Search
Total
1326 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-19334 | 3 Cesnet, Fedoraproject, Redhat | 3 Libyang, Fedora, Enterprise Linux | 2019-12-18 | 7.5 HIGH | 9.8 CRITICAL |
| In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "identityref". An application that uses libyang to parse untrusted YANG files may be vulnerable to this flaw, which would allow an attacker to cause a denial of service or possibly gain code execution. | |||||
| CVE-2019-19333 | 2 Cesnet, Redhat | 2 Libyang, Enterprise Linux | 2019-12-18 | 7.5 HIGH | 9.8 CRITICAL |
| In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "bits". An application that uses libyang to parse untrusted YANG files may be vulnerable to this flaw, which would allow an attacker to cause a denial of service or possibly gain code execution. | |||||
| CVE-2019-14901 | 2 Fedoraproject, Linux | 2 Fedora, Linux Kernel | 2019-12-12 | 10.0 HIGH | 9.8 CRITICAL |
| A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The vulnerability allows a remote attacker to cause a system crash, resulting in a denial of service, or execute arbitrary code. The highest threat with this vulnerability is with the availability of the system. If code execution occurs, the code will run with the permissions of root. This will affect both confidentiality and integrity of files on the system. | |||||
| CVE-2019-14895 | 1 Linux | 1 Linux Kernel | 2019-12-12 | 7.5 HIGH | 9.8 CRITICAL |
| A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the handling of the remote devices country settings. This could allow the remote device to cause a denial of service (system crash) or possibly execute arbitrary code. | |||||
| CVE-2019-19635 | 1 Libsixel Project | 1 Libsixel | 2019-12-09 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in libsixel 1.8.2. There is a heap-based buffer overflow in the function sixel_decode_raw_impl at fromsixel.c. | |||||
| CVE-2019-19638 | 1 Libsixel Project | 1 Libsixel | 2019-12-09 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in libsixel 1.8.2. There is a heap-based buffer overflow in the function load_pnm at frompnm.c, due to an integer overflow. | |||||
| CVE-2019-13582 | 1 Marvell | 2 88w8688, 88w8688 Firmware | 2019-12-04 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Marvell 88W8688 Wi-Fi firmware before version p52, as used on Tesla Model S/X vehicles manufactured before March 2018, via the Parrot Faurecia Automotive FC6050W module. A stack overflow could lead to denial of service or arbitrary code execution. | |||||
| CVE-2018-8879 | 1 Asus | 2 Rt-ac66u, Rt-ac66u Firmware | 2019-12-04 | 7.5 HIGH | 9.8 CRITICAL |
| Stack-based buffer overflow in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices allows remote attackers to execute arbitrary code by providing a long string to the blocking.asp page via a GET or POST request. Vulnerable parameters are flag, mac, and cat_id. | |||||
| CVE-2019-5541 | 2 Apple, Vmware | 3 Mac Os X, Fusion, Workstation | 2019-11-25 | 6.5 MEDIUM | 9.1 CRITICAL |
| VMware Workstation (15.x before 15.5.1) and Fusion (11.x before 11.5.1) contain an out-of-bounds write vulnerability in the e1000e virtual network adapter. Successful exploitation of this issue may lead to code execution on the host from the guest or may allow attackers to create a denial-of-service condition on their own VM. | |||||
| CVE-2019-18240 | 1 Fujielectric | 1 V-server | 2019-11-18 | 7.5 HIGH | 9.8 CRITICAL |
| In Fuji Electric V-Server 4.0.6 and prior, several heap-based buffer overflows have been identified, which may allow an attacker to remotely execute arbitrary code. | |||||
| CVE-2018-9556 | 1 Google | 1 Android | 2019-11-13 | 10.0 HIGH | 9.8 CRITICAL |
| In ParsePayloadHeader of payload_metadata.cc, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-113118184. | |||||
| CVE-2018-9578 | 1 Google | 1 Android | 2019-11-13 | 7.5 HIGH | 9.8 CRITICAL |
| In ixheaacd_adts_crc_start_reg of ixheaacd_adts_crc_check.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-113261928. | |||||
| CVE-2019-2285 | 1 Qualcomm | 72 Msm8909w, Msm8909w Firmware, Msm8996au and 69 more | 2019-11-08 | 10.0 HIGH | 9.8 CRITICAL |
| Out of bound write issue is observed while giving information about properties that have been set so far for playing video in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130 | |||||
| CVE-2019-5049 | 1 Amd | 6 Radeon 550, Radeon 550 Firmware, Radeon Rx 550 and 3 more | 2019-11-07 | 7.5 HIGH | 10.0 CRITICAL |
| An exploitable memory corruption vulnerability exists in AMD ATIDXX64.DLL driver, versions 25.20.15031.5004 and 25.20.15031.9002. A specially crafted pixel shader can cause an out-of-bounds memory write. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from VMware guest, affecting VMware host. | |||||
| CVE-2019-15683 | 1 Turbovnc | 1 Turbovnc | 2019-11-05 | 7.5 HIGH | 9.8 CRITICAL |
