Lucene search

K

1190 matches found

CVE
CVE
added 2019/03/25 7:29 p.m.231 views

CVE-2019-3835

It was found that the superexec operator was available in the internal dictionary in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER.

7.3CVSS6.3AI score0.01339EPSS
CVE
CVE
added 2019/07/17 12:15 p.m.231 views

CVE-2019-9848

LibreOffice has a feature where documents can specify that pre-installed scripts can be executed on various document events such as mouse-over, etc. LibreOffice is typically also bundled with LibreLogo, a programmable turtle vector graphics script, which can be manipulated into executing arbitrary ...

9.8CVSS9.7AI score0.85073EPSS
CVE
CVE
added 2019/04/09 4:29 a.m.230 views

CVE-2019-10895

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the NetScaler file parser could crash. This was addressed in wiretap/netscaler.c by improving data validation.

7.5CVSS7.2AI score0.08637EPSS
CVE
CVE
added 2019/09/03 4:15 p.m.230 views

CVE-2019-14817

A flaw was found in, ghostscript versions prior to 9.50, in the .pdfexectoken and other procedures where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. A specially crafted PostScript file could disable security protection and then have access to th...

7.8CVSS8.8AI score0.00362EPSS
CVE
CVE
added 2019/09/15 10:15 p.m.230 views

CVE-2019-16335

A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540.

9.8CVSS9.3AI score0.07082EPSS
CVE
CVE
added 2019/12/24 4:15 p.m.230 views

CVE-2019-19923

flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results).

7.5CVSS7.8AI score0.13878EPSS
CVE
CVE
added 2019/12/11 1:15 a.m.230 views

CVE-2019-5815

Type confusion in xsltNumberFormatGetMultipleLevel prior to libxslt 1.1.33 could allow attackers to potentially exploit heap corruption via crafted XML data.

7.5CVSS8AI score0.00095EPSS
CVE
CVE
added 2019/02/07 7:29 a.m.230 views

CVE-2019-7575

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in MS_ADPCM_decode in audio/SDL_wave.c.

8.8CVSS8.9AI score0.01822EPSS
CVE
CVE
added 2019/03/24 12:29 a.m.230 views

CVE-2019-9956

In ImageMagick 7.0.8-35 Q16, there is a stack-based buffer overflow in the function PopHexPixel of coders/ps.c, which allows an attacker to cause a denial of service or code execution via a crafted image file.

8.8CVSS7.3AI score0.0131EPSS
CVE
CVE
added 2019/11/20 9:15 p.m.229 views

CVE-2015-3166

The snprintf implementation in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 does not properly handle system-call errors, which allows attackers to obtain sensitive information or have other unspecified impact via unknown vectors, as ...

9.8CVSS9.1AI score0.04887EPSS
CVE
CVE
added 2019/06/26 6:15 p.m.229 views

CVE-2019-12979

ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the SyncImageSettings function in MagickCore/image.c. This is related to AcquireImage in magick/image.c.

7.8CVSS7.8AI score0.00217EPSS
CVE
CVE
added 2019/10/29 7:15 p.m.229 views

CVE-2019-15681

LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a memory leak (CWE-655) in VNC server code, which allow an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. Thi...

7.5CVSS8.3AI score0.03937EPSS
CVE
CVE
added 2019/09/05 5:15 p.m.229 views

CVE-2019-15946

OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Octet string in asn1_decode_entry in libopensc/asn1.c.

6.4CVSS6.2AI score0.00049EPSS
CVE
CVE
added 2019/11/18 6:15 a.m.229 views

CVE-2019-19057

Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-d10dcb615c8e.

3.3CVSS6.1AI score0.0008EPSS
CVE
CVE
added 2019/02/07 7:29 a.m.229 views

CVE-2019-7572

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c.

8.8CVSS8.8AI score0.03783EPSS
CVE
CVE
added 2019/07/23 2:15 p.m.229 views

CVE-2019-9811

As part of a winning Pwn2Own entry, a researcher demonstrated a sandbox escape by installing a malicious language pack and then opening a browser feature that used the compromised translation. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird

8.3CVSS8.6AI score0.01317EPSS
CVE
CVE
added 2019/11/26 10:15 p.m.228 views

CVE-2011-1939

SQL injection vulnerability in Zend Framework 1.10.x before 1.10.9 and 1.11.x before 1.11.6 when using non-ASCII-compatible encodings in conjunction PDO_MySql in PHP before 5.3.6.

