326 matches found
CVE-2019-11358
CVE-2019-11358 is a prototype pollution vulnerability in jQuery (before 3.4.0) where mishandling of extend(true, {}, ...) can extend Object.prototype if an unsanitized source object has an enumerable proto property. The Core issue is triggered when a polluted prototype is introduced via nested ob...
CVE-2018-19052
The CVE-2018-19052 issue affects lighttpd’s mod_alias_physical_handler (mod_alias.c): when a configured alias lacks a trailing '/' but the target path has one, there is potential directory traversal to the parent of the alias target. Public advisories confirm this vulnerability across multiple di...
CVE-2020-15999
CVE-2020-15999 corresponds to a heap-based buffer overflow in FreeType that can be triggered by crafted font/PNG data, potentially via a malicious HTML page, affecting freetype usage in Google Chrome before 86.0.4240.111. Public advisories describe the issue as a heap overflow in Load_SBit_Png an...
CVE-2020-16009
CVE-2020-16009 is a Google Chrome/Chromium V8 type-confusion vulnerability that could allow remote code execution via a crafted HTML page. Root cause: type confusion in V8 before 86.0.4240.183. Affected product family includes Google Chrome and other Chromium-based browsers; Debian security advis...
CVE-2020-6514
CVE-2020-6514 affects Google Chrome WebRTC data channel where an attacker in a privileged network position could trigger a memory corruption (heap) via a crafted SCTP stream. The initial description notes an inappropriate WebRTC implementation as the underlying cause, with the vulnerability explo...
CVE-2020-15969
CVE-2020-15969 is a use-after-free in WebRTC that was exploitable via a crafted HTML page, potentially causing heap corruption and arbitrary code execution. Connected Apple advisories (Safari 14.0.2, watchOS 7.2, tvOS 14.3) indicate this was addressed by Apple in respective security updates; appl...
CVE-2020-9272
CVE-2020-9272 concerns ProFTPD 1.3.7 with an out-of-bounds read in the FTP server’s mod_cap component, triggered via the cap_to_text function in cap_text.c. The vulnerability is network‑based (remote attacker over the protocol) with no authentication required and could lead to information disclos...
CVE-2019-5736
CVE-2019-5736 affects runc as shipped in Docker before 18.09.2 and other products, enabling a container to overwrite the host runc binary via /proc/self/exe and gain host root. Root cause: file-descriptor mishandling in runc leading to command execution as root inside a container. Affected versio...
CVE-2019-13734
CVE-2019-13734 describes an out-of-bounds write in the SQLite component used by Google Chrome/Chromium, enabling potential heap corruption via a crafted HTML page. Connected advisories confirm this affects Chrome/Chromium’s SQLite usage and note mitigations include updating to Chrome 79.0.3945.79...
CVE-2020-12641
Roundcube Webmail is affected by CVE-2020-12641 due to an injection vulnerability in rcube_image.php. The issue allows an attacker to execute arbitrary code by supplying shell metacharacters in configuration settings for im_convert_path or im_identify_path. The documented impact is remote code ex...
CVE-2019-13616
CVE-2019-13616 affects SDL up to 1.2.15 and 2.x up to 2.0.9, with a heap-based buffer over-read in BlitNtoN (video/SDL_blit_N.c) invoked via SDL_SoftBlit (video/SDL_blit.c). Several connected advisories confirm the root issue is in SDL’s handling of image data (notably BMP loading) or surface cop...
CVE-2020-6463
CVE-2020-6463 is a use-after-free in ANGLE (affecting Chrome up to version 81.x, per the CVE page). Connected advisories show the same CVE listed in Thunderbird/Firefox-related updates with fixes in 68.11.0 ESR lines and related Red Hat/CentOS advisories. Practical takeaway: to remediate, upgrade...
CVE-2020-6447
CVE-2020-6447 describes an inappropriate implementation in the developer tools of Chromium/Google Chrome prior to 81.0.4044.92, which could allow a remote attacker who convinces a user to use DevTools to potentially exploit heap corruption via a crafted HTML page. Public sources (Arch Linux secur...
