Export limit exceeded: 21350 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (21350 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-16166 | 1 Gnu | 1 Cflow | 2024-11-21 | 6.5 Medium |
| GNU cflow through 1.6 has a heap-based buffer over-read in the nexttoken function in parser.c. | ||||
| CVE-2019-16163 | 5 Canonical, Debian, Fedoraproject and 2 more | 6 Ubuntu Linux, Debian Linux, Fedora and 3 more | 2024-11-21 | 7.5 High |
| Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of recursion in regparse.c. | ||||
| CVE-2019-16162 | 1 K-takata | 1 Onigmo | 2024-11-21 | 7.5 High |
| Onigmo through 6.2.0 has an out-of-bounds read in parse_char_class because of missing codepoint validation in regenc.c. | ||||
| CVE-2019-16139 | 1 Compact Arena Project | 1 Compact Arena | 2024-11-21 | 9.8 Critical |
| An issue was discovered in the compact_arena crate before 0.4.0 for Rust. Generativity is mishandled, leading to an out-of-bounds write or read. | ||||
| CVE-2019-16129 | 1 Microchip | 1 Cryptoauthlib | 2024-11-21 | 6.8 Medium |
| Microchip CryptoAuthentication Library CryptoAuthLib prior to 20191122 has a Buffer Overflow (issue 2 of 2). | ||||
| CVE-2019-16128 | 1 Microchip | 1 Cryptoauthlib | 2024-11-21 | 6.8 Medium |
| Microchip CryptoAuthentication Library CryptoAuthLib prior to 20191122 has a Buffer Overflow (issue 1 of 2). | ||||
| CVE-2019-16115 | 1 Glyphandcog | 1 Xpdfreader | 2024-11-21 | 7.8 High |
| In Xpdf 4.01.01, a stack-based buffer under-read could be triggered in IdentityFunction::transform in Function.cc, used by GfxAxialShading::getColor. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It allows an attacker to use a crafted PDF file to cause Denial of Service or possibly unspecified other impact. | ||||
| CVE-2019-16098 | 1 Msi | 1 Afterburner | 2024-11-21 | 7.8 High |
| The driver in Micro-Star MSI Afterburner 4.6.2.15658 (aka RTCore64.sys and RTCore32.sys) allows any authenticated user to read and write to arbitrary memory, I/O ports, and MSRs. This can be exploited for privilege escalation, code execution under high privileges, and information disclosure. These signed drivers can also be used to bypass the Microsoft driver-signing policy to deploy malicious code. | ||||
| CVE-2019-16095 | 2 Canonical, Symonics | 2 Ubuntu Linux, Libmysofa | 2024-11-21 | 7.5 High |
| Symonics libmysofa 0.7 has an invalid read in getDimension in hrtf/reader.c. | ||||
| CVE-2019-16094 | 2 Canonical, Symonics | 2 Ubuntu Linux, Libmysofa | 2024-11-21 | 7.5 High |
| Symonics libmysofa 0.7 has an invalid read in readOHDRHeaderMessageDataLayout in hdf/dataobject.c. | ||||
| CVE-2019-16091 | 2 Canonical, Symonics | 2 Ubuntu Linux, Libmysofa | 2024-11-21 | 7.5 High |
| Symonics libmysofa 0.7 has an out-of-bounds read in directblockRead in hdf/fractalhead.c. | ||||
| CVE-2019-15948 | 1 Ti | 6 Cc256xb-bt-sp, Cc256xb-bt-sp Firmware, Cc256xc-bt-sp and 3 more | 2024-11-21 | 8.8 High |
| Texas Instruments CC256x and WL18xx dual-mode Bluetooth controller devices, when LE scan mode is used, allow remote attackers to trigger a buffer overflow via a malformed Bluetooth Low Energy advertising packet, to cause a denial of service or potentially execute arbitrary code. This affects CC256xC-BT-SP 1.2, CC256xB-BT-SP 1.8, and WL18xx-BT-SP 4.4. | ||||
| CVE-2019-15927 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-11-21 | 7.8 High |
| An issue was discovered in the Linux kernel before 4.20.2. An out-of-bounds access exists in the function build_audio_procunit in the file sound/usb/mixer.c. | ||||
| CVE-2019-15926 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2024-11-21 | 9.1 Critical |
| An issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the functions ath6kl_wmi_pstream_timeout_event_rx and ath6kl_wmi_cac_event_rx in the file drivers/net/wireless/ath/ath6kl/wmi.c. | ||||
| CVE-2019-15925 | 3 Canonical, Linux, Redhat | 3 Ubuntu Linux, Linux Kernel, Enterprise Linux | 2024-11-21 | 7.8 High |
| An issue was discovered in the Linux kernel before 5.2.3. An out of bounds access exists in the function hclge_tm_schd_mode_vnet_base_cfg in the file drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_tm.c. | ||||
| CVE-2019-15918 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2024-11-21 | 7.8 High |
| An issue was discovered in the Linux kernel before 5.0.10. SMB2_negotiate in fs/cifs/smb2pdu.c has an out-of-bounds read because data structures are incompletely updated after a change from smb30 to smb21. | ||||
| CVE-2019-15784 | 1 Srtalliance | 1 Secure Reliable Transport | 2024-11-21 | N/A |
| Secure Reliable Transport (SRT) through 1.3.4 has a CSndUList array overflow if there are many SRT connections. | ||||
| CVE-2019-15699 | 1 Suricata-ids | 1 Suricata | 2024-11-21 | 9.1 Critical |
| An issue was discovered in app-layer-ssl.c in Suricata 4.1.4. Upon receiving a corrupted SSLv3 (TLS 1.2) packet, the parser function TLSDecodeHSHelloExtensions tries to access a memory region that is not allocated, because the expected length of HSHelloExtensions does not match the real length of the HSHelloExtensions part of the packet. | ||||
| CVE-2019-15695 | 3 Opensuse, Redhat, Tigervnc | 3 Leap, Enterprise Linux, Tigervnc | 2024-11-21 | 7.2 High |
| TigerVNC version prior to 1.10.1 is vulnerable to stack buffer overflow, which could be triggered from CMsgReader::readSetCursor. This vulnerability occurs due to insufficient sanitization of PixelFormat. Since remote attacker can choose offset from start of the buffer to start writing his values, exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity. | ||||
| CVE-2019-15694 | 3 Opensuse, Redhat, Tigervnc | 3 Leap, Enterprise Linux, Tigervnc | 2024-11-21 | 7.2 High |
| TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow, which could be triggered from DecodeManager::decodeRect. Vulnerability occurs due to the signdness error in processing MemOutStream. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity. | ||||