Total
12747 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2019-17012 | 4 Canonical, Mozilla, Opensuse and 1 more | 7 Ubuntu Linux, Firefox, Firefox Esr and 4 more | 2024-11-21 | 8.8 High |
Mozilla developers reported memory safety bugs present in Firefox 70 and Firefox ESR 68.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71. | ||||
CVE-2019-17005 | 4 Canonical, Mozilla, Opensuse and 1 more | 7 Ubuntu Linux, Firefox, Firefox Esr and 4 more | 2024-11-21 | 8.8 High |
The plain text serializer used a fixed-size array for the number of <ol> elements it could process; however it was possible to overflow the static-sized array leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71. | ||||
CVE-2019-16927 | 1 Glyphandcog | 1 Xpdf | 2024-11-21 | 5.5 Medium |
Xpdf 4.01.01 has an out-of-bounds write in the vertProfile part of the TextPage::findGaps function in TextOutputDev.cc, a different vulnerability than CVE-2019-9877. | ||||
CVE-2019-16747 | 1 Matrixssl | 1 Matrixssl | 2024-11-21 | 7.5 High |
In MatrixSSL before 4.2.2 Open, the DTLS server can encounter an invalid pointer free (leading to memory corruption and a daemon crash) via a crafted incoming network message, a different vulnerability than CVE-2019-14431. | ||||
CVE-2019-16736 | 2 Petwant, Skymee | 4 Pf-103, Pf-103 Firmware, Petalk Ai and 1 more | 2024-11-21 | 9.8 Critical |
A stack-based buffer overflow in processCommandUploadSnapshot in libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to cause denial of service or run arbitrary code as the root user. | ||||
CVE-2019-16735 | 2 Petwant, Skymee | 4 Pf-103, Pf-103 Firmware, Petalk Ai and 1 more | 2024-11-21 | 9.8 Critical |
A stack-based buffer overflow in processCommandUploadLog in libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to cause denial of service or run arbitrary code as the root user. | ||||
CVE-2019-16470 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2024-11-21 | 7.8 High |
Adobe Acrobat Reader versions 2019.021.20056 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
CVE-2019-16454 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2024-11-21 | 9.8 Critical |
Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . | ||||
CVE-2019-16451 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2024-11-21 | 9.8 Critical |
Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution . | ||||
CVE-2019-16450 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2024-11-21 | 9.8 Critical |
Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . | ||||
CVE-2019-16395 | 1 Gnucobol Project | 1 Gnucobol | 2024-11-21 | 7.8 High |
GnuCOBOL 2.2 has a stack-based buffer overflow in the cb_name() function in cobc/tree.c via crafted COBOL source code. | ||||
CVE-2019-16366 | 1 Moddable | 2 Moddable, Xs | 2024-11-21 | 9.8 Critical |
In XS 9.0.0 in Moddable SDK OS180329, there is a heap-based buffer overflow in fxBeginHost in xsAPI.c when called from fxRunDefine in xsRun.c, as demonstrated by crafted JavaScript code to xst. | ||||
CVE-2019-16352 | 1 Rockcarry | 1 Ffjpeg | 2024-11-21 | 6.5 Medium |
ffjpeg before 2019-08-21 has a heap-based buffer overflow in jfif_load() at jfif.c. | ||||
CVE-2019-16347 | 1 Miniupnp Project | 1 Ngiflib | 2024-11-21 | 8.8 High |
ngiflib 0.4 has a heap-based buffer overflow in WritePixels() in ngiflib.c when called from DecodeGifImg, because deinterlacing for small pictures is mishandled. | ||||
CVE-2019-16346 | 1 Miniupnp Project | 1 Ngiflib | 2024-11-21 | 8.8 High |
ngiflib 0.4 has a heap-based buffer overflow in WritePixel() in ngiflib.c when called from DecodeGifImg, because deinterlacing for small pictures is mishandled. | ||||
CVE-2019-16294 | 2 Notepad-plus-plus, Scintilla | 2 Notepad\+\+, Scintilla | 2024-11-21 | 7.8 High |
SciLexer.dll in Scintilla in Notepad++ (x64) before 7.7 allows remote code execution or denial of service via Unicode characters in a crafted .ml file. | ||||
CVE-2019-16277 | 1 Picoc Project | 1 Picoc | 2024-11-21 | 7.8 High |
PicoC 2.1 has a heap-based buffer overflow in StringStrcpy in cstdlib/string.c when called from ExpressionParseFunctionCall in expression.c. | ||||
CVE-2019-16265 | 1 Codesys | 2 Codesys, Eni Server | 2024-11-21 | 9.8 Critical |
CODESYS V2.3 ENI server up to V3.2.2.24 has a Buffer Overflow. | ||||
CVE-2019-16227 | 1 Py-lmdb Project | 1 Py-lmdb | 2024-11-21 | 9.8 Critical |
An issue was discovered in py-lmdb 0.97. For certain values of mn_flags, mdb_cursor_set triggers a memcpy with an invalid write operation within mdb_xcursor_init1. NOTE: this outcome occurs when accessing a data.mdb file supplied by an attacker. | ||||
CVE-2019-16226 | 1 Py-lmdb Project | 1 Py-lmdb | 2024-11-21 | 7.5 High |
An issue was discovered in py-lmdb 0.97. mdb_node_del does not validate a memmove in the case of an unexpected node->mn_hi, leading to an invalid write operation. NOTE: this outcome occurs when accessing a data.mdb file supplied by an attacker. |