Total
7175 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-15550 | 1 Simdjson Project | 1 Simdjson | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the simd-json crate before 0.1.15 for Rust. There is an out-of-bounds read and an incorrect crossing of a page boundary. | |||||
| CVE-2019-15531 | 3 Debian, Fedoraproject, Gnu | 3 Debian Linux, Fedora, Libextractor | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| GNU Libextractor through 1.9 has a heap-based buffer over-read in the function EXTRACTOR_dvi_extract_method in plugins/dvi_extractor.c. | |||||
| CVE-2019-15505 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| drivers/media/usb/dvb-usb/technisat-usb2.c in the Linux kernel through 5.2.9 has an out-of-bounds read via crafted USB device traffic (which may be remote via usbip or usbredir). | |||||
| CVE-2019-15167 | 1 Tcpdump | 1 Tcpdump | 2024-11-21 | N/A | 9.1 CRITICAL |
| The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 3, a different vulnerability than CVE-2018-14463. | |||||
| CVE-2019-15147 | 1 Gopro | 1 Gpmf-parser | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| GoPro GPMF-parser 1.2.2 has an out-of-bounds read and SEGV in GPMF_Next in GPMF_parser.c. | |||||
| CVE-2019-15146 | 1 Gopro | 1 Gpmf-parser | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| GoPro GPMF-parser 1.2.2 has a heap-based buffer over-read (4 bytes) in GPMF_Next in GPMF_parser.c. | |||||
| CVE-2019-15145 | 5 Canonical, Debian, Djvulibre Project and 2 more | 5 Ubuntu Linux, Debian Linux, Djvulibre and 2 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| DjVuLibre 3.5.27 allows attackers to cause a denial-of-service attack (application crash via an out-of-bounds read) by crafting a corrupted JB2 image file that is mishandled in JB2Dict::JB2Codec::get_direct_context in libdjvu/JB2Image.h because of a missing zero-bytes check in libdjvu/GBitmap.h. | |||||
| CVE-2019-15142 | 5 Canonical, Debian, Djvulibre Project and 2 more | 5 Ubuntu Linux, Debian Linux, Djvulibre and 2 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| In DjVuLibre 3.5.27, DjVmDir.cpp in the DJVU reader component allows attackers to cause a denial-of-service (application crash in GStringRep::strdup in libdjvu/GString.cpp caused by a heap-based buffer over-read) by crafting a DJVU file. | |||||
| CVE-2019-15141 | 2 Imagemagick, Opensuse | 2 Imagemagick, Leap | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| WriteTIFFImage in coders/tiff.c in ImageMagick 7.0.8-43 Q16 allows attackers to cause a denial-of-service (application crash resulting from a heap-based buffer over-read) via a crafted TIFF image file, related to TIFFRewriteDirectory, TIFFWriteDirectory, TIFFWriteDirectorySec, and TIFFWriteDirectoryTagColormap in tif_dirwrite.c of LibTIFF. NOTE: this occurs because of an incomplete fix for CVE-2019-11597. | |||||
| CVE-2019-15139 | 1 Imagemagick | 1 Imagemagick | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| The XWD image (X Window System window dumping file) parsing component in ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (application crash resulting from an out-of-bounds Read) in ReadXWDImage in coders/xwd.c by crafting a corrupted XWD image file, a different vulnerability than CVE-2019-11472. | |||||
| CVE-2019-15090 | 3 Canonical, Linux, Opensuse | 3 Ubuntu Linux, Linux Kernel, Leap | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
| An issue was discovered in drivers/scsi/qedi/qedi_dbg.c in the Linux kernel before 5.1.12. In the qedi_dbg_* family of functions, there is an out-of-bounds read. | |||||
| CVE-2019-15058 | 1 Stb Project | 1 Stb | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| stb_image.h (aka the stb image loader) 2.23 has a heap-based buffer over-read in stbi__tga_load, leading to Information Disclosure or Denial of Service. | |||||
| CVE-2019-15050 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the AP4_AvccAtom class at Core/Ap4AvccAtom.cpp. | |||||
| CVE-2019-15049 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the AP4_Dec3Atom class at Core/Ap4Dec3Atom.cpp. | |||||
| CVE-2019-15047 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the function AP4_BitReader::SkipBits at Core/Ap4Utils.cpp. | |||||
| CVE-2019-15026 | 1 Memcached | 1 Memcached | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| memcached 1.5.16, when UNIX sockets are used, has a stack-based buffer over-read in conn_to_str in memcached.c. | |||||
| CVE-2019-14975 | 1 Artifex | 1 Mupdf | 2024-11-21 | 5.8 MEDIUM | 7.1 HIGH |
| Artifex MuPDF before 1.16.0 has a heap-based buffer over-read in fz_chartorune in fitz/string.c because pdf/pdf-op-filter.c does not check for a missing string. | |||||
| CVE-2019-14906 | 2 Libsdl, Redhat | 2 Simple Directmedia Layer, Enterprise Linux | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A flaw was found with the RHSA-2019:3950 erratum, where it did not fix the CVE-2019-13616 SDL vulnerability. This issue only affects Red Hat SDL packages, SDL versions through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow flaw while copying an existing surface into a new optimized one, due to a lack of validation while loading a BMP image, is possible. An application that uses SDL to parse untrusted input files may be vulnerable to this flaw, which could allow an attacker to make the application crash or execute code. | |||||
| CVE-2019-14776 | 2 Debian, Videolan | 2 Debian Linux, Vlc Media Player | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A heap-based buffer over-read exists in DemuxInit() in demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1 via a crafted .mkv file. | |||||
| CVE-2019-14574 | 2 Intel, Netapp | 6 Graphics Driver, Cloud Backup, Data Availability Services and 3 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Out of bounds read in a subsystem for Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable denial of service via local access. | |||||