CVE-2019-14274
CVE-2019-14274 affects MCPP 2.7.2, with a heap-based buffer overflow in do_msg() in support.c. This is shown across multiple connected advisories (e.g., MARINER, Red Hat, Gentoo GLSA). Impact cited as potential denial of service; no explicit exploit details provided. Remediation exists: upgrade t...
CVE-2020-14352
CVE-2020-14352 : Librepo before 1.12.1 contains a directory traversal vulnerability due to inadequate sanitization of paths in remote repository metadata. An attacker hosting a remote repository could copy files outside the destination directory by crafting repository metadata/URLs, potentially e...
CVE-2019-18622
phpMyAdmin before 4.9.2 is affected by CVE-2019-18622: a crafted database/table name can trigger SQL injection through the Designer feature. Public data in connected sources shows the vulnerability and indicates a security fix in phpMyAdmin 4.9.2 (PMASA-2019-5) with multiple advisories (openSUSE,...
CVE-2019-17455
CVE-2019-17455 affects libntlm up to version 1.5, due to a fixed buffer size in tSmbNtlmAuthRequest/Challenge/Response that enables a stack-based over-read in buildSmbNtlmAuthRequest (NTLM crafted requests). Upstream fixes exist; Debian/Mageia/Fedora advisories show later packages patching this, ...
CVE-2020-13379
CVE-2020-13379 is an SSRF/Incorrect Access Control flaw in Grafana avatar handling, affecting versions 3.0.1–7.0.1. An unauthenticated user can prompt Grafana to fetch arbitrary URLs and return the response, enabling network reconnaissance. Additionally, invalid URL handling could trigger a SegFa...
CVE-2020-6519
CVE-2020-6519 is a policy bypass in the Content Security Policy (CSP) for Google Chrome, allowing a remote attacker to bypass CSP via a crafted HTML page in Chrome versions prior to 84.0.4147.89. Connected sources confirm public advisories and fixes across distributions: Debian notes a security u...
CVE-2019-5845
CVE-2019-5845: Out-of-bounds access in SwiftShader within Google Chrome prior to 73.0.3683.75 can enable remote heap corruption via a crafted HTML page. The available documents confirm this vulnerability and its association with Chrome/SwiftShader, but do not provide additional exploit details, a...
CVE-2019-5052
CVE-2019-5052 affects SDL2_image 2.0.4, where loading a PCX file can trigger an exploitable integer overflow, causing too little memory to be allocated and leading to a buffer overflow with potential code execution. The vulnerability is referenced in multiple advisories (e.g., Mageia MGASA-2019-0...
CVE-2020-6404
CVE-2020-6404 is a heap-corruption/BLINK-related vulnerability in Google Chrome prior to 80.0.3987.87. Connected documents confirm that this flaw stems from an inappropriate Blink/WebKit implementation, enabling a remote attacker to potentially trigger heap corruption via a crafted HTML page. The...
CVE-2019-5794
CVE-2019-5794 is a UI spoofing vulnerability reported in Chromium/Google Chrome before version 73.0.3683.75. The issue allows a remote attacker to achieve domain spoofing via a crafted HTML page. Public disclosures in connected sources confirm the affected product as Chromium/Chrome and reference...
CVE-2019-5796
CVE-2019-5796 affects Chromium-based browsers (Chrome/Chromium) via the Extensions component. A race condition in Extensions before 73.0.3683.75 could be triggered remotely, with official advisories stating the vulnerability exists in Chromium’s Extensions and that upgrading to 73.0.3683.75 or ne...
CVE-2020-6377
CVE-2020-6377 is a use-after-free in Chrome/Chromium’s audio path that could allow remote heap corruption via a crafted HTML page. Affected products: Google Chrome/Chromium prior to version 79.0.3945.117. Public advisories indicate fixes in later builds (e.g., Debian/Chromium updates to 79.0.3945...
