Total
7175 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-13626 | 4 Debian, Fedoraproject, Libsdl and 1 more | 4 Debian Linux, Fedora, Libsdl and 1 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| SDL (Simple DirectMedia Layer) 2.x through 2.0.9 has a heap-based buffer over-read in Fill_IMA_ADPCM_block, caused by an integer overflow in IMA_ADPCM_decode() in audio/SDL_wave.c. | |||||
| CVE-2019-13618 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In GPAC before 0.8.0, isomedia/isom_read.c in libgpac.a has a heap-based buffer over-read, as demonstrated by a crash in gf_m2ts_sync in media_tools/mpegts.c. | |||||
| CVE-2019-13617 | 1 F5 | 1 Njs | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| njs through 0.3.3, used in NGINX, has a heap-based buffer over-read in nxt_vsprintf in nxt/nxt_sprintf.c during error handling, as demonstrated by an njs_regexp_literal call that leads to an njs_parser_lexer_error call and then an njs_parser_scope_error call. | |||||
| CVE-2019-13616 | 6 Canonical, Debian, Fedoraproject and 3 more | 13 Ubuntu Linux, Debian Linux, Fedora and 10 more | 2024-11-21 | 5.8 MEDIUM | 8.1 HIGH |
| SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c. | |||||
| CVE-2019-13615 | 1 Videolan | 1 Vlc Media Player | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| libebml before 1.3.6, as used in the MKV module in VideoLAN VLC Media Player binaries before 3.0.3, has a heap-based buffer over-read in EbmlElement::FindNextElement. | |||||
| CVE-2019-13513 | 1 Deltaww | 1 Delta Industrial Automation Dopsoft | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| In Delta Industrial Automation DOPSoft, Version 4.00.06.15 and prior, processing a specially crafted project file may trigger multiple out-of-bounds read vulnerabilities, which may allow information disclosure, remote code execution, or crash of the application. | |||||
| CVE-2019-13512 | 1 Fujielectric | 1 Frenic Loader | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
| Fuji Electric FRENIC Loader 3.5.0.0 and prior is vulnerable to an out-of-bounds read vulnerability, which may allow an attacker to read limited information from the device. | |||||
| CVE-2019-13504 | 2 Debian, Exiv2 | 2 Debian Linux, Exiv2 | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| There is an out-of-bounds read in Exiv2::MrwImage::readMetadata in mrwimage.cpp in Exiv2 through 0.27.2. | |||||
| CVE-2019-13503 | 1 Cesanta | 1 Mongoose | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| mq_parse_http in mongoose.c in Mongoose 6.15 has a heap-based buffer over-read. | |||||
| CVE-2019-13470 | 1 Matrixssl | 1 Matrixssl | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| MatrixSSL before 4.2.1 has an out-of-bounds read during ASN.1 handling. | |||||
| CVE-2019-13391 | 1 Imagemagick | 1 Imagemagick | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| In ImageMagick 7.0.8-50 Q16, ComplexImages in MagickCore/fourier.c has a heap-based buffer over-read because of incorrect calls to GetCacheViewVirtualPixels. | |||||
| CVE-2019-13331 | 2 Foxitsoftware, Microsoft | 2 Reader, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPG files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8838. | |||||
| CVE-2019-13326 | 2 Foxitsoftware, Microsoft | 2 Reader, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of fields within Acroform objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8864. | |||||
| CVE-2019-13325 | 2 Foxitsoftware, Microsoft | 2 Foxit Studio Photo, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.909. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of EPS files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8922. | |||||
| CVE-2019-13324 | 2 Foxitsoftware, Microsoft | 2 Foxit Studio Photo, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.909. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of TIFF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8782. | |||||
| CVE-2019-13312 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| block_cmp() in libavcodec/zmbvenc.c in FFmpeg 4.1.3 has a heap-based buffer over-read. | |||||
| CVE-2019-13303 | 2 Imagemagick, Opensuse | 2 Imagemagick, Leap | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read in MagickCore/composite.c in CompositeImage. | |||||
| CVE-2019-13302 | 2 Imagemagick, Opensuse | 2 Imagemagick, Leap | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read in MagickCore/fourier.c in ComplexImages. | |||||
| CVE-2019-13299 | 2 Imagemagick, Opensuse | 2 Imagemagick, Leap | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/pixel-accessor.h in GetPixelChannel. | |||||
| CVE-2019-13297 | 4 Canonical, Debian, Imagemagick and 1 more | 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled. | |||||