog::countPageTree in Catalog.cc. The connected Nessus and PTSecurity entries describe later Xpdf issues (not this CVE) and do not provide a patch or remediation for 3.04. Exploitation sta...

5.5CVSS5.2AI score0.009EPSS
Exploits1References1Affected Software1
Debian CVE
Debian CVE
added 2019/09/06 9:25 p.m.18 views

CVE-2019-16088

Xpdf 3.04 has a SIGSEGV in XRef::fetch in XRef.cc after many recursive calls to Catalog::countPageTree in Catalog.cc...

5.5CVSS2.8AI score0.009EPSS
Exploits1
OSV
OSV
added 2019/09/05 8:15 p.m.0 views

UBUNTU-CVE-2019-10753

In all versions prior to version 3.9.6 for eclipse-wtp, all versions prior to version 9.4.4 for eclipse-cdt, and all versions prior to version 3.0.1 for eclipse-groovy, Spotless was resolving dependencies over an insecure channel http. If the build occurred over an insecure connection, a maliciou...

5.9CVSS6.2AI score0.00724EPSS
Exploits0References3
OSV
OSV
added 2019/08/26 6:15 p.m.4 views

CVE-2019-13020

The fetch API in Tightrope Media Carousel before 7.1.3 has CarouselAPI/v0/fetch?url= SSRF. This has two potential areas for abuse. First, a specially crafted URL could be used in a phishing attack to hijack the trust the user and the browser have with the website and could serve malicious content...

10CVSS7.3AI score0.01114EPSS
Exploits0References1
Prion
Prion
added 2019/08/26 6:15 p.m.14 views

Design/Logic Flaw

The fetch API in Tightrope Media Carousel before 7.1.3 has CarouselAPI/v0/fetch?url= SSRF. This has two potential areas for abuse. First, a specially crafted URL could be used in a phishing attack to hijack the trust the user and the browser have with the website and could serve malicious content...

6.4CVSS9.2AI score0.01114EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.40 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : thunderbird Multiple Vulnerabilities (NS-SA-2019-0158)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has thunderbird packages installed that are affected by multiple vulnerabilities: - pngimagefree in png.c in libpng 1.6.36 has a use- after-free because pngimagefreefunction is called under pngsafeexecute. CVE-2019-7317 - If a...

9.8CVSS7.8AI score0.09393EPSS
Exploits3References13
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.21 views

NewStart CGSL MAIN 4.05 : firefox Multiple Vulnerabilities (NS-SA-2019-0124)

The remote NewStart CGSL host, running version MAIN 4.05, has firefox packages installed that are affected by multiple vulnerabilities: - Memory safety bugs were reported in Firefox 58 and Firefox ESR 52.6. Some of these bugs showed evidence of memory corruption and we presume that with enough...

9.8CVSS8.2AI score0.12054EPSS
Exploits3References20
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.239 views

NewStart CGSL MAIN 5.04 : firefox Multiple Vulnerabilities (NS-SA-2019-0011)

The remote NewStart CGSL host, running version MAIN 5.04, has firefox packages installed that are affected by multiple vulnerabilities: - Memory safety bugs were reported in Firefox 58 and Firefox ESR 52.6. Some of these bugs showed evidence of memory corruption and we presume that with enough...

9.8CVSS8.2AI score0.12054EPSS
Exploits3References20
PyPA
PyPA
added 2019/08/07 5:15 p.m.5 views

PYSEC-2019-114

Prior to Spark 2.3.3, in certain situations Spark would write user data to local disk unencrypted, even if spark.io.encryption.enabled=true. This includes cached blocks that are fetched to disk controlled by spark.maxRemoteBlockSizeFetchToMem; in SparkR, using parallelize; in Pyspark, using...

7.5CVSS6.6AI score0.01291EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linux
added 2019/08/06 1:21 p.m.3 views

webkitgtk: malicious crafted web content leads to information disclosure

A cross-origin issue existed with the fetch API. This was addressed with improved input validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may disclose sensitive user information...

6.5CVSS7.2AI score0.01225EPSS
Exploits0References4
OSV
OSV
added 2019/07/24 11:7 p.m.6 views

USN-4072-1 ansible vulnerabilities

It was discovered that Ansible failed to properly handle sensitive information. A local attacker could use those vulnerabilities to extract them. CVE-2017-7481 CVE-2018-10855 CVE-2018-16837 CVE-2018-16876 CVE-2019-10156 It was discovered that Ansible could load configuration files from the curren...

9.8CVSS6.7AI score0.04617EPSS
Exploits0References9
NVD
NVD
added 2019/07/23 2:15 p.m.14 views

CVE-2019-9819

A vulnerability where a JavaScript compartment mismatch can occur while working with the fetch API, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 60.7, Firefox 67, and Firefox ESR 60.7...

9.8CVSS7.5AI score0.01685EPSS
Exploits0References4
OSV
OSV
added 2019/07/23 2:15 p.m.5 views

CVE-2019-9819

A vulnerability where a JavaScript compartment mismatch can occur while working with the fetch API, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 60.7, Firefox 67, and Firefox ESR 60.7...

9.8CVSS9.1AI score
Exploits0References4
OSV
OSV
added 2019/07/23 2:15 p.m.1 views

DEBIAN-CVE-2019-9819

A vulnerability where a JavaScript compartment mismatch can occur while working with the fetch API, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 60.7, Firefox 67, and Firefox ESR 60.7...

9.8CVSS8.8AI score0.01685EPSS
Exploits0References1
OSV
OSV
added 2019/07/23 2:15 p.m.2 views

DEBIAN-CVE-2019-11730

A vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the same directory or sub-directories if the names are known or guessed. The Fetch API can then be used to read the contents of any files stored in these directories and...

6.5CVSS8.4AI score0.20271EPSS
Exploits0References1
OSV
OSV
added 2019/07/23 2:15 p.m.8 views

CVE-2019-11730

A vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the same directory or sub-directories if the names are known or guessed. The Fetch API can then be used to read the contents of any files stored in these directories and...

6.5CVSS8.3AI score
Exploits0References13
Rows per page
Query Builder