Search
Total
1785 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-12894 | 1 Alternate-tools | 1 Alternate Pic View | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| Alternate Pic View 2.600 has a Read Access Violation at the Instruction Pointer after a call from PicViewer!PerfgrapFinalize+0x00000000000a9a1b. | |||||
| CVE-2019-12750 | 1 Symantec | 1 Endpoint Protection | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
| Symantec Endpoint Protection, prior to 14.2 RU1 & 12.1 RU6 MP10 and Symantec Endpoint Protection Small Business Edition, prior to 12.1 RU6 MP10c (12.1.7491.7002), may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. | |||||
| CVE-2019-12727 | 1 Ui | 2 Aircam, Aircam Firmware | 2020-08-24 | 7.8 HIGH | 7.5 HIGH |
| On Ubiquiti airCam 3.1.4 devices, a Denial of Service vulnerability exists in the RTSP Service provided by the ubnt-streamer binary. The issue can be triggered via malformed RTSP requests that lead to an invalid memory read. To exploit the vulnerability, an attacker must craft an RTSP request with a large number of headers. | |||||
| CVE-2019-12555 | 1 Sweetscape | 1 010 Editor | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| In SweetScape 010 Editor 9.0.1, improper validation of arguments in the internal implementation of the SubStr function (provided by the scripting engine) allows an attacker to cause a denial of service by crashing the application. | |||||
| CVE-2019-12554 | 1 Sweetscape | 1 010 Editor | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| In SweetScape 010 Editor 9.0.1, improper validation of arguments in the internal implementation of the WSubStr function (provided by the scripting engine) allows an attacker to cause a denial of service by crashing the application. | |||||
| CVE-2019-12083 | 1 Rust-lang | 1 Rust | 2020-08-24 | 6.8 MEDIUM | 8.1 HIGH |
| The Rust Programming Language Standard Library 1.34.x before 1.34.2 contains a stabilized method which, if overridden, can violate Rust's safety guarantees and cause memory unsafety. If the `Error::type_id` method is overridden then any type can be safely cast to any other type, causing memory safety vulnerabilities in safe code (e.g., out-of-bounds write or read). Code that does not manually implement Error::type_id is unaffected. | |||||
| CVE-2019-11007 | 3 Debian, Graphicsmagick, Opensuse | 3 Debian Linux, Graphicsmagick, Leap | 2020-08-24 | 5.8 MEDIUM | 8.1 HIGH |
| In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the ReadMNGImage function of coders/png.c, which allows attackers to cause a denial of service or information disclosure via an image colormap. | |||||
| CVE-2018-9565 | 1 Google | 1 Android | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| In readBytes of xltdecwbxml.c, there is a possible out of bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-16680558. | |||||
| CVE-2018-9358 | 1 Google | 1 Android | 2020-08-24 | 7.8 HIGH | 7.5 HIGH |
| In gatts_process_attribute_req of gatt_sc.cc, there is a possible read of uninitialized data due to a missing bounds check. This could lead to remote information disclosure in the Bluetooth process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-73172115. | |||||
| CVE-2018-8139 | 1 Microsoft | 3 Chakracore, Edge, Windows 10 | 2020-08-24 | 7.6 HIGH | 7.5 HIGH |
| A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137. | |||||
| CVE-2018-14883 | 4 Canonical, Debian, Netapp and 1 more | 4 Ubuntu Linux, Debian Linux, Storage Automation Store and 1 more | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. An Integer Overflow leads to a heap-based buffer over-read in exif_thumbnail_extract of exif.c. | |||||
