ReportizFlow
Filtered by vendor
Subscriptions
Total
13243 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-25038 | 3 Debian, Nlnetlabs, Redhat | 4 Debian Linux, Unbound, Enterprise Linux and 1 more | 2024-11-21 | 9.8 Critical |
| Unbound before 1.9.5 allows an integer overflow in a size calculation in dnscrypt/dnscrypt.c. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited | ||||
| CVE-2019-25036 | 3 Debian, Nlnetlabs, Redhat | 4 Debian Linux, Unbound, Enterprise Linux and 1 more | 2024-11-21 | 7.5 High |
| Unbound before 1.9.5 allows an assertion failure and denial of service in synth_cname. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited | ||||
| CVE-2019-25035 | 3 Debian, Nlnetlabs, Redhat | 4 Debian Linux, Unbound, Enterprise Linux and 1 more | 2024-11-21 | 9.8 Critical |
| Unbound before 1.9.5 allows an out-of-bounds write in sldns_bget_token_par. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited | ||||
| CVE-2019-25034 | 3 Debian, Nlnetlabs, Redhat | 4 Debian Linux, Unbound, Enterprise Linux and 1 more | 2024-11-21 | 9.8 Critical |
| Unbound before 1.9.5 allows an integer overflow in sldns_str2wire_dname_buf_origin, leading to an out-of-bounds write. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited | ||||
| CVE-2019-25001 | 1 Serde Cbor Project | 1 Serde Cbor | 2024-11-21 | 7.5 High |
| An issue was discovered in the serde_cbor crate before 0.10.2 for Rust. The CBOR deserializer can cause stack consumption via nested semantic tags. | ||||
| CVE-2019-20912 | 1 Gnu | 1 Libredwg | 2024-11-21 | 8.8 High |
| An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a stack overflow in bits.c, possibly related to bit_read_TF. | ||||
| CVE-2019-20840 | 5 Canonical, Debian, Libvnc Project and 2 more | 16 Ubuntu Linux, Debian Linux, Libvncserver and 13 more | 2024-11-21 | 7.5 High |
| An issue was discovered in LibVNCServer before 0.9.13. libvncserver/ws_decode.c can lead to a crash because of unaligned accesses in hybiReadAndDecode. | ||||
| CVE-2019-20830 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2024-11-21 | 9.8 Critical |
| An issue was discovered in Foxit Reader and PhantomPDF before 9.6. It has an out-of-bounds write when Internet Explorer is used. | ||||
| CVE-2019-20827 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2024-11-21 | 9.8 Critical |
| An issue was discovered in Foxit PhantomPDF Mac 3.3 and Foxit Reader for Mac before 3.3. It allows stack consumption because of interaction between ICC-Based color space and Alternate color space. | ||||
| CVE-2019-20825 | 1 Foxitsoftware | 1 Phantompdf | 2024-11-21 | 9.8 Critical |
| An issue was discovered in Foxit PhantomPDF before 8.3.11. It has an out-of-bounds write when Internet Explorer is used. | ||||
| CVE-2019-20822 | 2 Foxitsoftware, Microsoft | 2 3d, Windows | 2024-11-21 | 9.8 Critical |
| An issue was discovered in the 3D Plugin Beta for Foxit Reader and PhantomPDF before 9.7.0.29430. It has an out-of-bounds write via incorrect image data. | ||||
| CVE-2019-20800 | 1 Cherokee-project | 1 Cherokee | 2024-11-21 | 9.8 Critical |
| In Cherokee through 1.2.104, remote attackers can trigger an out-of-bounds write in cherokee_handler_cgi_add_env_pair in handler_cgi.c by sending many request headers, as demonstrated by a GET request with many "Host: 127.0.0.1" headers. | ||||
| CVE-2019-20799 | 1 Cherokee-project | 1 Cherokee | 2024-11-21 | 7.5 High |
| In Cherokee through 1.2.104, multiple memory corruption errors may be used by a remote attacker to destabilize the work of a server. | ||||
| CVE-2019-20797 | 1 Prboom-plus Project | 1 Prboom-plus | 2024-11-21 | 7.5 High |
| An issue was discovered in e6y prboom-plus 2.5.1.5. There is a buffer overflow in client and server code responsible for handling received UDP packets, as demonstrated by I_SendPacket or I_SendPacketTo in i_network.c. | ||||
| CVE-2019-20791 | 1 Google | 1 Openthread | 2024-11-21 | 9.8 Critical |
| OpenThread before 2019-12-13 has a stack-based buffer overflow in MeshCoP::Commissioner::GeneratePskc. | ||||
| CVE-2019-20788 | 5 Canonical, Debian, Libvnc Project and 2 more | 17 Ubuntu Linux, Debian Linux, Libvncserver and 14 more | 2024-11-21 | 9.8 Critical |
| libvncclient/cursor.c in LibVNCServer through 0.9.12 has a HandleCursorShape integer overflow and heap-based buffer overflow via a large height or width value. NOTE: this may overlap CVE-2019-15690. | ||||
| CVE-2019-20767 | 1 Netgear | 20 D3600, D3600 Firmware, D6000 and 17 more | 2024-11-21 | 7.2 High |
| Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.60, D3600 before 1.0.0.75, D6000 before 1.0.0.75, R9000 before 1.0.4.26, R8900 before 1.0.4.26, R7800 before 1.0.2.52, WNDR4500v3 before 1.0.0.58, WNDR4300v2 before 1.0.0.58, WNDR4300 before 1.0.2.104, WNDR3700v4 before 1.0.2.102, and WNR2000v5 before 1.0.0.66. | ||||
| CVE-2019-20766 | 1 Netgear | 2 R7800, R7800 Firmware | 2024-11-21 | 6.8 Medium |
| NETGEAR R7800 devices before 1.0.2.52 are affected by a stack-based buffer overflow by an authenticated user. | ||||
| CVE-2019-20765 | 1 Netgear | 2 R7800, R7800 Firmware | 2024-11-21 | 6.8 Medium |
| NETGEAR R7800 devices before 1.0.2.52 are affected by a stack-based buffer overflow by an authenticated user. | ||||
| CVE-2019-20764 | 1 Netgear | 2 R7800, R7800 Firmware | 2024-11-21 | 6.8 Medium |
| NETGEAR R7800 devices before 1.0.2.52 are affected by a stack-based buffer overflow by an authenticated user. | ||||