Vulnerabilities (CVE)

Filtered by CWE-119
Total 11607 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-16585 3 Artifex, Canonical, Debian 3 Ghostscript, Ubuntu Linux, Debian Linux 2024-08-05 6.8 MEDIUM 7.8 HIGH
An issue was discovered in Artifex Ghostscript before 9.24. The .setdistillerkeys PostScript command is accepted even though it is not intended for use during document processing (e.g., after the startup phase). This leads to memory corruption, allowing remote attackers able to supply crafted PostScript to crash the interpreter or possibly have unspecified other impact. Note: A reputable source believes that the CVE is potentially a duplicate of CVE-2018-15910 as explained in Red Hat bugzilla (https://bugzilla.redhat.com/show_bug.cgi?id=1626193)
CVE-2018-14047 1 Pngwriter Project 1 Pngwriter 2024-08-05 4.3 MEDIUM 5.5 MEDIUM
An issue has been found in PNGwriter 0.7.0. It is a SEGV in pngwriter::readfromfile in pngwriter.cc. NOTE: there is a "Warning: PNGwriter was never designed for reading untrusted files with it. Do NOT use this in sensitive environments, especially DO NOT read PNGs from unknown sources with it!" statement in the master/README.md file
CVE-2018-12422 1 Gnome 1 Evolution 2024-08-05 7.5 HIGH 9.8 CRITICAL
addressbook/backends/ldap/e-book-backend-ldap.c in Evolution-Data-Server in GNOME Evolution through 3.29.2 might allow attackers to trigger a Buffer Overflow via a long query that is processed by the strcat function. NOTE: the software maintainer disputes this because "the code had computed the required string length first, and then allocated a large-enough buffer on the heap.
CVE-2019-1010022 1 Gnu 1 Glibc 2024-08-05 7.5 HIGH 9.8 CRITICAL
GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat.
CVE-2019-9675 3 Canonical, Opensuse, Php 3 Ubuntu Linux, Leap, Php 2024-08-04 6.8 MEDIUM 8.1 HIGH
An issue was discovered in PHP 7.x before 7.1.27 and 7.3.x before 7.3.3. phar_tar_writeheaders_int in ext/phar/tar.c has a buffer overflow via a long link value. NOTE: The vendor indicates that the link value is used only when an archive contains a symlink, which currently cannot happen: "This issue allows theoretical compromise of security, but a practical attack is usually impossible.
CVE-2022-35911 1 Patlite 4 Nhl-fb2, Nhl-fb2 Firmware, Nhp-fb2 and 1 more 2024-08-03 N/A 7.5 HIGH
On Patlite NH-FB series devices through 1.46, remote attackers can cause a denial of service by omitting the query string. NOTE: the vendor's perspective is that "omitting the query string does not cause a denial of service and the indicated event can not be reproduced.
CVE-2022-4603 1 Samba 1 Ppp 2024-08-03 N/A 6.5 MEDIUM
A vulnerability classified as problematic has been found in ppp. Affected is the function dumpppp of the file pppdump/pppdump.c of the component pppdump. The manipulation of the argument spkt.buf/rpkt.buf leads to improper validation of array index. The real existence of this vulnerability is still doubted at the moment. The name of the patch is a75fb7b198eed50d769c80c36629f38346882cbf. It is recommended to apply a patch to fix this issue. VDB-216198 is the identifier assigned to this vulnerability. NOTE: pppdump is not used in normal process of setting up a PPP connection, is not installed setuid-root, and is not invoked automatically in any scenario.
CVE-2023-39615 1 Xmlsoft 1 Libxml2 2024-08-02 N/A 6.5 MEDIUM
Xmlsoft Libxml2 v2.11.0 was discovered to contain an out-of-bounds read via the xmlSAX2StartElement() function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted XML file. NOTE: the vendor's position is that the product does not support the legacy SAX1 interface with custom callbacks; there is a crash even without crafted input.
CVE-2024-22080 2024-08-02 N/A 9.8 CRITICAL
An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. Unauthenticated memory corruption can occur during XML body parsing.
CVE-2023-4234 2024-08-02 N/A 8.1 HIGH
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_submit_report() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound check for this memcpy length in decode_submit(), but it was forgotten in decode_submit_report().
CVE-1999-0069 1 Sun 1 Sunos 2024-08-01 7.2 HIGH 8.4 HIGH
Solaris ufsrestore buffer overflow.
CVE-1999-1588 1 Sun 1 Solaris 2024-08-01 10.0 HIGH 9.8 CRITICAL
Buffer overflow in nlps_server in Sun Solaris x86 2.4, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code as root via a long string beginning with "NLPS:002:002:" to the listen (aka System V listener) port, TCP port 2766.
CVE-2024-6236 2024-08-01 N/A N/A
Denial of Service in NetScaler Console (formerly NetScaler ADM), NetScaler Agent, and NetScaler SDX
CVE-2024-37676 2024-08-01 N/A 8.4 HIGH
An issue in htop-dev htop v.2.20 allows a local attacker to cause an out-of-bounds access in the Header_populateFromSettings function.
CVE-2024-36434 2024-08-01 N/A 7.5 HIGH
An SMM callout vulnerability was discovered in Supermicro X11DPH-T, X11DPH-Tq, and X11DPH-i motherboards with BIOS firmware before 4.4.
CVE-2024-36433 2024-08-01 N/A 7.5 HIGH
An arbitrary memory write vulnerability was discovered in Supermicro X11DPH-T, X11DPH-Tq, and X11DPH-i motherboards with BIOS firmware before 4.4.
CVE-2021-33742 1 Microsoft 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more 2024-07-29 6.8 MEDIUM 7.5 HIGH
Windows MSHTML Platform Remote Code Execution Vulnerability
CVE-2021-33771 1 Microsoft 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more 2024-07-26 7.2 HIGH 7.8 HIGH
Windows Kernel Elevation of Privilege Vulnerability
CVE-2021-31979 1 Microsoft 17 Windows 10, Windows 10 1507, Windows 10 1607 and 14 more 2024-07-26 7.2 HIGH 7.8 HIGH
Windows Kernel Elevation of Privilege Vulnerability
CVE-2024-1023 2024-07-25 N/A 6.5 MEDIUM
A vulnerability in the Eclipse Vert.x toolkit results in a memory leak due to using Netty FastThreadLocal data structures. Specifically, when the Vert.x HTTP client establishes connections to different hosts, triggering the memory leak. The leak can be accelerated with intimate runtime knowledge, allowing an attacker to exploit this vulnerability. For instance, a server accepting arbitrary internet addresses could serve as an attack vector by connecting to these addresses, thereby accelerating the memory leak.