| CVE-2018-15471 | 3 Canonical, Linux, Xen | 3 Ubuntu Linux, Linux Kernel, Xen | 2020-08-24 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in xenvif_set_hash_mapping in drivers/net/xen-netback/hash.c in the Linux kernel through 4.18.1, as used in Xen through 4.11.x and other products. The Linux netback driver allows frontends to control mapping of requests to request queues. When processing a request to set or change this mapping, some input validation (e.g., for an integer overflow) was missing or flawed, leading to OOB access in hash handling. A malicious or buggy frontend may cause the (usually privileged) backend to make out of bounds memory accesses, potentially resulting in one or more of privilege escalation, Denial of Service (DoS), or information leaks. | |||||
| CVE-2018-6071 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Linux Desktop and 2 more | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| An integer overflow in Skia in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | |||||
| CVE-2018-18224 | 2 Opendesign, Oracle | 2 Drawings Sdk, Outside In Technology | 2020-08-24 | 5.8 MEDIUM | 8.1 HIGH |
| A vulnerability exists in the file reading procedure in Open Design Alliance Drawings SDK 2019Update1 on non-Windows platforms in which attackers could perform read operations past the end, or before the beginning, of the intended buffer. This can allow attackers to obtain sensitive information from process memory or cause a crash. | |||||
| CVE-2019-9381 | 1 Google | 1 Android | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| In netd, there is a possible out of bounds read due to a use after free. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-122677612 | |||||
| CVE-2019-19246 | 3 Fedoraproject, Oniguruma Project, Php | 3 Fedora, Oniguruma, Php | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| Oniguruma through 6.9.3, as used in PHP 7.3.x and other products, has a heap-based buffer over-read in str_lower_case_match in regexec.c. | |||||
| CVE-2019-19204 | 3 Debian, Fedoraproject, Oniguruma Project | 3 Debian Linux, Fedora, Oniguruma | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function fetch_interval_quantifier (formerly known as fetch_range_quantifier) in regparse.c, PFETCH is called without checking PEND. This leads to a heap-based buffer over-read. | |||||
| CVE-2019-9936 | 1 Sqlite | 1 Sqlite | 2020-08-23 | 5.0 MEDIUM | 7.5 HIGH |
| In SQLite 3.27.2, running fts5 prefix queries inside a transaction could trigger a heap-based buffer over-read in fts5HashEntrySort in sqlite3.c, which may lead to an information leak. This is related to ext/fts5/fts5_hash.c. | |||||
| CVE-2020-24344 | 1 Jerryscript | 1 Jerryscript | 2020-08-19 | 5.8 MEDIUM | 7.1 HIGH |
| JerryScript through 2.3.0 has a (function({a=arguments}){const arguments}) buffer over-read. | |||||
| CVE-2019-13295 | 4 Canonical, Debian, Imagemagick and 1 more | 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more | 2020-08-19 | 6.8 MEDIUM | 8.8 HIGH |
| ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled. | |||||
| CVE-2019-13297 | 4 Canonical, Debian, Imagemagick and 1 more | 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more | 2020-08-19 | 6.8 MEDIUM | 8.8 HIGH |
| ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled. | |||||
| CVE-2020-0510 | 1 Intel | 1 Graphics Drivers | 2020-08-19 | 4.6 MEDIUM | 7.8 HIGH |
| Out of bounds read in some Intel(R) Graphics Drivers before versions 15.45.31.5127 and 15.40.45.5126 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2018-8960 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2020-08-19 | 6.8 MEDIUM | 8.8 HIGH |
| The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-26 Q16 does not properly restrict memory allocation, leading to a heap-based buffer over-read. | |||||
