Total
10481 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-20094 | 1 Libsixel Project | 1 Libsixel | 2020-01-03 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in libsixel 1.8.4. There is a heap-based buffer overflow in the function gif_init_frame at fromgif.c. | |||||
| CVE-2019-19814 | 1 Linux | 1 Linux Kernel | 2020-01-03 | 9.3 HIGH | 7.8 HIGH |
| In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause __remove_dirty_segment slab-out-of-bounds write access because an array is bounded by the number of dirty types (8) but the array index can exceed this. | |||||
| CVE-2019-19378 | 1 Linux | 1 Linux Kernel | 2020-01-03 | 6.8 MEDIUM | 7.8 HIGH |
| In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image can lead to slab-out-of-bounds write access in index_rbio_pages in fs/btrfs/raid56.c. | |||||
| CVE-2019-20024 | 1 Libsixel Project | 1 Libsixel | 2020-01-02 | 4.3 MEDIUM | 6.5 MEDIUM |
| A heap-based buffer overflow was discovered in image_buffer_resize in fromsixel.c in libsixel before 1.8.4. | |||||
| CVE-2019-14612 | 1 Intel | 38 Cd1iv128mk, Cd1iv128mk Firmware, Cd1m3128mk and 35 more | 2020-01-02 | 4.6 MEDIUM | 6.7 MEDIUM |
| Out of bounds write in firmware for Intel(R) NUC(R) may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2019-20160 | 1 Gpac | 1 Gpac | 2020-01-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a stack-based buffer overflow in the function av1_parse_tile_group() in media_tools/av_parsers.c. | |||||
| CVE-2019-13581 | 1 Marvell | 2 88w8688, 88w8688 Firmware | 2020-01-02 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Marvell 88W8688 Wi-Fi firmware before version p52, as used on Tesla Model S/X vehicles manufactured before March 2018, via the Parrot Faurecia Automotive FC6050W module. A heap-based buffer overflow allows remote attackers to cause a denial of service or execute arbitrary code via malformed Wi-Fi packets. | |||||
| CVE-2019-7482 | 1 Sonicwall | 2 Sma 100, Sma 100 Firmware | 2019-12-31 | 7.5 HIGH | 9.8 CRITICAL |
| Stack-based buffer overflow in SonicWall SMA100 allows an unauthenticated user to execute arbitrary code in function libSys.so. This vulnerability impacted SMA100 version 9.0.0.3 and earlier. | |||||
| CVE-2015-8782 | 2 Debian, Libtiff | 2 Debian Linux, Libtiff | 2019-12-31 | 4.3 MEDIUM | 6.5 MEDIUM |
| tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds writes) via a crafted TIFF image, a different vulnerability than CVE-2015-8781. | |||||
| CVE-2015-8781 | 2 Debian, Libtiff | 2 Debian Linux, Libtiff | 2019-12-31 | 4.3 MEDIUM | 6.5 MEDIUM |
| tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds write) via an invalid number of samples per pixel in a LogL compressed TIFF image, a different vulnerability than CVE-2015-8782. | |||||
| CVE-2016-9453 | 3 Debian, Libtiff, Opensuse | 3 Debian Linux, Libtiff, Opensuse | 2019-12-31 | 6.8 MEDIUM | 7.8 HIGH |
| The t2p_readwrite_pdf_image_tile function in LibTIFF allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a JPEG file with a TIFFTAG_JPEGTABLES of length one. | |||||
| CVE-2015-8784 | 2 Debian, Libtiff | 2 Debian Linux, Libtiff | 2019-12-31 | 4.3 MEDIUM | 6.5 MEDIUM |
| The NeXTDecode function in tif_next.c in LibTIFF allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted TIFF image, as demonstrated by libtiff5.tif. | |||||
| CVE-2019-5275 | 1 Huawei | 2 Usg9500, Usg9500 Firmware | 2019-12-31 | 5.0 MEDIUM | 7.5 HIGH |
| USG9500 with versions of V500R001C30;V500R001C60 have a denial of service vulnerability. Due to a flaw in the X.509 implementation in the affected products which can result in a heap buffer overflow when decoding a certificate, an attacker may exploit the vulnerability by a malicious certificate to perform a denial of service attack on the affected products. | |||||
| CVE-2019-19931 | 1 Mz-automation | 1 Libiec61850 | 2019-12-30 | 6.8 MEDIUM | 8.8 HIGH |
| In libIEC61850 1.4.0, MmsValue_decodeMmsData in mms/iso_mms/server/mms_access_result.c has a heap-based buffer overflow. | |||||
| CVE-2019-8529 | 1 Apple | 2 Iphone Os, Mac Os X | 2019-12-30 | 7.2 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2012-4980 | 1 Toshiba | 1 Configfree Utility | 2019-12-30 | 6.8 MEDIUM | 7.8 HIGH |
| Multiple stack-based buffer overflows in CFProfile.exe in Toshiba ConfigFree Utility 8.0.38 allow user-assisted attackers to execute arbitrary code. | |||||
| CVE-2019-5079 | 1 Wago | 4 Pfc 100, Pfc 100 Firmware, Pfc 200 and 1 more | 2019-12-27 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable heap buffer overflow vulnerability exists in the iocheckd service "I/O-Check" functionality of WAGO PFC200 Firmware versions 03.01.07(13) and 03.00.39(12), and WAGO PFC100 Firmware version 03.00.39(12). A specially crafted set of packets can cause a heap buffer overflow, potentially resulting in code execution. An attacker can send unauthenticated packets to trigger this vulnerability. | |||||
| CVE-2019-10525 | 1 Qualcomm | 104 Apq8009, Apq8009 Firmware, Apq8017 and 101 more | 2019-12-23 | 10.0 HIGH | 9.8 CRITICAL |
| Buffer overflow during SIB read when network configures complete sib list along with first and last segment of other SIB in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130 | |||||
| CVE-2019-8604 | 1 Apple | 1 Mac Os X | 2019-12-20 | 7.2 HIGH | 8.8 HIGH |
| A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.5. An application may be able to execute arbitrary code with system privileges. | |||||
| CVE-2019-8697 | 1 Apple | 1 Mac Os X | 2019-12-20 | 7.2 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6. An application may be able to execute arbitrary code with system privileges. | |||||