Lucene search
K

252 matches found

UbuntuCve
UbuntuCve
added 2019/12/26 10:15 p.m.17 views

CVE-2019-20006

An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxmlcharcontent puts a pointer to the internal address of a larger block as xml-txt. This is later deallocated using free, leading to a segmentation fault...

7.5CVSS7.1AI score0.01605EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2019/12/26 10:15 p.m.31 views

CVE-2019-20007

An issue was discovered in ezXML 0.8.2 through 0.8.6. The function ezxmlstr2utf8, while parsing a crafted XML file, performs zero-length reallocation in ezxml.c, leading to returning a NULL pointer in some compilers. After this, the function ezxmlparsestr does not check whether the s variable is...

6.5CVSS6.6AI score0.01277EPSS
Exploits1References2
OSV
OSV
added 2019/12/26 10:15 p.m.4 views

UBUNTU-CVE-2019-20006

An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxmlcharcontent puts a pointer to the internal address of a larger block as xml-txt. This is later deallocated using free, leading to a segmentation fault...

7.5CVSS7.1AI score0.01605EPSS
Exploits1References3
CVE
CVE
added 2019/12/26 9:55 p.m.133 views

CVE-2019-20005

The CVE-2019-20005 issue affects ezXML 0.8.3–0.8.6: during ezxml_decode, parsing a crafted XML file triggers incorrect memory handling, causing a heap-based buffer over-read when strchr() is used after a '\0' (end of a string). Multiple advisories (SUSE/SLES15, Mageia, openSUSE, etc.) reference e...

6.5CVSS6.8AI score0.01169EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/12/26 9:55 p.m.21 views

CVE-2019-20005

An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxmldecode, while parsing a crafted XML file, performs incorrect memory handling, leading to a heap-based buffer over-read while running strchr starting with a pointer after a '\0' character where the processing of a string was...

7AI score0.01169EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2019/12/26 9:55 p.m.44 views

CVE-2019-20005

An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxmldecode, while parsing a crafted XML file, performs incorrect memory handling, leading to a heap-based buffer over-read while running strchr starting with a pointer after a '\0' character where the processing of a string was...

6.5CVSS6.4AI score0.01169EPSS
Exploits1
CVE
CVE
added 2019/12/26 9:55 p.m.122 views

CVE-2019-20006

CVE-2019-20006 affects ezXML 0.8.3–0.8.6. The issue stems from ezxml_char_content: it stores a pointer to the internal address of a larger block in xml->txt, and that memory is later freed, leading to a segmentation fault. Connected sources reiter this exact behavior across multiple advisories...

7.5CVSS7.4AI score0.01605EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/12/26 9:55 p.m.24 views

CVE-2019-20006

An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxmlcharcontent puts a pointer to the internal address of a larger block as xml-txt. This is later deallocated using free, leading to a segmentation fault...

7.5AI score0.01605EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2019/12/26 9:55 p.m.36 views

CVE-2019-20006

An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxmlcharcontent puts a pointer to the internal address of a larger block as xml-txt. This is later deallocated using free, leading to a segmentation fault...

7.5CVSS7.3AI score0.01605EPSS
Exploits1
Cvelist
Cvelist
added 2019/12/26 9:55 p.m.26 views

CVE-2019-20007

An issue was discovered in ezXML 0.8.2 through 0.8.6. The function ezxmlstr2utf8, while parsing a crafted XML file, performs zero-length reallocation in ezxml.c, leading to returning a NULL pointer in some compilers. After this, the function ezxmlparsestr does not check whether the s variable is...

6.8AI score0.01277EPSS
Exploits1References1
CVE
CVE
added 2019/12/26 9:55 p.m.123 views

CVE-2019-20007

CVE-2019-20007 affects ezXML 0.8.2–0.8.6. The flaw is in ezxml_str2utf8: zero-length reallocation can cause a NULL s, and ezxml_parse_str fails to guard against a NULL pointer, leading to a NULL dereference and crash. Connected advisories (SUSE openSUSE Mageia) enumerate the same issue among mult...

6.5CVSS6.7AI score0.01277EPSS
Exploits1References1Affected Software1
Debian CVE
Debian CVE
added 2019/12/26 9:55 p.m.48 views

CVE-2019-20007

An issue was discovered in ezXML 0.8.2 through 0.8.6. The function ezxmlstr2utf8, while parsing a crafted XML file, performs zero-length reallocation in ezxml.c, leading to returning a NULL pointer in some compilers. After this, the function ezxmlparsestr does not check whether the s variable is...

6.5CVSS6.3AI score0.01277EPSS
Exploits1
Rows per page
Query Builder