| CVE-2019-11597 | 1 Imagemagick | 1 Imagemagick | 2020-08-19 | 5.8 MEDIUM | 8.1 HIGH |
| In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. | |||||
| CVE-2019-14776 | 2 Debian, Videolan | 2 Debian Linux, Vlc Media Player | 2020-08-18 | 6.8 MEDIUM | 7.8 HIGH |
| A heap-based buffer over-read exists in DemuxInit() in demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1 via a crafted .mkv file. | |||||
| CVE-2019-14438 | 2 Debian, Videolan | 2 Debian Linux, Vlc Media Player | 2020-08-18 | 6.8 MEDIUM | 7.8 HIGH |
| A heap-based buffer over-read in xiph_PackHeaders() in modules/demux/xiph.h in VideoLAN VLC media player 3.0.7.1 allows remote attackers to trigger a heap-based buffer over-read via a crafted .ogg file. | |||||
| CVE-2014-7825 | 1 Linux | 1 Linux Kernel | 2020-08-14 | 7.2 HIGH | 7.8 HIGH |
| kernel/trace/trace_syscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the perf subsystem, which allows local users to cause a denial of service (out-of-bounds read and OOPS) or bypass the ASLR protection mechanism via a crafted application. | |||||
| CVE-2020-0254 | 1 Google | 1 Android | 2020-08-12 | 7.8 HIGH | 7.5 HIGH |
| There is a possible out of bounds read due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-152647751 | |||||
| CVE-2020-0251 | 1 Google | 1 Android | 2020-08-12 | 7.8 HIGH | 7.5 HIGH |
| There is a possible out of bounds read due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-152647626 | |||||
| CVE-2020-14153 | 1 Ijg | 1 Libjpeg | 2020-08-11 | 5.8 MEDIUM | 7.1 HIGH |
| In IJG JPEG (aka libjpeg) from version 8 through 9c, jdhuff.c has an out-of-bounds array read for certain table pointers. | |||||
| CVE-2020-16219 | 1 Deltaww | 1 Tpeditor | 2020-08-10 | 6.8 MEDIUM | 7.8 HIGH |
| Delta Electronics TPEditor Versions 1.97 and prior. An out-of-bounds read may be exploited by processing specially crafted project files. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execute arbitrary code, and/or crash the application. | |||||
| CVE-2014-1497 | 6 Canonical, Debian, Mozilla and 3 more | 17 Ubuntu Linux, Debian Linux, Firefox and 14 more | 2020-08-06 | 6.8 MEDIUM | 8.8 HIGH |
| The mozilla::WaveReader::DecodeAudioData function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process heap memory, cause a denial of service (out-of-bounds read and application crash), or possibly have unspecified other impact via a crafted WAV file. | |||||
| CVE-2016-2064 | 1 Linux | 1 Linux Kernel | 2020-08-04 | 6.9 MEDIUM | 7.8 HIGH |
| sound/soc/msm/qdsp6v2/msm-audio-effects-q6-v2.c in the MSM QDSP6 audio driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted application that makes an ioctl call specifying many commands. | |||||
| CVE-2019-14101 | 1 Qualcomm | 114 Apq8009, Apq8009 Firmware, Apq8096 and 111 more | 2020-07-31 | 3.6 LOW | 7.1 HIGH |
| Out of bounds read can happen in diag event set mask command handler when user provided length in the command request is less than expected length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8096, APQ8096AU, APQ8098, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCM2150, QCN7605, QCS404, QCS405, QCS605, QM215, Rennell, SA415M, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130 | |||||
| CVE-2020-3700 | 1 Qualcomm | 36 Apq8053, Apq8053 Firmware, Apq8096au and 33 more | 2020-07-30 | 5.0 MEDIUM | 7.5 HIGH |
| Possible out of bounds read due to a missing bounds check and could lead to local information disclosure in the wifi driver with no additional execution privileges needed in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, APQ8096AU, IPQ4019, IPQ8064, IPQ8074, MDM9607, MSM8909W, MSM8996AU, QCA6574AU, QCA9531, QCA9558, QCA9980, SC8180X, SDM439, SDX55, SM8150, SM8250, SXR2130 | |||||