| TurboVNC server code contains stack buffer overflow vulnerability in commit prior to cea98166008301e614e0d36776bf9435a536136e. This could possibly result into remote code execution, since stack frame is not protected with stack canary. This attack appear to be exploitable via network connectivity. To exploit this vulnerability authorization on server is required. These issues have been fixed in commit cea98166008301e614e0d36776bf9435a536136e. | |||||
| CVE-2013-2739 | 2 Debian, Readymedia Project | 2 Debian Linux, Readymedia | 2019-11-04 | 7.5 HIGH | 9.8 CRITICAL |
| MiniDLNA has heap-based buffer overflow | |||||
| CVE-2019-18224 | 1 Gnu | 1 Libidn2 | 2019-10-29 | 7.5 HIGH | 9.8 CRITICAL |
| idn2_to_ascii_4i in lib/lookup.c in GNU libidn2 before 2.1.1 has a heap-based buffer overflow via a long domain string. | |||||
| CVE-2019-16265 | 1 Codesys | 2 Codesys, Eni Server | 2019-10-28 | 7.5 HIGH | 9.8 CRITICAL |
| CODESYS V2.3 ENI server up to V3.2.2.24 has a Buffer Overflow. | |||||
| CVE-2019-14495 | 1 3proxy | 1 3proxy | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| webadmin.c in 3proxy before 0.8.13 has an out-of-bounds write in the admin interface. | |||||
| CVE-2018-1160 | 3 Debian, Netatalk Project, Synology | 7 Debian Linux, Netatalk, Diskstation Manager and 4 more | 2019-10-09 | 10.0 HIGH | 9.8 CRITICAL |
| Netatalk before 3.1.12 is vulnerable to an out of bounds write in dsi_opensess.c. This is due to lack of bounds checking on attacker controlled data. A remote unauthenticated attacker can leverage this vulnerability to achieve arbitrary code execution. | |||||
| CVE-2017-9634 | 1 Mitsubishielectric | 1 E-designer | 2019-10-09 | 10.0 HIGH | 9.8 CRITICAL |
| Mitsubishi E-Designer, Version 7.52 Build 344 contains two code sections which may be exploited to allow an attacker to overwrite arbitrary memory locations. This can result in arbitrary code execution, compromised data integrity, denial of service, and system crash. | |||||
| CVE-2017-2640 | 3 Debian, Pidgin, Redhat | 7 Debian Linux, Pidgin, Enterprise Linux Desktop and 4 more | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| An out-of-bounds write flaw was found in the way Pidgin before 2.12.0 processed XML content. A malicious remote server could potentially use this flaw to crash Pidgin or execute arbitrary code in the context of the pidgin process. | |||||
| CVE-2017-15118 | 3 Canonical, Qemu, Redhat | 3 Ubuntu Linux, Qemu, Enterprise Linux | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| A stack-based buffer overflow vulnerability was found in NBD server implementation in qemu before 2.11 allowing a client to request an export name of size up to 4096 bytes, which in fact should be limited to 256 bytes, causing an out-of-bounds stack write in the qemu process. If NBD server requires TLS, the attacker cannot trigger the buffer overflow without first successfully negotiating TLS. | |||||
| CVE-2014-5435 | 1 Honeywell | 1 Experion Process Knowledge System | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| An arbitrary memory write vulnerability exists in the dual_onsrv.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x before R430.2, that could lead to possible remote code execution or denial of service. Honeywell strongly encourages and recommends all customers running unsupported versions of EKPS prior to R400 to upgrade to a supported version. | |||||
| CVE-2017-2520 | 2 Apple, Debian | 5 Iphone Os, Mac Os X, Tvos and 2 more | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a crafted SQL statement. | |||||
| CVE-2018-18729 | 1 Tenda | 10 Ac10, Ac10 Firmware, Ac15 and 7 more | 2019-10-03 | 9.0 HIGH | 9.8 CRITICAL |
| An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a heap-based buffer overflow vulnerability in the router's web server -- httpd. While processing the 'mac' parameter for a post request, the value is directly used in a strcpy to a variable placed on the heap, which can leak sensitive information or even hijack program control flow. | |||||
| CVE-2017-0561 | 1 Linux | 1 Linux Kernel | 2019-10-03 | 10.0 HIGH | 9.8 CRITICAL |
| A remote code execution vulnerability in the Broadcom Wi-Fi firmware could enable a remote attacker to execute arbitrary code within the context of the Wi-Fi SoC. This issue is rated as Critical due to the possibility of remote code execution in the context of the Wi-Fi SoC. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34199105. References: B-RB#110814. | |||||
| CVE-2019-5608 | 1 Freebsd | 1 Freebsd | 2019-09-10 | 7.5 HIGH | 9.8 CRITICAL |
| In FreeBSD 12.0-STABLE before r350648, 12.0-RELEASE before 12.0-RELEASE-p9, 11.3-STABLE before r350650, 11.3-RELEASE before 11.3-RELEASE-p2, and 11.2-RELEASE before 11.2-RELEASE-p13, the ICMPv6 input path incorrectly handles cases where an MLDv2 listener query packet is internally fragmented across multiple mbufs. A remote attacker may be able to cause an out-of-bounds read or write that may cause the kernel to attempt to access an unmapped page and subsequently panic. | |||||