9.8CVSS9.9AI score0.08543EPSS
CVE
CVE
added 2019/03/30 2:29 p.m.228 views

CVE-2019-10650

In ImageMagick 7.0.8-36 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or information disclosure via a crafted image file.

8.1CVSS6.4AI score0.00308EPSS
CVE
CVE
added 2019/09/03 5:15 a.m.227 views

CVE-2015-9381

FreeType before 2.6.1 has a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c.

8.8CVSS7.2AI score0.00711EPSS
CVE
CVE
added 2019/02/28 6:29 p.m.227 views

CVE-2018-18493

A buffer overflow can occur in the Skia library during buffer offset calculations with hardware accelerated canvas 2D actions due to the use of 32-bit calculations instead of 64-bit. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.4, Firefox ESR < ...

9.8CVSS7.6AI score0.09156EPSS
CVE
CVE
added 2019/12/10 10:15 p.m.227 views

CVE-2019-13752

Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

6.5CVSS6.2AI score0.02626EPSS
CVE
CVE
added 2019/02/28 6:29 p.m.226 views

CVE-2018-18492

A use-after-free vulnerability can occur after deleting a selection element due to a weak reference to the select element in the options collection. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox

9.8CVSS7.5AI score0.27057EPSS
CVE
CVE
added 2019/09/23 12:15 p.m.226 views

CVE-2019-16713

ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c.

6.5CVSS7.5AI score0.00144EPSS
CVE
CVE
added 2019/11/04 4:15 p.m.226 views

CVE-2019-18683

An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. It is exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 access, but only if the driver happens to be loaded. There are multiple race conditions during streami...

7CVSS7.7AI score0.01138EPSS
CVE
CVE
added 2019/02/05 12:29 a.m.226 views

CVE-2019-7398

In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c.

7.5CVSS7.7AI score0.00181EPSS
CVE
CVE
added 2019/12/10 10:15 p.m.225 views

CVE-2019-13761

Incorrect security UI in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.

4.3CVSS5.1AI score0.0234EPSS
CVE
CVE
added 2019/09/23 12:15 p.m.225 views

CVE-2019-16708

ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage.

6.5CVSS7.4AI score0.00144EPSS
CVE
CVE
added 2019/01/02 7:29 a.m.225 views

CVE-2019-3500

aria2c in aria2 1.33.1, when --log is used, can store an HTTP Basic Authentication username and password in a file, which might allow local users to obtain sensitive information by reading this file.

7.8CVSS7.1AI score0.00117EPSS
CVE
CVE
added 2019/03/25 7:29 p.m.225 views

CVE-2019-3838

It was found that the forceput operator could be extracted from the DefineResource method in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER.

7.3CVSS5.6AI score0.01038EPSS
CVE
CVE
added 2019/06/30 11:15 p.m.224 views

CVE-2019-13114

http.c in Exiv2 through 0.27.1 allows a malicious http server to cause a denial of service (crash due to a NULL pointer dereference) by returning a crafted response that lacks a space character.

6.5CVSS6.1AI score0.00315EPSS
CVE
CVE
added 2019/12/10 10:15 p.m.224 views

CVE-2019-13725

Use-after-free in Bluetooth in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page.

8.8CVSS8.3AI score0.0702EPSS
CVE
CVE
added 2019/09/23 12:15 p.m.224 views

CVE-2019-16710

ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in MagickCore/memory.c.

6.5CVSS7.5AI score0.00144EPSS
CVE
CVE
added 2019/12/26 5:15 p.m.224 views

CVE-2019-16789

In Waitress through version 1.4.0, if a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end and is parsed differently by waitress leading to a potential for HTTP request smuggling. Specially crafted requests containing special whitesp...

8.2CVSS6.8AI score0.0035EPSS
CVE
CVE
added 2019/02/19 5:29 p.m.224 views

CVE-2019-5759

Incorrect lifetime handling in HTML select elements in Google Chrome on Android and Mac prior to 72.0.3626.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.

9.6CVSS6AI score0.01655EPSS
CVE
CVE
added 2019/02/07 7:29 a.m.224 views

CVE-2019-7577

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in SDL_LoadWAV_RW in audio/SDL_wave.c.