| CVE-2019-13312 | 1 Ffmpeg | 1 Ffmpeg | 2020-07-28 | 6.8 MEDIUM | 8.8 HIGH |
| block_cmp() in libavcodec/zmbvenc.c in FFmpeg 4.1.3 has a heap-based buffer over-read. | |||||
| CVE-2020-6624 | 1 Jhead Project | 1 Jhead | 2020-07-28 | 5.8 MEDIUM | 7.1 HIGH |
| jhead through 3.04 has a heap-based buffer over-read in process_DQT in jpgqguess.c. | |||||
| CVE-2020-6625 | 1 Jhead Project | 1 Jhead | 2020-07-28 | 5.8 MEDIUM | 7.1 HIGH |
| jhead through 3.04 has a heap-based buffer over-read in Get32s when called from ProcessGpsInfo in gpsinfo.c. | |||||
| CVE-2020-11538 | 2 Fedoraproject, Python | 2 Fedora, Pillow | 2020-07-27 | 6.8 MEDIUM | 8.1 HIGH |
| In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds reads exist in the parsing of SGI image files, a different issue than CVE-2020-5311. | |||||
| CVE-2020-1808 | 1 Huawei | 8 Honor 20, Honor 20 Firmware, Honor 20 Pro and 5 more | 2020-07-27 | 5.8 MEDIUM | 7.1 HIGH |
| Honor 20;HONOR 20 PRO;Honor Magic2;HUAWEI Mate 20 X;HUAWEI P30;HUAWEI P30 Pro;Honor View 20 smartphones with versions earlier than 10.0.0.187(C00E60R4P11); versions earlier than 10.0.0.187(C00E60R4P11); versions earlier than 10.0.0.176(C00E60R2P11);9.1.0.135(C00E133R2P1); versions earlier than 10.1.0.123(C431E22R3P5), versions earlier than 10.1.0.126(C636E5R3P4), versions earlier than 10.1.0.160(C00E160R2P11); versions earlier than 10.1.0.126(C185E8R5P1), versions earlier than 10.1.0.126(C636E9R2P4), versions earlier than 10.1.0.160(C00E160R2P8); versions earlier than 10.0.0.179(C636E3R4P3), versions earlier than 10.0.0.180(C185E3R3P3), versions earlier than 10.0.0.180(C432E10R3P4), versions earlier than 10.0.0.181(C675E5R1P2) have an out of bound read vulnerability. The software reads data past the end of the intended buffer. The attacker tricks the user into installing a crafted application, successful exploit may cause information disclosure or service abnormal. | |||||
| CVE-2018-7439 | 2 Debian, Freexl Project | 2 Debian Linux, Freexl | 2020-07-27 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in the function read_mini_biff_next_record. | |||||
| CVE-2018-7435 | 2 Debian, Freexl Project | 2 Debian Linux, Freexl | 2020-07-27 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in the freexl::destroy_cell function. | |||||
| CVE-2018-7436 | 2 Debian, Freexl Project | 2 Debian Linux, Freexl | 2020-07-27 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in a pointer dereference of the parse_SST function. | |||||
| CVE-2018-7437 | 2 Debian, Freexl Project | 2 Debian Linux, Freexl | 2020-07-27 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in a memcpy call of the parse_SST function. | |||||
| CVE-2018-7438 | 2 Debian, Freexl Project | 2 Debian Linux, Freexl | 2020-07-27 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in the parse_unicode_string function. | |||||
| CVE-2019-9232 | 1 Google | 1 Android | 2020-07-24 | 5.0 MEDIUM | 7.5 HIGH |
| In libvpx, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-122675483 | |||||
| CVE-2019-10872 | 1 Freedesktop | 1 Poppler | 2020-07-23 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in Poppler 0.74.0. There is a heap-based buffer over-read in the function Splash::blitTransparent at splash/Splash.cc. | |||||
| CVE-2019-12293 | 1 Freedesktop | 1 Poppler | 2020-07-23 | 6.8 MEDIUM | 8.8 HIGH |
| In Poppler through 0.76.1, there is a heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc via data with inconsistent heights or widths. | |||||
| CVE-2019-20915 | 1 Gnu | 1 Libredwg | 2020-07-22 | 5.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in bit_write_TF in bits.c. | |||||
| CVE-2019-20913 | 1 Gnu | 1 Libredwg | 2020-07-22 | 5.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in dwg_encode_entity in common_entity_data.spec. | |||||