| CVE-2019-16139 | 1 Compact Arena Project | 1 Compact Arena | 2019-09-09 | 9.0 HIGH | 9.8 CRITICAL |
| An issue was discovered in the compact_arena crate before 0.4.0 for Rust. Generativity is mishandled, leading to an out-of-bounds write or read. | |||||
| CVE-2019-11500 | 3 Debian, Dovecot, Fedoraproject | 4 Debian Linux, Dovecot, Pigeonhole and 1 more | 2019-09-06 | 7.5 HIGH | 9.8 CRITICAL |
| In Dovecot before 2.2.36.4 and 2.3.x before 2.3.7.2 (and Pigeonhole before 0.5.7.2), protocol processing can fail for quoted strings. This occurs because '\0' characters are mishandled, and can lead to out-of-bounds writes and remote code execution. | |||||
| CVE-2019-11772 | 1 Eclipse | 1 Openj9 | 2019-09-02 | 7.5 HIGH | 9.8 CRITICAL |
| In Eclipse OpenJ9 prior to 0.15, the String.getBytes(int, int, byte[], int) method does not verify that the provided byte array is non-null nor that the provided index is in bounds when compiled by the JIT. This allows arbitrary writes to any 32-bit address or beyond the end of a byte array within Java code run under a SecurityManager. | |||||
| CVE-2019-7027 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2019-08-21 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
| CVE-2018-12808 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2019-08-21 | 7.5 HIGH | 9.8 CRITICAL |
| Adobe Acrobat and Reader versions 2018.011.20055 and earlier, 2017.011.30096 and earlier, and 2015.006.30434 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2018-12787 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2019-08-21 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. | |||||
| CVE-2018-12760 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2019-08-21 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. | |||||
| CVE-2018-12758 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2019-08-21 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. | |||||
| CVE-2018-19702 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2019-08-21 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2019-7804 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2019-08-21 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier version, 2017.011.30138 and earlier version, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
| CVE-2018-4950 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2019-08-21 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. | |||||
| CVE-2018-5021 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2019-08-21 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. | |||||
| CVE-2019-7124 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2019-08-21 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
| CVE-2019-7120 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2019-08-21 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
| CVE-2019-7119 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2019-08-21 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
| CVE-2019-7118 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2019-08-21 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
| CVE-2019-7019 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2019-08-21 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
| CVE-2019-5684 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2019-08-13 | 10.0 HIGH | 10.0 CRITICAL |
| NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in DirectX drivers, in which a specially crafted shader can cause an out of bounds access of an input texture array, which may lead to denial of service or code execution. | |||||
| CVE-2019-5685 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2019-08-13 | 10.0 HIGH | 9.8 CRITICAL |
| NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in DirectX drivers, in which a specially crafted shader can cause an out of bounds access to a shader local temporary array, which may lead to denial of service or code execution. | |||||
| CVE-2018-19198 | 2 Debian, Uriparser Project | 2 Debian Linux, Uriparser | 2019-08-06 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an out-of-bounds write via a uriComposeQuery* or uriComposeQueryEx* function because the '&' character is mishandled in certain contexts. | |||||
| CVE-2018-14600 | 3 Canonical, Debian, X.org | 3 Ubuntu Linux, Debian Linux, Libx11 | 2019-08-06 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c interprets a variable as signed instead of unsigned, resulting in an out-of-bounds write (of up to 128 bytes), leading to DoS or remote code execution. | |||||
| CVE-2018-12699 | 2 Canonical, Gnu | 2 Ubuntu Linux, Binutils | 2019-08-03 | 7.5 HIGH | 9.8 CRITICAL |
| finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. This can occur during execution of objdump. | |||||