Total
12745 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-13221 | 2 Debian, Stb Vorbis Project | 2 Debian Linux, Stb Vorbis | 2024-11-21 | 7.8 High |
| A stack buffer overflow in the compute_codewords function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis file. | ||||
| CVE-2019-13217 | 2 Debian, Stb Vorbis Project | 2 Debian Linux, Stb Vorbis | 2024-11-21 | 7.8 High |
| A heap buffer overflow in the start_decoder function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis file. | ||||
| CVE-2019-13207 | 1 Nlnetlabs | 1 Name Server Daemon | 2024-11-21 | N/A |
| nsd-checkzone in NLnet Labs NSD 4.2.0 has a Stack-based Buffer Overflow in the dname_concatenate() function in dname.c. | ||||
| CVE-2019-13193 | 1 Brother | 600 Ads-2400n, Ads-2400n Firmware, Ads-2800w and 597 more | 2024-11-21 | 8.8 High |
| Some Brother printers (such as the HL-L8360CDW v1.20) were affected by a stack buffer overflow vulnerability as the web server did not parse the cookie value properly. This would allow an attacker to execute arbitrary code on the device. | ||||
| CVE-2019-13192 | 1 Brother | 600 Ads-2400n, Ads-2400n Firmware, Ads-2800w and 597 more | 2024-11-21 | 9.8 Critical |
| Some Brother printers (such as the HL-L8360CDW v1.20) were affected by a heap buffer overflow vulnerability as the IPP service did not parse attribute names properly. This would allow an attacker to execute arbitrary code on the device. | ||||
| CVE-2019-13171 | 1 Xerox | 2 Phaser 3320, Phaser 3320 Firmware | 2024-11-21 | 9.8 Critical |
| Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by one or more stack-based buffer overflow vulnerabilities in the Google Cloud Print implementation that would allow an unauthenticated attacker to execute arbitrary code on the device. This was caused by an insecure handling of the register parameters, because the size used within a memcpy() function, which copied the action value into a local variable, was not checked properly. | ||||
| CVE-2019-13156 | 1 Naver | 1 Cloud Explorer | 2024-11-21 | 7.5 High |
| NDrive(1.2.2).sys in Naver Cloud Explorer has a stack-based buffer overflow, which allows attackers to cause a denial of service when reading data from IOCTL handle. | ||||
| CVE-2019-13132 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2024-11-21 | 9.8 Critical |
| In ZeroMQ libzmq before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.3.2, a remote, unauthenticated client connecting to a libzmq application, running with a socket listening with CURVE encryption/authentication enabled, may cause a stack overflow and overwrite the stack with arbitrary data, due to a buffer overflow in the library. Users running public servers with the above configuration are highly encouraged to upgrade as soon as possible, as there are no known mitigations. | ||||
| CVE-2019-13115 | 5 Debian, F5, Fedoraproject and 2 more | 7 Debian Linux, Traffix Systems Signaling Delivery Controller, Fedora and 4 more | 2024-11-21 | 8.1 High |
| In libssh2 before 1.9.0, kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c has an integer overflow that could lead to an out-of-bounds read in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server. This is related to an _libssh2_check_length mistake, and is different from the various issues fixed in 1.8.1, such as CVE-2019-3855. | ||||
| CVE-2019-13106 | 2 Denx, Opensuse | 2 U-boot, Leap | 2024-11-21 | 7.8 High |
| Das U-Boot versions 2016.09 through 2019.07-rc4 can memset() too much data while reading a crafted ext4 filesystem, which results in a stack buffer overflow and likely code execution. | ||||
| CVE-2019-13104 | 2 Denx, Opensuse | 2 U-boot, Leap | 2024-11-21 | 7.8 High |
| In Das U-Boot versions 2016.11-rc1 through 2019.07-rc4, an underflow can cause memcpy() to overwrite a very large amount of data (including the whole stack) while reading a crafted ext4 filesystem. | ||||
| CVE-2019-13085 | 1 Xnview | 1 Xnview | 2024-11-21 | N/A |
| XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x000000000030ecfa. | ||||
| CVE-2019-13084 | 1 Xnview | 1 Xnview | 2024-11-21 | N/A |
| XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x000000000026b739. | ||||
| CVE-2019-13083 | 1 Xnview | 1 Xnview | 2024-11-21 | N/A |
| XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000000000384e2a. | ||||
| CVE-2019-12951 | 1 Cesanta | 1 Mongoose | 2024-11-21 | N/A |
| An issue was discovered in Mongoose before 6.15. The parse_mqtt() function in mg_mqtt.c has a critical heap-based buffer overflow. | ||||
| CVE-2019-12937 | 1 Toaruos Project | 1 Toaruos | 2024-11-21 | N/A |
| apps/gsudo.c in gsudo in ToaruOS through 1.10.9 has a buffer overflow allowing local privilege escalation to the root user via the DISPLAY environment variable. | ||||
| CVE-2019-12899 | 1 Deltaww | 1 Devicenet Builder | 2024-11-21 | N/A |
| Delta Electronics DeviceNet Builder 2.04 has a User Mode Write AV starting at ntdll!RtlQueueWorkItem+0x00000000000005e3. | ||||
| CVE-2019-12898 | 1 Deltaww | 1 Devicenet Builder | 2024-11-21 | N/A |
| Delta Electronics DeviceNet Builder 2.04 has a User Mode Write AV starting at image00400000+0x000000000017a45e. | ||||
| CVE-2019-12896 | 1 Edrawsoft | 1 Edraw Max | 2024-11-21 | N/A |
| Edraw Max 7.9.3 has Heap Corruption starting at ntdll!RtlpNtMakeTemporaryKey+0x0000000000001a77. | ||||
| CVE-2019-12895 | 1 Alternate-tools | 1 Alternate Pic View | 2024-11-21 | N/A |
| In Alternate Pic View 2.600, the Exception Handler Chain is Corrupted starting at PicViewer!PerfgrapFinalize+0x00000000000b916d. | ||||