Total
12847 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-17320 | 1 Netsarang | 1 Xftp | 2024-11-21 | 9.8 Critical |
| NetSarang XFTP Client 6.0149 and earlier version contains a buffer overflow vulnerability caused by improper boundary checks when copying file name from an attacker controlled FTP server. That leads attacker to execute arbitrary code by sending a crafted filename. | ||||
| CVE-2019-17135 | 1 Foxitsoftware | 1 Phantompdf | 2024-11-21 | 7.8 High |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8775. | ||||
| CVE-2019-17006 | 4 Mozilla, Netapp, Redhat and 1 more | 27 Network Security Services, Hci Compute Node, Hci Management Node and 24 more | 2024-11-21 | 9.8 Critical |
| In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a sanity check on the inputs it could result in a crash due to a buffer overflow. | ||||
| CVE-2019-16707 | 3 Fedoraproject, Hunspell Project, Redhat | 3 Fedora, Hunspell, Enterprise Linux | 2024-11-21 | 6.5 Medium |
| Hunspell 1.7.0 has an invalid read operation in SuggestMgr::leftcommonsubstring in suggestmgr.cxx. | ||||
| CVE-2019-16463 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2024-11-21 | 9.8 Critical |
| Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution . | ||||
| CVE-2019-16460 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2024-11-21 | 9.8 Critical |
| Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution . | ||||
| CVE-2019-16455 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2024-11-21 | 9.8 Critical |
| Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution . | ||||
| CVE-2019-16446 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2024-11-21 | 9.8 Critical |
| Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution . | ||||
| CVE-2019-16058 | 1 Opensc Project | 1 Opensc | 2024-11-21 | N/A |
| An issue was discovered in the pam_p11 component 0.2.0 and 0.3.0 for OpenSC. If a smart card creates a signature with a length longer than 256 bytes, this triggers a buffer overflow. This may be the case for RSA keys with 4096 bits depending on the signature scheme. | ||||
| CVE-2019-15946 | 4 Debian, Fedoraproject, Opensc Project and 1 more | 4 Debian Linux, Fedora, Opensc and 1 more | 2024-11-21 | 6.4 Medium |
| OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Octet string in asn1_decode_entry in libopensc/asn1.c. | ||||
| CVE-2019-15945 | 4 Debian, Fedoraproject, Opensc Project and 1 more | 4 Debian Linux, Fedora, Opensc and 1 more | 2024-11-21 | 6.4 Medium |
| OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Bitstring in decode_bit_string in libopensc/asn1.c. | ||||
| CVE-2019-15880 | 1 Freebsd | 1 Freebsd | 2024-11-21 | 9.8 Critical |
| In FreeBSD 12.1-STABLE before r356911, and 12.1-RELEASE before p5, insufficient checking in the cryptodev module allocated the size of a kernel buffer based on a user-supplied length allowing an unprivileged process to trigger a kernel panic. | ||||
| CVE-2019-15846 | 2 Debian, Exim | 2 Debian Linux, Exim | 2024-11-21 | N/A |
| Exim before 4.92.2 allows remote attackers to execute arbitrary code as root via a trailing backslash. | ||||
| CVE-2019-15786 | 1 Robotis | 1 Dynamixel Sdk | 2024-11-21 | N/A |
| ROBOTIS Dynamixel SDK through 3.7.11 has a buffer overflow via a large rxpacket. | ||||
| CVE-2019-15785 | 1 Fontforge | 1 Fontforge | 2024-11-21 | N/A |
| FontForge 20190813 through 20190820 has a buffer overflow in PrefsUI_LoadPrefs in prefs.c. | ||||
| CVE-2019-15783 | 1 Lute-tab Project | 1 Lute-tab | 2024-11-21 | N/A |
| Lute-Tab before 2019-08-23 has a buffer overflow in pdf_print.cc. | ||||
| CVE-2019-15548 | 1 Ncurses Project | 1 Ncurses | 2024-11-21 | N/A |
| An issue was discovered in the ncurses crate through 5.99.0 for Rust. There are instr and mvwinstr buffer overflows because interaction with C functions is mishandled. | ||||
| CVE-2019-15296 | 2 Audiocoding, Debian | 2 Freeware Advanced Audio Decoder 2, Debian Linux | 2024-11-21 | N/A |
| An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The faad_resetbits function in libfaad/bits.c is affected by a buffer overflow vulnerability. The number of bits to be read is determined by ld->buffer_size - words*4, cast to uint32. If ld->buffer_size - words*4 is negative, a buffer overflow is later performed via getdword_n(&ld->start[words], ld->bytes_left). | ||||
| CVE-2019-15292 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2024-11-21 | 4.7 Medium |
| An issue was discovered in the Linux kernel before 5.0.9. There is a use-after-free in atalk_proc_exit, related to net/appletalk/atalk_proc.c, net/appletalk/ddp.c, and net/appletalk/sysctl_net_atalk.c. | ||||
| CVE-2019-15291 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A |
| An issue was discovered in the Linux kernel through 5.2.9. There is a NULL pointer dereference caused by a malicious USB device in the flexcop_usb_probe function in the drivers/media/usb/b2c2/flexcop-usb.c driver. | ||||