8.8CVSS8.8AI score0.03783EPSS
CVE
CVE
added 2019/02/08 11:29 a.m.224 views

CVE-2019-7635

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Blit1to4 in video/SDL_blit_1.c.

8.1CVSS8.5AI score0.03385EPSS
CVE
CVE
added 2019/02/04 6:29 p.m.223 views

CVE-2019-3813

Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read due to an off-by-one error in memslot_get_virt. This may lead to a denial of service, or, in the worst case, code-execution by unauthenticated attackers.

7.5CVSS7.4AI score0.00272EPSS
CVE
CVE
added 2019/04/09 4:29 a.m.222 views

CVE-2019-10901

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by handling file digests properly.

7.5CVSS7.2AI score0.10053EPSS
CVE
CVE
added 2019/12/10 10:15 p.m.222 views

CVE-2019-13738

Insufficient policy enforcement in navigation in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass site isolation via a crafted HTML page.

6.5CVSS6.2AI score0.00889EPSS
CVE
CVE
added 2019/12/10 10:15 p.m.222 views

CVE-2019-13762

Insufficient policy enforcement in downloads in Google Chrome on Windows prior to 79.0.3945.79 allowed a local attacker to spoof downloaded files via local code.

3.3CVSS4.8AI score0.00032EPSS
CVE
CVE
added 2019/04/17 2:29 p.m.222 views

CVE-2019-9495

The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns. All versions of hostapd and wpa_supplicant with EAP-PWD support are vulnerable. The ability to install and execute applications is necessary for a successful att...

4.3CVSS6.7AI score0.04562EPSS
CVE
CVE
added 2019/12/10 10:15 p.m.221 views

CVE-2019-13740

Incorrect security UI in sharing in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page.

6.5CVSS6.4AI score0.00973EPSS
CVE
CVE
added 2019/07/18 8:15 p.m.221 views

CVE-2019-13962

lavc_CopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC media player through 3.0.7 has a heap-based buffer over-read because it does not properly validate the width and height.

9.8CVSS9.3AI score0.0194EPSS
CVE
CVE
added 2019/12/05 1:15 a.m.221 views

CVE-2019-19553

In Wireshark 3.0.0 to 3.0.6 and 2.6.0 to 2.6.12, the CMS dissector could crash. This was addressed in epan/dissectors/asn1/cms/packet-cms-template.c by ensuring that an object identifier is set to NULL after a ContentInfo dissection.

7.5CVSS7.2AI score0.00552EPSS
CVE
CVE
added 2019/02/28 4:29 a.m.221 views

CVE-2019-9214

In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the RPCAP dissector could crash. This was addressed in epan/dissectors/packet-rpcap.c by avoiding an attempted dereference of a NULL conversation.

7.5CVSS6AI score0.05075EPSS
CVE
CVE
added 2019/10/03 4:15 p.m.220 views

CVE-2018-14881

The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART).

7.5CVSS8.6AI score0.02939EPSS
CVE
CVE
added 2019/06/26 6:15 p.m.220 views

CVE-2019-12975

ImageMagick 7.0.8-34 has a memory leak vulnerability in the WriteDPXImage function in coders/dpx.c.

5.5CVSS6.7AI score0.00091EPSS
CVE
CVE
added 2019/12/24 5:15 p.m.220 views

CVE-2019-19925

zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive.

7.5CVSS7.8AI score0.12247EPSS
CVE
CVE
added 2019/02/26 11:29 p.m.220 views

CVE-2019-9200

A heap-based buffer underwrite exists in ImageStream::getLine() located at Stream.cc in Poppler 0.74.0 that can (for example) be triggered by sending a crafted PDF file to the pdfimages binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other ...

8.8CVSS7.2AI score0.03559EPSS
CVE
CVE
added 2019/12/25 4:15 a.m.219 views

CVE-2019-19965

In the Linux kernel through 5.4.6, there is a NULL pointer dereference in drivers/scsi/libsas/sas_discover.c because of mishandling of port disconnection during discovery, related to a PHY down race condition, aka CID-f70267f379b5.

4.7CVSS6.2AI score0.00061EPSS
Total number of security vulnerabilities1190