CVE-2019-17563

It was found that tomcat's FORM authentication allowed a very small period in which an attacker could possibly force a victim to use a valid user session, or Session Fixation. While practical exploit of this issue is deemed highly improbable, an abundance of caution merits it be considered a flaw...

HTTP/2: flood using empty frames results in excessive resource consumption

A flaw was found in HTTP/2. Using frames with an empty payload, a flood could occur that results in excessive CPU usage and starvation of other clients. The highest threat from this vulnerability is to system availability...

HTTP/2: flood using HEADERS frames results in unbounded memory growth

A flaw was found in HTTP/2. Using HEADER frames with invalid HTTP headers and queuing of response RSTSTREAM frames, an attacker could cause a flood resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...

CVE-2019-18391

A heap-based buffer overflow flaw was found in virglrenderer. The vrendrenderertransferwriteiov function allows guest OS users to cause a denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

CVE-2019-18389

A heap-based buffer overflow flaw was found in virglrenderer. The vrendrenderertransferwriteiov function allows guest OS users to cause a denial of service or a QEMU guest-to-host escape with code execution. The highest threat from this vulnerability is to data confidentiality and integrity as we...

HTTP/2: flood using PING frames results in unbounded memory growth

A flaw was found in HTTP/2. Using PING frames and queuing of response PING ACK frames, a flood attack could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...

The vulnerability of the tcpdump tool for capturing and analyzing network traffic lies in insufficient validation of input data. This allows a malicious actor to gain unauthorized access to information and compromise its integrity and availability.

The vulnerability of the tcpdump tool for capturing and analyzing network traffic is related to insufficient validation of input data. Exploiting this vulnerability can allow a remote attacker to gain unauthorized access to information and compromise its integrity and availability...

CVE-2019-19530

A use-after-free flaw was found in the acmprobe USB subsystem in the Linux kernel. A race condition occurs when a destroy procedure is initiated allowing the refcount to decrement on the interface so early that it is never under counted. A malicious USB device is required for exploit. System...

CVE-2019-19526

A use-after-free flaw was found in the pn533usbprobe USB interface in the Linux kernel. If the driver registration fails it needs to do all the cleanup activity and free all the related resources. A malicious USB device can cause this process to fail, causing a use-after-free vulnerability. Syste...

CVE-2019-19578

A flaw was found in Xen in versions through 4.12.x. An incorrect fix for CVE-2017-15595 allows x86 PV guest OS users to cause a denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

CVE-2019-18838

A flaw was found in envoy. A malformed HTTP request without the Host header may cause abnormal termination of the Envoy process. The highest threat from this vulnerability is to system availability...

CVE-2019-14899

A flaw was found in openvpn. A malicous access point or adjacent user can determine if a connected user is using a VPN by making positive inferences about the websites they are visiting, and determining the correct sequence and acknowledgement numbers in use, which allows the attacker to inject...

HTTP/2: flood using SETTINGS frames results in unbounded memory growth

A flaw was found in HTTP/2. Using SETTINGS frames and queuing of SETTINGS ACK frames, a flood could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...

HTTP/2: flood using SETTINGS frames results in unbounded memory growth

A flaw was found in HTTP/2. Using SETTINGS frames and queuing of SETTINGS ACK frames, a flood could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...

HTTP/2: flood using PING frames results in unbounded memory growth

A flaw was found in HTTP/2. Using PING frames and queuing of response PING ACK frames, a flood attack could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...

CVE-2019-14901

A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The vulnerability allows a remote attacker to cause a system crash, resulting in a denial of service, or execute arbitrary code. The highest threat with this vulnerability ...

CVE-2019-10220

A flaw was found in the Linux kernel's SMB client. Path separators are not checked by cifs.ko when parsing directory listings back. A bad server can return relative paths that will be returned as-is to userspace potentially leading to manipulating of files outside shared mount points. The highest...

HTTP/2: flood using PING frames results in unbounded memory growth

A flaw was found in HTTP/2. Using PING frames and queuing of response PING ACK frames, a flood attack could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...

HTTP/2: flood using SETTINGS frames results in unbounded memory growth

A flaw was found in HTTP/2. Using SETTINGS frames and queuing of SETTINGS ACK frames, a flood could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...

HTTP/2: flood using HEADERS frames results in unbounded memory growth

A flaw was found in HTTP/2. Using HEADER frames with invalid HTTP headers and queuing of response RSTSTREAM frames, an attacker could cause a flood resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...