CVE-2020-6430
CVE-2020-6430 is a type confusion in the V8 JavaScript engine of Chromium/Google Chrome prior to 81.0.4044.92. A remote attacker could potentially cause heap corruption and execute arbitrary code. Mitigation: upgrade Chromium to 81.0.4044.92 or newer (upstream fix in 81.0.4044.92; Debian referenc...
CVE-2020-12108
Summary: CVE-2020-12108 affects GNU Mailman prior to 2.1.31, allowing Arbitrary Content Injection via the /options/mailman page (and related login/archival areas per advisories). Affected software: Mailman 2.1.x series before 2.1.31. Root cause / vector: improper handling on the options/login pat...
CVE-2020-26935
CVE-2020-26935 affects phpMyAdmin, where a SQL injection vulnerability exists in how the SearchController processes SQL statements in the search feature. Vulnerable when running phpMyAdmin versions prior to 4.9.6 and 5.x prior to 5.0.3. Successful exploitation could allow an attacker to inject ma...
CVE-2019-5846
CVE-2019-5846 : Out-of-bounds access in SwiftShader used by Google Chrome prior to 73.0.3683.75 could allow a remote attacker to trigger heap corruption via a crafted HTML page. This vulnerability affects Chrome’s rendering/graphics stack (SwiftShader) and is described as a potential remote explo...
CVE-2020-6423
CVE-2020-6423 affects Chromium/Google Chrome’s audio component. The Arch Linux ASA-202004-9 describes a use-after-free in the audio implementation prior to 81.0.4044.92, enabling a remote attacker to potentially execute arbitrary code. The issue is addressed upstream with version 81.0.4044.92 (Ch...
CVE-2020-6434
CVE-2020-6434 is a use-after-free vulnerability in the Chrome/Chromium DevTools component, reported to affect Chromium before version 81.0.4044.92. The connected advisories attribute an arbitrary code execution impact to this issue, with upstream fixes released in the 81.0.4044.92 timeframe. Reme...
CVE-2020-6524
CVE-2020-6524 : Heap buffer overflow in WebAudio affecting Google Chrome before 84.0.4147.89. A remote attacker could potentially exploit heap corruption via a crafted HTML page, leading to arbitrary code execution or crashes as described in multiple advisories. The issue is tied to Chrome’s WebA...
CVE-2020-6444
CVE-2020-6444 affects Google Chrome/Chromium WebRTC: uninitialized variable in WebRTC implementation could enable heap corruption via a crafted HTML page. Connected advisories confirm the issue in Chrome prior to 81.0.4044.92 and list it alongside related CVEs in Chromium (CVE-2020-6423, CVE-2020...
CVE-2020-6489
CVE-2020-6489 corresponds to an inappropriately implemented behavior in Google Chrome’s developer tools prior to 83.0.4103.61. The issue is described as an implementation error in the developer tools component, enabling a remote attacker who tricks a user into performing certain actions on a craf...
CVE-2019-13602
CVE-2019-13602 affects VideoLAN VLC media player up to version 3.0.7.1. The vulnerability is an integer underflow in the function MP4_EIA608_Convert() (modules/demux/mp4/mp4.c) that can allow a remote attacker to cause a DoS via heap-based buffer overflow and crash or other unspecified impact thr...
CVE-2019-7164
CVE-2019-7164 affects SQLAlchemy up to 1.2.17 and 1.3.x up to 1.3.0b2, allowing SQL Injection when the order_by parameter is controlled. The connected exploit repository (mlflow-cve-2019-7164) demonstrates a practical exploit pipeline using Docker/Hud and a Python test, indicating real-world appl...
CVE-2020-6438
CVE-2020-6438 : A policy enforcement error in Chrome extensions prior to 81.0.4044.92 could allow a user-assisted attacker to obtain potentially sensitive information from process memory by convincing a user to install a crafted malicious extension. Affected software: Google Chrome (extensions su...
CVE-2019-14864
The connected documents confirm CVE-2019-14864 affects Ansible, specifically versions 2.9.x before 2.9.1, 2.8.x before 2.8.7, and 2.7.x before 2.7.15. The root cause is that the no_log flag is not respected when Sumologic and Splunk callback plugins are used to send task results to collectors, le...
