Export limit exceeded: 14152 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (14152 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-17594 | 3 Gnu, Opensuse, Redhat | 3 Ncurses, Leap, Enterprise Linux | 2024-11-21 | 5.3 Medium |
| There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. | ||||
| CVE-2019-17562 | 1 Apache | 1 Cloudstack | 2024-11-21 | 9.8 Critical |
| A buffer overflow vulnerability has been found in the baremetal component of Apache CloudStack. This applies to all versions prior to 4.13.1. The vulnerability is due to the lack of validation of the mac parameter in baremetal virtual router. If you insert an arbitrary shell command into the mac parameter, v-router will process the command. For example: Normal: http://{GW}:10086/baremetal/provisiondone/{mac}, Abnormal: http://{GW}:10086/baremetal/provisiondone/#';whoami;#. Mitigation of this issue is an upgrade to Apache CloudStack 4.13.1.0 or beyond. | ||||
| CVE-2019-17455 | 5 Canonical, Debian, Fedoraproject and 2 more | 6 Ubuntu Linux, Debian Linux, Fedora and 3 more | 2024-11-21 | 9.8 Critical |
| Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read in buildSmbNtlmAuthRequest in smbutil.c for a crafted NTLM request. | ||||
| CVE-2019-17320 | 1 Netsarang | 1 Xftp | 2024-11-21 | 9.8 Critical |
| NetSarang XFTP Client 6.0149 and earlier version contains a buffer overflow vulnerability caused by improper boundary checks when copying file name from an attacker controlled FTP server. That leads attacker to execute arbitrary code by sending a crafted filename. | ||||
| CVE-2019-17135 | 1 Foxitsoftware | 1 Phantompdf | 2024-11-21 | 7.8 High |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8775. | ||||
| CVE-2019-17006 | 4 Mozilla, Netapp, Redhat and 1 more | 27 Network Security Services, Hci Compute Node, Hci Management Node and 24 more | 2024-11-21 | 9.8 Critical |
| In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a sanity check on the inputs it could result in a crash due to a buffer overflow. | ||||
| CVE-2019-16707 | 3 Fedoraproject, Hunspell Project, Redhat | 3 Fedora, Hunspell, Enterprise Linux | 2024-11-21 | 6.5 Medium |
| Hunspell 1.7.0 has an invalid read operation in SuggestMgr::leftcommonsubstring in suggestmgr.cxx. | ||||
| CVE-2019-16463 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2024-11-21 | 9.8 Critical |
| Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution . | ||||
| CVE-2019-16460 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2024-11-21 | 9.8 Critical |
| Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution . | ||||
| CVE-2019-16455 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2024-11-21 | 9.8 Critical |
| Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution . | ||||
| CVE-2019-16446 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2024-11-21 | 9.8 Critical |
| Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution . | ||||
| CVE-2019-16058 | 1 Opensc Project | 1 Opensc | 2024-11-21 | N/A |
| An issue was discovered in the pam_p11 component 0.2.0 and 0.3.0 for OpenSC. If a smart card creates a signature with a length longer than 256 bytes, this triggers a buffer overflow. This may be the case for RSA keys with 4096 bits depending on the signature scheme. | ||||
| CVE-2019-15946 | 4 Debian, Fedoraproject, Opensc Project and 1 more | 4 Debian Linux, Fedora, Opensc and 1 more | 2024-11-21 | 6.4 Medium |
| OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Octet string in asn1_decode_entry in libopensc/asn1.c. | ||||
| CVE-2019-15945 | 4 Debian, Fedoraproject, Opensc Project and 1 more | 4 Debian Linux, Fedora, Opensc and 1 more | 2024-11-21 | 6.4 Medium |
| OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Bitstring in decode_bit_string in libopensc/asn1.c. | ||||
| CVE-2019-15880 | 1 Freebsd | 1 Freebsd | 2024-11-21 | 9.8 Critical |
| In FreeBSD 12.1-STABLE before r356911, and 12.1-RELEASE before p5, insufficient checking in the cryptodev module allocated the size of a kernel buffer based on a user-supplied length allowing an unprivileged process to trigger a kernel panic. | ||||
| CVE-2019-15846 | 2 Debian, Exim | 2 Debian Linux, Exim | 2024-11-21 | N/A |
| Exim before 4.92.2 allows remote attackers to execute arbitrary code as root via a trailing backslash. | ||||
| CVE-2019-15786 | 1 Robotis | 1 Dynamixel Sdk | 2024-11-21 | N/A |
| ROBOTIS Dynamixel SDK through 3.7.11 has a buffer overflow via a large rxpacket. | ||||
| CVE-2019-15785 | 1 Fontforge | 1 Fontforge | 2024-11-21 | N/A |
| FontForge 20190813 through 20190820 has a buffer overflow in PrefsUI_LoadPrefs in prefs.c. | ||||
| CVE-2019-15783 | 1 Lute-tab Project | 1 Lute-tab | 2024-11-21 | N/A |
| Lute-Tab before 2019-08-23 has a buffer overflow in pdf_print.cc. | ||||
| CVE-2019-15548 | 1 Ncurses Project | 1 Ncurses | 2024-11-21 | N/A |
| An issue was discovered in the ncurses crate through 5.99.0 for Rust. There are instr and mvwinstr buffer overflows because interaction with C functions is mishandled. | ||||