Export limit exceeded: 346927 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 43354 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (43354 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-7524 | 5 Canonical, Debian, Dovecot and 2 more | 5 Ubuntu Linux, Debian Linux, Dovecot and 2 more | 2024-11-21 | N/A |
| In Dovecot before 2.2.36.3 and 2.3.x before 2.3.5.1, a local attacker can cause a buffer overflow in the indexer-worker process, which can be used to elevate to root. This occurs because of missing checks in the fts and pop3-uidl components. | ||||
| CVE-2019-7485 | 1 Sonicwall | 2 Sma 100, Sma 100 Firmware | 2024-11-21 | 8.8 High |
| Buffer overflow in SonicWall SMA100 allows an authenticated user to execute arbitrary code in DEARegister CGI script. This vulnerability impacted SMA100 version 9.0.0.3 and earlier. | ||||
| CVE-2019-7482 | 1 Sonicwall | 2 Sma 100, Sma 100 Firmware | 2024-11-21 | 9.8 Critical |
| Stack-based buffer overflow in SonicWall SMA100 allows an unauthenticated user to execute arbitrary code in function libSys.so. This vulnerability impacted SMA100 version 9.0.0.3 and earlier. | ||||
| CVE-2019-7476 | 1 Sonicwall | 1 Global Management System | 2024-11-21 | 8.1 High |
| A vulnerability in SonicWall Global Management System (GMS), allow a remote user to gain access to the appliance using existing SSH key. This vulnerability affects GMS versions 9.1, 9.0, 8.7, 8.6, 8.4, 8.3 and earlier. | ||||
| CVE-2019-7393 | 1 Ca | 2 Risk Authentication, Strong Authentication | 2024-11-21 | 4.3 Medium |
| A UI redress vulnerability in the administrative user interface of CA Technologies CA Strong Authentication 9.0.x, 8.2.x, 8.1.x, 8.0.x, 7.1.x and CA Risk Authentication 9.0.x, 8.2.x, 8.1.x, 8.0.x, 3.1.x may allow a remote attacker to gain sensitive information in some cases. | ||||
| CVE-2019-7366 | 1 Autodesk | 1 Fbx Software Development Kit | 2024-11-21 | 7.8 High |
| Buffer overflow vulnerability in Autodesk FBX Software Development Kit version 2019.5. A user may be tricked into opening a malicious FBX file which may exploit a buffer overflow vulnerability causing it to run arbitrary code on the system. | ||||
| CVE-2019-7310 | 5 Canonical, Debian, Fedoraproject and 2 more | 11 Ubuntu Linux, Debian Linux, Fedora and 8 more | 2024-11-21 | 7.8 High |
| In Poppler 0.73.0, a heap-based buffer over-read (due to an integer signedness error in the XRef::getEntry function in XRef.cc) allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document, as demonstrated by pdftocairo. | ||||
| CVE-2019-7308 | 3 Canonical, Linux, Opensuse | 3 Ubuntu Linux, Linux Kernel, Leap | 2024-11-21 | N/A |
| kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs undesirable out-of-bounds speculation on pointer arithmetic in various cases, including cases of different branches with different state or limits to sanitize, leading to side-channel attacks. | ||||
| CVE-2019-7263 | 1 Nortekcontrol | 4 Linear Emerge Elite, Linear Emerge Elite Firmware, Linear Emerge Essential and 1 more | 2024-11-21 | N/A |
| Linear eMerge E3-Series devices have a Version Control Failure. | ||||
| CVE-2019-7252 | 1 Nortekcontrol | 4 Linear Emerge Elite, Linear Emerge Elite Firmware, Linear Emerge Essential and 1 more | 2024-11-21 | N/A |
| Linear eMerge E3-Series devices have Default Credentials. | ||||
| CVE-2019-7251 | 1 Digium | 1 Asterisk | 2024-11-21 | N/A |
| An Integer Signedness issue (for a return code) in the res_pjsip_sdp_rtp module in Digium Asterisk versions 15.7.1 and earlier and 16.1.1 and earlier allows remote authenticated users to crash Asterisk via a specially crafted SDP protocol violation. | ||||
| CVE-2019-7231 | 1 Abb | 2 Pb610 Panel Builder 600, Pb610 Panel Builder 600 Firmware | 2024-11-21 | 5.7 Medium |
| The ABB IDAL FTP server is vulnerable to a buffer overflow when a long string is sent by an authenticated attacker. This overflow is handled, but terminates the process. An authenticated attacker can send a FTP command string of 472 bytes or more to overflow a buffer, causing an exception that terminates the server. | ||||
| CVE-2019-7230 | 1 Abb | 2 Pb610 Panel Builder 600, Pb610 Panel Builder 600 Firmware | 2024-11-21 | 8.8 High |
| The ABB IDAL FTP server mishandles format strings in a username during the authentication process. Attempting to authenticate with the username %s%p%x%d will crash the server. Sending %08x.AAAA.%08x.%08x will log memory content from the stack. | ||||
| CVE-2019-7228 | 1 Abb | 2 Pb610 Panel Builder 600, Pb610 Panel Builder 600 Firmware | 2024-11-21 | 8.8 High |
| The ABB IDAL HTTP server mishandles format strings in a username or cookie during the authentication process. Attempting to authenticate with the username %25s%25p%25x%25n will crash the server. Sending %08x.AAAA.%08x.%08x will log memory content from the stack. | ||||
| CVE-2019-7181 | 1 Qnap | 1 Myqnapcloud | 2024-11-21 | N/A |
| Buffer Overflow vulnerability in myQNAPcloud Connect 1.3.3.0925 and earlier could allow remote attackers to crash the program. | ||||
| CVE-2019-7165 | 3 Debian, Dosbox, Fedoraproject | 3 Debian Linux, Dosbox, Fedora | 2024-11-21 | N/A |
| A buffer overflow in DOSBox 0.74-2 allows attackers to execute arbitrary code. | ||||
| CVE-2019-7152 | 1 Webassembly | 1 Binaryen | 2024-11-21 | 6.5 Medium |
| A heap-based buffer over-read was discovered in wasm::WasmBinaryBuilder::processFunctions() in wasm/wasm-binary.cpp (when calling wasm::WasmBinaryBuilder::getFunctionIndexName) in Binaryen 1.38.22. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by wasm-opt. | ||||
| CVE-2019-7150 | 5 Canonical, Debian, Elfutils Project and 2 more | 12 Ubuntu Linux, Debian Linux, Elfutils and 9 more | 2024-11-21 | 5.5 Medium |
| An issue was discovered in elfutils 0.175. A segmentation fault can occur in the function elf64_xlatetom in libelf/elf32_xlatetom.c, due to dwfl_segment_report_module not checking whether the dyn data read from a core file is truncated. A crafted input can cause a program crash, leading to denial-of-service, as demonstrated by eu-stack. | ||||
| CVE-2019-7149 | 3 Debian, Elfutils Project, Redhat | 4 Debian Linux, Elfutils, Ansible Tower and 1 more | 2024-11-21 | N/A |
| A heap-based buffer over-read was discovered in the function read_srclines in dwarf_getsrclines.c in libdw in elfutils 0.175. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by eu-nm. | ||||
| CVE-2019-7147 | 1 Nasm | 1 Netwide Assembler | 2024-11-21 | N/A |
| A buffer over-read exists in the function crc64ib in crc64.c in nasmlib in Netwide Assembler (NASM) 2.14rc16. A crafted asm input can cause segmentation faults, leading to denial-of-service. | ||||