Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
šŸ”„ Daily Hot!
šŸ’ŖšŸ½ CPE Enhanced Advisories
šŸ•¶ Shadow Exploits
šŸ•µšŸ¼ Vulners CPE
šŸ” Security news
šŸ’» Exploit updates
šŸ“‘ Blogs review
šŸ§ Linux vulnerabilities
šŸž Bugbounty
šŸ¤– AI High Score
šŸ“° CVE Feed
show all

516 matches found

OSV
OSVā€¢added 2019/11/25 11:15 a.m.ā€¢23 views

CVE-2019-10214

The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in OpenShift Container Platform, does not enforce TLS connections to the container registry authorization service. An attacker could use this vulnerability to launc...

5.9CVSS6.5AI score0.0041EPSS
Exploits0References3
OSV
OSVā€¢added 2019/11/25 11:15 a.m.ā€¢0 views

UBUNTU-CVE-2019-10214

The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in OpenShift Container Platform, does not enforce TLS connections to the container registry authorization service. An attacker could use this vulnerability to launc...

6.4CVSS6.7AI score0.0041EPSS
Exploits0References4
UbuntuCve
UbuntuCveā€¢added 2019/11/25 11:15 a.m.ā€¢367 views

CVE-2019-10214

The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in OpenShift Container Platform, does not enforce TLS connections to the container registry authorization service. An attacker could use this vulnerability to launc...

6.4CVSS6.7AI score0.0041EPSS
Exploits0References3
Cvelist
Cvelistā€¢added 2019/11/25 10:41 a.m.ā€¢20 views

CVE-2019-10214

The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in OpenShift Container Platform, does not enforce TLS connections to the container registry authorization service. An attacker could use this vulnerability to launc...

6.4CVSS5.9AI score0.0041EPSS
Exploits0References3
RedHat Linux
RedHat Linuxā€¢added 2019/11/07 4:55 p.m.ā€¢1 views

containers/image: not enforcing TLS when sending username+password credentials to token servers leading to credential disclosure

The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in OpenShift Container Platform, does not enforce TLS connections to the container registry authorization service. An attacker could use this vulnerability to launc...

6.4CVSS7.3AI score0.0041EPSS
Exploits0References4
RedHat Linux
RedHat Linuxā€¢added 2019/11/05 9:33 p.m.ā€¢0 views

containers/image: not enforcing TLS when sending username+password credentials to token servers leading to credential disclosure

The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in OpenShift Container Platform, does not enforce TLS connections to the container registry authorization service. An attacker could use this vulnerability to launc...

6.4CVSS7.3AI score0.0041EPSS
Exploits0References4
RedHat Linux
RedHat Linuxā€¢added 2019/10/14 8:50 a.m.ā€¢0 views

containers/image: not enforcing TLS when sending username+password credentials to token servers leading to credential disclosure

The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in OpenShift Container Platform, does not enforce TLS connections to the container registry authorization service. An attacker could use this vulnerability to launc...

6.4CVSS7.3AI score0.0041EPSS
Exploits0References4
RedHat Linux
RedHat Linuxā€¢added 2019/09/25 6:37 a.m.ā€¢4 views

containers/image: not enforcing TLS when sending username+password credentials to token servers leading to credential disclosure

The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in OpenShift Container Platform, does not enforce TLS connections to the container registry authorization service. An attacker could use this vulnerability to launc...

6.4CVSS7.3AI score0.0041EPSS
Exploits0References4
RedHat Linux
RedHat Linuxā€¢added 2019/09/23 8:37 p.m.ā€¢5 views

containers/image: not enforcing TLS when sending username+password credentials to token servers leading to credential disclosure

The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in OpenShift Container Platform, does not enforce TLS connections to the container registry authorization service. An attacker could use this vulnerability to launc...

6.4CVSS7.3AI score0.0041EPSS
Exploits0References4
OSV
OSVā€¢added 2019/08/14 6:15 a.m.ā€¢1 views

UBUNTU-CVE-2019-14973

TIFFCheckMalloc and TIFFCheckRealloc in tifaux.c in LibTIFF through 4.0.10 mishandle Integer Overflow checks because they rely on compiler behavior that is undefined by the applicable C standards. This can, for example, lead to an application crash...

