Total
2592 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-17518 | 1 Dialog-semiconductor | 5 Da14680, Da14681, Da14682 and 2 more | 2024-11-21 | 6.1 MEDIUM | 6.5 MEDIUM |
| The Bluetooth Low Energy implementation on Dialog Semiconductor SDK through 1.0.14.1081 for DA1468x devices responds to link layer packets with a payload length larger than expected, allowing attackers in radio range to cause a buffer overflow via a crafted packet. This affects, for example, August Smart Lock. | |||||
| CVE-2019-17517 | 1 Dialog-semiconductor | 5 Da14580, Da14581, Da14582 and 2 more | 2024-11-21 | 6.1 MEDIUM | 5.7 MEDIUM |
| The Bluetooth Low Energy implementation on Dialog Semiconductor SDK through 5.0.4 for DA14580/1/2/3 devices does not properly restrict the L2CAP payload length, allowing attackers in radio range to cause a buffer overflow via a crafted Link Layer packet. | |||||
| CVE-2019-17415 | 1 Upredsun | 1 File Sharing Wizard | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A Structured Exception Handler (SEH) based buffer overflow in File Sharing Wizard 1.5.0 26-8-2008 allows remote unauthenticated attackers to execute arbitrary code via the HTTP DELETE method, a similar issue to CVE-2019-16724 and CVE-2010-2331. | |||||
| CVE-2019-17402 | 3 Canonical, Debian, Exiv2 | 3 Ubuntu Linux, Debian Linux, Exiv2 | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in crwimage_int.cpp, because there is no validation of the relationship of the total size to the offset and size. | |||||
| CVE-2019-17320 | 1 Netsarang | 1 Xftp | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| NetSarang XFTP Client 6.0149 and earlier version contains a buffer overflow vulnerability caused by improper boundary checks when copying file name from an attacker controlled FTP server. That leads attacker to execute arbitrary code by sending a crafted filename. | |||||
| CVE-2019-17247 | 1 Irfanview | 1 Irfanview | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| IrfanView 4.53 allows Data from a Faulting Address to control a subsequent Write Address starting at JPEG_LS+0x0000000000007da8. | |||||
| CVE-2019-17244 | 1 Irfanview | 1 Irfanview | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| IrfanView 4.53 allows Data from a Faulting Address to control Code Flow starting at JPEG_LS+0x0000000000001d8a. | |||||
| CVE-2019-17243 | 1 Irfanview | 1 Irfanview | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| IrfanView 4.53 allows Data from a Faulting Address to control Code Flow starting at JPEG_LS+0x0000000000003155. | |||||
| CVE-2019-17181 | 1 Intrasrv Project | 1 Intrasrv | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| A remote SEH buffer overflow has been discovered in IntraSrv 1.0 (2007-06-03). An attacker may send a crafted HTTP GET or HEAD request that can result in a compromise of the hosting system. | |||||
| CVE-2019-17147 | 1 Tp-link | 2 Tl-wr841n, Tl-wr841n Firmware | 2024-11-21 | 9.3 HIGH | 8.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-LINK TL-WR841N routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 80 by default. When parsing the Host request header, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length static buffer. An attacker can leverage this vulnerability to execute code in the context of the admin user. Was ZDI-CAN-8457. | |||||
| CVE-2019-17133 | 4 Canonical, Debian, Linux and 1 more | 4 Ubuntu Linux, Debian Linux, Linux Kernel and 1 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow. | |||||
| CVE-2019-17113 | 1 Openmpt | 1 Libopenmpt | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| In libopenmpt before 0.3.19 and 0.4.x before 0.4.9, ModPlug_InstrumentName and ModPlug_SampleName in libopenmpt_modplug.c do not restrict the lengths of libmodplug output-buffer strings in the C API, leading to a buffer overflow. | |||||
| CVE-2019-17061 | 1 Cypress | 2 Psoc 4, Psoc 4 Ble | 2024-11-21 | 6.1 MEDIUM | 6.5 MEDIUM |
| The Bluetooth Low Energy (BLE) stack implementation on Cypress PSoC 4 through 3.62 devices does not properly restrict the BLE Link Layer header and executes certain memory contents upon receiving a packet with a Link Layer ID (LLID) equal to zero. This allows attackers within radio range to cause deadlocks, cause anomalous behavior in the BLE state machine, or trigger a buffer overflow via a crafted BLE Link Layer frame. | |||||
| CVE-2019-17060 | 1 Nxp | 9 Kw31z, Kw34, Kw35 and 6 more | 2024-11-21 | 6.1 MEDIUM | 6.5 MEDIUM |
| The Bluetooth Low Energy (BLE) stack implementation on the NXP KW41Z (based on the MCUXpresso SDK with Bluetooth Low Energy Driver 2.2.1 and earlier) does not properly restrict the BLE Link Layer header and executes certain memory contents upon receiving a packet with a Link Layer ID (LLID) equal to zero. This allows attackers within radio range to cause deadlocks, cause anomalous behavior in the BLE state machine, or trigger a buffer overflow via a crafted BLE Link Layer frame. | |||||
| CVE-2019-16887 | 1 Irfanview | 1 Irfanview | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| In IrfanView 4.53, Data from a Faulting Address controls a subsequent Write Address starting at image00400000+0x000000000001dcfc. | |||||
| CVE-2019-16746 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not check the length of variable elements in a beacon head, leading to a buffer overflow. | |||||
| CVE-2019-16724 | 1 Upredsun | 1 File Sharing Wizard | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| File Sharing Wizard 1.5.0 allows a remote attacker to obtain arbitrary code execution by exploiting a Structured Exception Handler (SEH) based buffer overflow in an HTTP POST parameter, a similar issue to CVE-2010-2330 and CVE-2010-2331. | |||||
| CVE-2019-16702 | 1 Integard Pro Project | 1 Integard Pro | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Integard Pro 2.2.0.9026 allows remote attackers to execute arbitrary code via a buffer overflow involving a long NoJs parameter to the /LoginAdmin URI. | |||||
| CVE-2019-16336 | 1 Cypress | 2 Cybl11573, Cyble-416045 | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
| The Bluetooth Low Energy implementation in Cypress PSoC 4 BLE component 3.61 and earlier processes data channel frames with a payload length larger than the configured link layer maximum RX payload size, which allows attackers (in radio range) to cause a denial of service (crash) via a crafted BLE Link Layer frame. | |||||
| CVE-2019-16240 | 1 Hp | 88 Officejet Pro 8210 D9l63a, Officejet Pro 8210 D9l63a Firmware, Officejet Pro 8210 D9l64a and 85 more | 2024-11-21 | 5.8 MEDIUM | 9.1 CRITICAL |
| A Buffer Overflow and Information Disclosure issue exists in HP OfficeJet Pro Printers before 001.1937C, and HP PageWide Managed Printers and HP PageWide Pro Printers before 001.1937D exists; A maliciously crafted print file might cause certain HP Inkjet printers to assert. Under certain circumstances, the printer produces a core dump to a local device. | |||||