Export limit exceeded: 361971 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (361971 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-17549 | 1 Eset | 1 Cyber Security | 2024-11-21 | 6.5 Medium |
| ESET Cyber Security before 6.8.1.0 is vulnerable to a denial-of-service allowing any user to stop (kill) ESET processes. An attacker can abuse this bug to stop the protection from ESET and launch his attack. | ||||
| CVE-2019-17547 | 1 Imagemagick | 1 Imagemagick | 2024-11-21 | 8.8 High |
| In ImageMagick before 7.0.8-62, TraceBezier in MagickCore/draw.c has a use-after-free. | ||||
| CVE-2019-17545 | 5 Debian, Fedoraproject, Opensuse and 2 more | 6 Debian Linux, Fedora, Backports Sle and 3 more | 2024-11-21 | 9.8 Critical |
| GDAL through 3.0.1 has a poolDestroy double free in OGRExpatRealloc in ogr/ogr_expat.cpp when the 10MB threshold is exceeded. | ||||
| CVE-2019-17544 | 2 Canonical, Gnu | 2 Ubuntu Linux, Aspell | 2024-11-21 | 9.1 Critical |
| libaspell.a in GNU Aspell before 0.60.8 has a stack-based buffer over-read in acommon::unescape in common/getdata.cpp via an isolated \ character. | ||||
| CVE-2019-17543 | 1 Lz4 Project | 1 Lz4 | 2024-11-21 | 8.1 High |
| LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4_write32 (related to LZ4_compress_destSize), affecting applications that call LZ4_compress_fast with a large input. (This issue can also lead to data corruption.) NOTE: the vendor states "only a few specific / uncommon usages of the API are at risk." | ||||
| CVE-2019-17542 | 3 Canonical, Debian, Ffmpeg | 3 Ubuntu Linux, Debian Linux, Ffmpeg | 2024-11-21 | 9.8 Critical |
| FFmpeg before 4.2 has a heap-based buffer overflow in vqa_decode_chunk because of an out-of-array access in vqa_decode_init in libavcodec/vqavideo.c. | ||||
| CVE-2019-17541 | 2 Imagemagick, Redhat | 2 Imagemagick, Enterprise Linux | 2024-11-21 | 8.8 High |
| ImageMagick before 7.0.8-55 has a use-after-free in DestroyStringInfo in MagickCore/string.c because the error manager is mishandled in coders/jpeg.c. | ||||
| CVE-2019-17540 | 3 Debian, Imagemagick, Redhat | 3 Debian Linux, Imagemagick, Enterprise Linux | 2024-11-21 | 8.8 High |
| ImageMagick before 7.0.8-54 has a heap-based buffer overflow in ReadPSInfo in coders/ps.c. | ||||
| CVE-2019-17539 | 3 Canonical, Debian, Ffmpeg | 3 Ubuntu Linux, Debian Linux, Ffmpeg | 2024-11-21 | 9.8 Critical |
| In FFmpeg before 4.2, avcodec_open2 in libavcodec/utils.c allows a NULL pointer dereference and possibly unspecified other impact when there is no valid close function pointer. | ||||
| CVE-2019-17538 | 1 Jnoj | 1 Jiangnan Online Judge | 2024-11-21 | 7.5 High |
| Jiangnan Online Judge (aka jnoj) 0.8.0 has Directory Traversal for file reading via the web/polygon/problem/viewfile?id=1&name=../ substring. | ||||
| CVE-2019-17537 | 1 Jnoj | 1 Jiangnan Online Judge | 2024-11-21 | 7.5 High |
| Jiangnan Online Judge (aka jnoj) 0.8.0 has Directory Traversal for file deletion via the web/polygon/problem/deletefile?id=1&name=../ substring. | ||||
| CVE-2019-17536 | 1 Gilacms | 1 Gila Cms | 2024-11-21 | 4.9 Medium |
| Gila CMS through 1.11.4 allows Unrestricted Upload of a File with a Dangerous Type via the moveAction function in core/controllers/fm.php. The attacker needs to use admin/media_upload and fm/move. | ||||
| CVE-2019-17535 | 1 Gilacms | 1 Gila Cms | 2024-11-21 | 6.1 Medium |
| Gila CMS through 1.11.4 allows blog-list.php XSS, in both the gila-blog and gila-mag themes, via the search parameter, a related issue to CVE-2019-9647. | ||||
| CVE-2019-17534 | 1 Libvips | 1 Libvips | 2024-11-21 | 8.8 High |
| vips_foreign_load_gif_scan_image in foreign/gifload.c in libvips before 8.8.2 tries to access a color map before a DGifGetImageDesc call, leading to a use-after-free. | ||||
| CVE-2019-17533 | 2 Debian, Matio Project | 2 Debian Linux, Matio | 2024-11-21 | 8.2 High |
| Mat_VarReadNextInfo4 in mat4.c in MATIO 1.5.17 omits a certain '\0' character, leading to a heap-based buffer over-read in strdup_vprintf when uninitialized memory is accessed. | ||||
| CVE-2019-17532 | 1 Belkin | 2 Wemo Switch 28b, Wemo Switch 28b Firmware | 2024-11-21 | 7.5 High |
| An issue was discovered on Belkin Wemo Switch 28B WW_2.00.11057.PVT-OWRT-SNS devices. They allow remote attackers to cause a denial of service (persistent rules-processing outage) via a crafted ruleDbBody element in a StoreRules request to the upnp/control/rules1 URI, because database corruption occurs. | ||||
| CVE-2019-17531 | 5 Debian, Fasterxml, Netapp and 2 more | 33 Debian Linux, Jackson-databind, Oncommand Workflow Automation and 30 more | 2024-11-21 | 9.8 Critical |
| A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in the classpath, and an attacker can provide a JNDI service to access, it is possible to make the service execute a malicious payload. | ||||
| CVE-2019-17530 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 7.8 High |
| An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in AP4_PrintInspector::AddField in Core/Ap4Atom.cpp when called from AP4_CencSampleEncryption::DoInspectFields in Core/Ap4CommonEncryption.cpp, when called from AP4_Atom::Inspect in Core/Ap4Atom.cpp. | ||||
| CVE-2019-17529 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 7.8 High |
| An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in AP4_CencSampleEncryption::DoInspectFields in Core/Ap4CommonEncryption.cpp when called from AP4_Atom::Inspect in Core/Ap4Atom.cpp. | ||||
| CVE-2019-17528 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 7.5 High |
| An issue was discovered in Bento4 1.5.1.0. There is a SEGV in the function AP4_TfhdAtom::SetDefaultSampleSize at Core/Ap4TfhdAtom.h when called from AP4_Processor::ProcessFragments in Core/Ap4Processor.cpp. | ||||