Total
3106 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-18960 | 1 Amazon | 1 Firecracker | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Firecracker vsock implementation buffer overflow in versions 0.18.0 and 0.19.0. This can result in potentially exploitable crashes. | |||||
| CVE-2019-18931 | 1 Western Digital | 2 My Cloud Ex2 Ultra, My Cloud Ex2 Ultra Firmware | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| Western Digital My Cloud EX2 Ultra firmware 2.31.195 allows a Buffer Overflow with Extended Instruction Pointer (EIP) control via crafted GET/POST parameters. | |||||
| CVE-2019-18858 | 1 Codesys | 14 Control For Beaglebone, Control For Empc-a\/imx6, Control For Iot2000 and 11 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| CODESYS 3 web server before 3.5.15.20, as distributed with CODESYS Control runtime systems, has a Buffer Overflow. | |||||
| CVE-2019-18397 | 2 Debian, Gnu | 2 Debian Linux, Fribidi | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A buffer overflow in the fribidi_get_par_embedding_levels_ex() function in lib/fribidi-bidi.c of GNU FriBidi through 1.0.7 allows an attacker to cause a denial of service or possibly execute arbitrary code by delivering crafted text content to a user, when this content is then rendered by an application that uses FriBidi for text layout calculations. Examples include any GNOME or GTK+ based application that uses Pango for text layout, as this internally uses FriBidi for bidirectional text layout. For example, the attacker can construct a crafted text file to be opened in GEdit, or a crafted IRC message to be viewed in HexChat. | |||||
| CVE-2019-17666 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2024-11-21 | 8.3 HIGH | 8.8 HIGH |
| rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow. | |||||
| CVE-2019-17520 | 1 Ti | 2 Cc2640r2, Cc2640r2 Software Development Kit | 2024-11-21 | 6.1 MEDIUM | 6.5 MEDIUM |
| The Bluetooth Low Energy implementation on Texas Instruments SDK through 3.30.00.20 for CC2640R2 devices does not properly restrict the SM Public Key packet on reception, allowing attackers in radio range to cause a denial of service (crash) via crafted packets. | |||||
| CVE-2019-17519 | 1 Nxp | 9 Kw31z, Kw34, Kw35 and 6 more | 2024-11-21 | 5.8 MEDIUM | 8.8 HIGH |
| The Bluetooth Low Energy implementation on NXP SDK through 2.2.1 for KW41Z devices does not properly restrict the Link Layer payload length, allowing attackers in radio range to cause a buffer overflow via a crafted packet. | |||||
| CVE-2019-17518 | 1 Dialog-semiconductor | 5 Da14680, Da14681, Da14682 and 2 more | 2024-11-21 | 6.1 MEDIUM | 6.5 MEDIUM |
| The Bluetooth Low Energy implementation on Dialog Semiconductor SDK through 1.0.14.1081 for DA1468x devices responds to link layer packets with a payload length larger than expected, allowing attackers in radio range to cause a buffer overflow via a crafted packet. This affects, for example, August Smart Lock. | |||||
| CVE-2019-17517 | 1 Dialog-semiconductor | 5 Da14580, Da14581, Da14582 and 2 more | 2024-11-21 | 6.1 MEDIUM | 5.7 MEDIUM |
| The Bluetooth Low Energy implementation on Dialog Semiconductor SDK through 5.0.4 for DA14580/1/2/3 devices does not properly restrict the L2CAP payload length, allowing attackers in radio range to cause a buffer overflow via a crafted Link Layer packet. | |||||
| CVE-2019-17415 | 1 Upredsun | 1 File Sharing Wizard | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A Structured Exception Handler (SEH) based buffer overflow in File Sharing Wizard 1.5.0 26-8-2008 allows remote unauthenticated attackers to execute arbitrary code via the HTTP DELETE method, a similar issue to CVE-2019-16724 and CVE-2010-2331. | |||||
| CVE-2019-17402 | 3 Canonical, Debian, Exiv2 | 3 Ubuntu Linux, Debian Linux, Exiv2 | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in crwimage_int.cpp, because there is no validation of the relationship of the total size to the offset and size. | |||||
| CVE-2019-17320 | 1 Netsarang | 1 Xftp | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| NetSarang XFTP Client 6.0149 and earlier version contains a buffer overflow vulnerability caused by improper boundary checks when copying file name from an attacker controlled FTP server. That leads attacker to execute arbitrary code by sending a crafted filename. | |||||
| CVE-2019-17247 | 1 Irfanview | 1 Irfanview | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| IrfanView 4.53 allows Data from a Faulting Address to control a subsequent Write Address starting at JPEG_LS+0x0000000000007da8. | |||||
| CVE-2019-17244 | 1 Irfanview | 1 Irfanview | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| IrfanView 4.53 allows Data from a Faulting Address to control Code Flow starting at JPEG_LS+0x0000000000001d8a. | |||||
| CVE-2019-17243 | 1 Irfanview | 1 Irfanview | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| IrfanView 4.53 allows Data from a Faulting Address to control Code Flow starting at JPEG_LS+0x0000000000003155. | |||||
| CVE-2019-17181 | 1 Intrasrv Project | 1 Intrasrv | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| A remote SEH buffer overflow has been discovered in IntraSrv 1.0 (2007-06-03). An attacker may send a crafted HTTP GET or HEAD request that can result in a compromise of the hosting system. | |||||
| CVE-2019-17147 | 1 Tp-link | 2 Tl-wr841n, Tl-wr841n Firmware | 2024-11-21 | 9.3 HIGH | 8.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-LINK TL-WR841N routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 80 by default. When parsing the Host request header, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length static buffer. An attacker can leverage this vulnerability to execute code in the context of the admin user. Was ZDI-CAN-8457. | |||||
| CVE-2019-17133 | 4 Canonical, Debian, Linux and 1 more | 4 Ubuntu Linux, Debian Linux, Linux Kernel and 1 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow. | |||||
| CVE-2019-17113 | 1 Openmpt | 1 Libopenmpt | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| In libopenmpt before 0.3.19 and 0.4.x before 0.4.9, ModPlug_InstrumentName and ModPlug_SampleName in libopenmpt_modplug.c do not restrict the lengths of libmodplug output-buffer strings in the C API, leading to a buffer overflow. | |||||
| CVE-2019-17061 | 1 Cypress | 2 Psoc 4, Psoc 4 Ble | 2024-11-21 | 6.1 MEDIUM | 6.5 MEDIUM |
| The Bluetooth Low Energy (BLE) stack implementation on Cypress PSoC 4 through 3.62 devices does not properly restrict the BLE Link Layer header and executes certain memory contents upon receiving a packet with a Link Layer ID (LLID) equal to zero. This allows attackers within radio range to cause deadlocks, cause anomalous behavior in the BLE state machine, or trigger a buffer overflow via a crafted BLE Link Layer frame. | |||||