CVE-2020-17353
CVE-2020-17353 affects LilyPond up to 2.20.0 and 2.21.x up to 2.21.4. When -dsafe is used, LilyPond does not restrict embedded-ps and embedded-svg, enabling execution of arbitrary PostScript/SVG content as demonstrated by vulnerable inputs. Publicly documented fixes across multiple distros includ...
CVE-2019-5844
CVE-2019-5844 involves an out-of-bounds access in SwiftShader within Google Chrome/Chromium before 73.0.3683.75, enabling a remote attacker to potentially trigger heap corruption via a crafted HTML page. The entry does not indicate exploitation status. Affected tier: Chrome/Chromium in prior vers...
CVE-2020-12137
CVE-2020-12137 affects GNU Mailman 2.x up to version 2.1.30. The root cause is using the .obj extension for scrubbed application/octet-stream MIME parts, which can trigger MIME sniffing and lead to XSS in list-archive visitors when HTTP replies lack a MIME type. The connected advisories indicate ...
CVE-2020-6475
CVE-2020-6475 concerns Google Chrome/Chromium: an incorrect implementation in full screen mode allowed a remote attacker to spoof the security UI via a crafted HTML page. Affected versions prior to the fix were Chrome/Chromium releases up to 83.0.4103.61. The issue is categorized under content sp...
CVE-2020-6525
CVE-2020-6525 : Heap buffer overflow in Skia used by Google Chrome prior to 84.0.4147.89. The vulnerability could allow remote code execution via a crafted HTML page due to heap corruption in Skia. Affected product/version: Google Chrome (Skia component) before 84.0.4147.89. Mitigation: upgrade C...
CVE-2020-6451
CVE-2020-6451 is a use-after-free vulnerability in Chrome/Chromium’s WebAudio implementation, prior to version 80.0.3987.162. The issue can allow a remote attacker to potentially cause heap corruption and execute arbitrary code through a crafted HTML page. Public reports across multiple feeds (Ar...
CVE-2019-19926
CVE-2019-19926 affects SQLite 3.30.1, where multiSelect in select.c mishandles certain parsing errors. Astra Linux notes an invalid pointer dereference triggered by ORDER BY constants in window definitions, due to an incomplete fix for CVE-2019-19880. This can cause a crash (denial of service) an...
CVE-2020-10804
phpMyAdmin exposes a SQL injection in the retrieval of the current username. Affected versions are 4.x before 4.9.5 and 5.x before 5.0.2, with the flaw located in libraries/classes/Server/Privileges.php and libraries/classes/UserPassword.php. An attacker with server access can craft a username to...
CVE-2020-10995
PowerDNS Recursor (PowerDNS Recursor 4.1.0–4.3.0) is affected by CVE-2020-10995. A DNS-protocol issue allows an attacker to use recursive resolvers to amplify traffic toward third-party authoritative name servers, potentially degrading service. Mitigations exist in PowerDNS Recursor 4.1.16, 4.2.2...
CVE-2019-10206
CVE-2019-10206 affects Ansible (various branches): 2.6.x pre-2.6.19, 2.7.x pre-2.7.13, 2.8.x pre-2.8.4. The flaw arises when prompting passwords by expanding templates, which could reveal passwords via templates/logs. Impact per sources includes potential exposure of credentials (confidentiality)...
CVE-2020-6526
CVE-2020-6526 affects Google Chrome before 84.0.4147.89. An inappropriate implementation in the iframe sandbox could allow a remote attacker to bypass navigation restrictions via a crafted HTML page. Public references in Debian and FreeBSD advisories align with a fixed version around 84.0.4147.89...
CVE-2020-6476
The CVE-2020-6476 entry concerns Google Chrome prior to 83.0.4103.61, where an insufficient policy enforcement in the tab strip could allow an attacker—who convinces a user to install a malicious extension—to bypass navigation restrictions via that extension. Affected component: tab strip policy ...