Export limit exceeded: 366303 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (366303 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-6469 | 1 Isc | 1 Bind | 2024-11-21 | 7.5 High |
| An error in the EDNS Client Subnet (ECS) feature for recursive resolvers can cause BIND to exit with an assertion failure when processing a response that has malformed RRSIGs. Versions affected: BIND 9.10.5-S1 -> 9.11.6-S1 of BIND 9 Supported Preview Edition. | ||||
| CVE-2019-6468 | 1 Isc | 1 Bind | 2024-11-21 | 7.5 High |
| In BIND Supported Preview Edition, an error in the nxdomain-redirect feature can occur in versions which support EDNS Client Subnet (ECS) features. In those versions which have ECS support, enabling nxdomain-redirect is likely to lead to BIND exiting due to assertion failure. Versions affected: BIND Supported Preview Edition version 9.10.5-S1 -> 9.11.5-S5. ONLY BIND Supported Preview Edition releases are affected. | ||||
| CVE-2019-6467 | 1 Isc | 1 Bind | 2024-11-21 | 7.5 High |
| A programming error in the nxdomain-redirect feature can cause an assertion failure in query.c if the alternate namespace used by nxdomain-redirect is a descendant of a zone that is served locally. The most likely scenario where this might occur is if the server, in addition to performing NXDOMAIN redirection for recursive clients, is also serving a local copy of the root zone or using mirroring to provide the root zone, although other configurations are also possible. Versions affected: BIND 9.12.0-> 9.12.4, 9.14.0. Also affects all releases in the 9.13 development branch. | ||||
| CVE-2019-6465 | 2 Isc, Redhat | 2 Bind, Enterprise Linux | 2024-11-21 | 5.3 Medium |
| Controls for zone transfers may not be properly applied to Dynamically Loadable Zones (DLZs) if the zones are writable Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P2, 9.12.0 -> 9.12.3-P2, and versions 9.9.3-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -> 9.13.6 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2019-6465. | ||||
| CVE-2019-6462 | 1 Cairographics | 1 Cairo | 2024-11-21 | 6.5 Medium |
| An issue was discovered in cairo 1.16.0. There is an infinite loop in the function _arc_error_normalized in the file cairo-arc.c, related to _arc_max_angle_for_tolerance_normalized. | ||||
| CVE-2019-6461 | 1 Cairographics | 1 Cairo | 2024-11-21 | 6.5 Medium |
| An issue was discovered in cairo 1.16.0. There is an assertion problem in the function _cairo_arc_in_direction in the file cairo-arc.c. | ||||
| CVE-2019-6460 | 1 Gnu | 1 Recutils | 2024-11-21 | N/A |
| An issue was discovered in GNU Recutils 1.8. There is a NULL pointer dereference in the function rec_field_set_name() in the file rec-field.c in librec.a. | ||||
| CVE-2019-6459 | 1 Gnu | 1 Recutils | 2024-11-21 | N/A |
| An issue was discovered in GNU Recutils 1.8. There is a memory leak in rec_extract_type in rec-utils.c in librec.a. | ||||
| CVE-2019-6458 | 1 Gnu | 1 Recutils | 2024-11-21 | N/A |
| An issue was discovered in GNU Recutils 1.8. There is a memory leak in rec_buf_new in rec-buf.c when called from rec_parse_rset in rec-parser.c in librec.a. | ||||
| CVE-2019-6457 | 1 Gnu | 1 Recutils | 2024-11-21 | N/A |
| An issue was discovered in GNU Recutils 1.8. There is a memory leak in rec_aggregate_reg_new in rec-aggregate.c in librec.a. | ||||
| CVE-2019-6456 | 1 Gnu | 1 Recutils | 2024-11-21 | N/A |
| An issue was discovered in GNU Recutils 1.8. There is a NULL pointer dereference in the function rec_fex_size() in the file rec-fex.c of librec.a. | ||||
| CVE-2019-6455 | 1 Gnu | 1 Recutils | 2024-11-21 | N/A |
| An issue was discovered in GNU Recutils 1.8. There is a double-free problem in the function rec_mset_elem_destroy() in the file rec-mset.c. | ||||
| CVE-2019-6454 | 8 Canonical, Debian, Fedoraproject and 5 more | 26 Ubuntu Linux, Debian Linux, Fedora and 23 more | 2024-11-21 | 5.5 Medium |
| An issue was discovered in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An unprivileged local user can exploit this by sending a specially crafted message to PID1, causing the stack pointer to jump over the stack guard pages into an unmapped memory region and trigger a denial of service (systemd PID1 crash and kernel panic). | ||||
| CVE-2019-6453 | 1 Mirc | 1 Mirc | 2024-11-21 | N/A |
| mIRC before 7.55 allows remote command execution by using argument injection through custom URI protocol handlers. The attacker can specify an irc:// URI that loads an arbitrary .ini file from a UNC share pathname. Exploitation depends on browser-specific URI handling (Chrome is not exploitable). | ||||
| CVE-2019-6452 | 1 Kyocera | 3 Command Center Rx, Taskalfa 4501i, Taskalfa 5052ci | 2024-11-21 | 8.8 High |
| Kyocera Command Center RX TASKalfa4501i and TASKalfa5052ci allows remote attackers to abuse the Test button in the machine address book to obtain a cleartext FTP or SMB password. | ||||
| CVE-2019-6451 | 1 Soyal | 4 Ar-727h, Ar-727h Firmware, Ar-829ev5 and 1 more | 2024-11-21 | 7.5 High |
| On SOYAL AR-727H and AR-829Ev5 devices, all CGI programs allow unauthenticated POST access. | ||||
| CVE-2019-6447 | 1 Estrongs | 1 Es File Explorer File Manager | 2024-11-21 | 8.1 High |
| The ES File Explorer File Manager application through 4.1.9.7.4 for Android allows remote attackers to read arbitrary files or execute applications via TCP port 59777 requests on the local Wi-Fi network. This TCP port remains open after the ES application has been launched once, and responds to unauthenticated application/json data over HTTP. | ||||
| CVE-2019-6445 | 1 Ntpsec | 1 Ntpsec | 2024-11-21 | N/A |
| An issue was discovered in NTPsec before 1.1.3. An authenticated attacker can cause a NULL pointer dereference and ntpd crash in ntp_control.c, related to ctl_getitem. | ||||
| CVE-2019-6444 | 1 Ntpsec | 1 Ntpsec | 2024-11-21 | N/A |
| An issue was discovered in NTPsec before 1.1.3. process_control() in ntp_control.c has a stack-based buffer over-read because attacker-controlled data is dereferenced by ntohl() in ntpd. | ||||
| CVE-2019-6443 | 1 Ntpsec | 1 Ntpsec | 2024-11-21 | N/A |
| An issue was discovered in NTPsec before 1.1.3. Because of a bug in ctl_getitem, there is a stack-based buffer over-read in read_sysvars in ntp_control.c in ntpd. | ||||