Total
13886 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-1010300 | 1 Mz-automation | 1 Libiec61850 | 2024-11-21 | N/A |
| mz-automation libiec61850 1.3.2 1.3.1 1.3.0 is affected by: Buffer Overflow. The impact is: Software crash. The component is: server_example_complex_array. The attack vector is: Send a specific MMS protocol packet. | ||||
| CVE-2019-1010238 | 6 Canonical, Debian, Fedoraproject and 3 more | 14 Ubuntu Linux, Debian Linux, Fedora and 11 more | 2024-11-21 | 9.8 Critical |
| Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pango_log2vis_get_embedding_levels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when application pass invalid utf-8 strings to functions like pango_itemize. | ||||
| CVE-2019-1010208 | 1 Idrix | 2 Truecrypt, Veracrypt | 2024-11-21 | N/A |
| IDRIX, Truecrypt Veracrypt, Truecrypt Prior to 1.23-Hotfix-1 (Veracrypt), all versions (Truecrypt) is affected by: Buffer Overflow. The impact is: Minor information disclosure of kernel stack. The component is: Veracrypt NT Driver (veracrypt.sys). The attack vector is: Locally executed code, IOCTL request to driver. The fixed version is: 1.23-Hotfix-1. | ||||
| CVE-2019-1010180 | 3 Gnu, Opensuse, Redhat | 3 Gdb, Leap, Enterprise Linux | 2024-11-21 | 7.8 High |
| GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet. | ||||
| CVE-2019-1010069 | 2 Debian, Moinejf | 2 Debian Linux, Abcm2ps | 2024-11-21 | 5.5 Medium |
| moinejf abcm2ps 8.13.20 is affected by: Incorrect Access Control. The impact is: Allows attackers to cause a denial of service attack via a crafted file. The component is: front.c, function txt_add. The fixed version is: after commit commit 08aef597656d065e86075f3d53fda89765845eae. | ||||
| CVE-2019-1010060 | 1 Nasa | 1 Cfitsio | 2024-11-21 | N/A |
| NASA CFITSIO prior to 3.43 is affected by: Buffer Overflow. The impact is: arbitrary code execution. The component is: over 40 source code files were changed. The attack vector is: remote unauthenticated attacker. The fixed version is: 3.43. NOTE: this CVE refers to the issues not covered by CVE-2018-3846, CVE-2018-3847, CVE-2018-3848, and CVE-2018-3849. One example is ftp_status in drvrnet.c mishandling a long string beginning with a '4' character. | ||||
| CVE-2019-1010022 | 1 Gnu | 1 Glibc | 2024-11-21 | N/A |
| GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat. | ||||
| CVE-2019-0613 | 1 Microsoft | 10 .net Framework, Visual Studio 2017, Windows 10 and 7 more | 2024-11-21 | N/A |
| A remote code execution vulnerability exists in .NET Framework and Visual Studio software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka '.NET Framework and Visual Studio Remote Code Execution Vulnerability'. | ||||
| CVE-2019-0170 | 1 Intel | 1 Converged Security Management Engine Firmware | 2024-11-21 | N/A |
| Buffer overflow in subsystem in Intel(R) DAL before version 12.0.35 may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2019-0153 | 1 Intel | 1 Converged Security Management Engine Firmware | 2024-11-21 | N/A |
| Buffer overflow in subsystem in Intel(R) CSME 12.0.0 through 12.0.34 may allow an unauthenticated user to potentially enable escalation of privilege via network access. | ||||
| CVE-2019-0152 | 1 Intel | 260 Xeon Bronze 3104, Xeon Bronze 3104 Firmware, Xeon Bronze 3106 and 257 more | 2024-11-21 | 6.7 Medium |
| Insufficient memory protection in System Management Mode (SMM) and Intel(R) TXT for certain Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2019-0151 | 1 Intel | 888 Core I5-5300u, Core I5-5300u Firmware, Core I5-5350u and 885 more | 2024-11-21 | 6.7 Medium |
| Insufficient memory protection in Intel(R) TXT for certain Intel(R) Core Processors and Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2019-0119 | 1 Intel | 184 Hns2400lp, Hns2400lp Firmware, Hns2600bpb and 181 more | 2024-11-21 | N/A |
| Buffer overflow vulnerability in system firmware for Intel(R) Xeon(R) Processor D Family, Intel(R) Xeon(R) Scalable Processor, Intel(R) Server Board, Intel(R) Server System and Intel(R) Compute Module may allow a privileged user to potentially enable escalation of privilege and/or denial of service via local access. | ||||
| CVE-2019-0113 | 1 Intel | 1 Graphics Driver | 2024-11-21 | N/A |
| Insufficient bounds checking in Intel(R) Graphics Drivers before version 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069) may allow an authenticated user to potentially enable a denial of service via local access. | ||||
| CVE-2018-9974 | 1 Foxitsoftware | 2 Foxit Reader, Phantompdf | 2024-11-21 | N/A |
| This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within ConvertToPDF_x86.dll. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-5895. | ||||
| CVE-2018-9949 | 1 Foxitsoftware | 2 Foxit Reader, Phantompdf | 2024-11-21 | N/A |
| This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIFF files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length, heap-based buffer. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5473. | ||||
| CVE-2018-9947 | 1 Foxitsoftware | 2 Foxit Reader, Phantompdf | 2024-11-21 | N/A |
| This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP images. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length, heap-based buffer. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5472. | ||||
| CVE-2018-9533 | 1 Google | 1 Android | 2024-11-21 | N/A |
| In ixheaacd_dec_data_init of ixheaacd_create.c there is a possible out of write read due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-112766520 | ||||
| CVE-2018-9516 | 4 Canonical, Debian, Google and 1 more | 5 Ubuntu Linux, Debian Linux, Android and 2 more | 2024-11-21 | N/A |
| In hid_debug_events_read of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-71361580. | ||||
| CVE-2018-9515 | 1 Google | 1 Android | 2024-11-21 | N/A |
| In sdcardfs_create and sdcardfs_mkdir of inode.c, there is a possible memory corruption due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-111641492 References: N/A | ||||