6.5CVSS6.7AI score0.0313EPSS
Exploits0References5
RedHat Linux
RedHat Linuxā€¢added 2019/08/06 2:22 p.m.ā€¢3 views

exiv2: Excessive memory allocation in Exiv2::Jp2Image::readMetadata function in jp2image.cpp

The Exiv2::Jp2Image::readMetadata function in jp2image.cpp in Exiv2 0.26 allows remote attackers to cause a denial of service excessive memory allocation via a crafted file...

5.5CVSS5.9AI score0.00384EPSS
Exploits1References4
OSV
OSVā€¢added 2019/07/31 5:15 p.m.ā€¢1 views

DEBIAN-CVE-2019-5058

An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2image 2.0.4. A specially crafted XCF image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability...

8.8CVSS8.1AI score0.00968EPSS
Exploits0References1
OSV
OSVā€¢added 2019/07/31 5:15 p.m.ā€¢1 views

ALPINE-CVE-2019-5058

An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2image 2.0.4. A specially crafted XCF image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability...

8.8CVSS8.1AI score0.00968EPSS
Exploits0References1
OSV
OSVā€¢added 2019/07/31 5:15 p.m.ā€¢0 views

UBUNTU-CVE-2019-5059

An exploitable code execution vulnerability exists in the XPM image rendering functionality of SDL2image 2.0.4. A specially crafted XPM image can cause an integer overflow, allocating too small of a buffer. This buffer can then be written out of bounds resulting in a heap overflow, ultimately...

8.8CVSS7.8AI score0.00968EPSS
Exploits0References3
OSV
OSVā€¢added 2019/07/31 3:15 p.m.ā€¢3 views

DEBIAN-CVE-2019-13568

CImg through 2.6.7 has a heap-based buffer overflow in loadbmp in CImg.h because of erroneous memory allocation for a malformed BMP image...

8.8CVSS7.5AI score0.00538EPSS
Exploits0References1
Talos
Talosā€¢added 2019/07/29 12:0 a.m.ā€¢125 views

SDL_image XPM image colorhash parsing Code Execution Vulnerability

Summary An exploitable code execution vulnerability exists in the XPM image rendering function of SDL2image 2.0.4. A specially crafted XPM image can cause an integer overflow in the colorhash function, allocating too small of a buffer. This buffer can then be written out of bounds, resulting in a...

8.8CVSS8.9AI score0.01319EPSS
Exploits1
OSV
OSVā€¢added 2019/07/03 7:15 p.m.ā€¢1 views

ALPINE-CVE-2019-5051

An exploitable heap-based buffer overflow vulnerability exists when loading a PCX file in SDL2image, version 2.0.4. A missing error handler can lead to a buffer overflow and potential code execution. An attacker can provide a specially crafted image file to trigger this vulnerability...

8.8CVSS8AI score0.01381EPSS
Exploits1References1
OSV
OSVā€¢added 2019/07/03 7:15 p.m.ā€¢0 views

UBUNTU-CVE-2019-5052

An exploitable integer overflow vulnerability exists when loading a PCX file in SDL2image 2.0.4. A specially crafted file can cause an integer overflow, resulting in too little memory being allocated, which can lead to a buffer overflow and potential code execution. An attacker can provide a...

8.8CVSS7.6AI score0.01512EPSS
Exploits1References4
OSV
OSVā€¢added 2019/05/20 5:29 p.m.ā€¢1 views

ALPINE-CVE-2019-12221

An issue was discovered in libSDL2.a in Simple DirectMedia Layer SDL 2.0.9 when used in conjunction with libSDL2image.a in SDL2image 2.0.4. There is a SEGV in the SDL function SDLfreeREAL at stdlib/SDLmalloc.c...

6.5CVSS7AI score0.01384EPSS
Exploits1References1
OSV
OSVā€¢added 2019/05/20 5:29 p.m.ā€¢1 views

ALPINE-CVE-2019-12217

An issue was discovered in libSDL2.a in Simple DirectMedia Layer SDL 2.0.9 when used in conjunction with libSDL2image.a in SDL2image 2.0.4. There is a NULL pointer dereference in the SDL stdioread function in file/SDLrwops.c...

6.5CVSS7AI score0.00874EPSS
Exploits1References1
Rows per page
Query Builder