Total
6585 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-20630 | 1 Gpac | 1 Gpac | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box. It contains a heap-based buffer over-read in BS_ReadByte (called from gf_bs_read_bit) in utils/bitstream.c that can cause a denial of service via a crafted MP4 file. | |||||
| CVE-2019-20629 | 1 Gpac | 1 Gpac | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box. It contains a heap-based buffer over-read in gf_m2ts_process_pmt in media_tools/mpegts.c that can cause a denial of service via a crafted MP4 file. | |||||
| CVE-2019-20549 | 2 Broadcom, Google | 11 Bcm43162, Bcm43224, Bcm4323 and 8 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Broadcom chipsets) software. A heap out-of-bounds access can occur during LE Packet reception in Broadcom Bluetooth. The Samsung ID is SVE-2019-15724 (November 2019). | |||||
| CVE-2019-20540 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos chipsets) software. There is a buffer over-read and possible information leak in the core touch screen driver. The Samsung ID is SVE-2019-14942 (November 2019). | |||||
| CVE-2019-20539 | 1 Google | 1 Android | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Broadcom chipsets) software. An out-of-bounds Read in the Wi-Fi vendor command leads to an information leak. The Samsung ID is SVE-2019-14869 (November 2019). | |||||
| CVE-2019-20531 | 1 Google | 1 Android | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
| An issue was discovered on Samsung mobile devices with P(9.0) (Exynos chipsets) software. The Wi-Fi kernel drivers have an out-of-bounds Read. The Samsung IDs are SVE-2019-15692, SVE-2019-15693 (December 2019). | |||||
| CVE-2019-20503 | 3 Canonical, Debian, Usrsctp Project | 3 Ubuntu Linux, Debian Linux, Usrsctp | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| usrsctp before 2019-12-20 has out-of-bounds reads in sctp_load_addresses_from_init. | |||||
| CVE-2019-20454 | 3 Fedoraproject, Pcre, Splunk | 3 Fedora, Pcre2, Universal Forwarder | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An out-of-bounds read was discovered in PCRE before 10.34 when the pattern \X is JIT compiled and used to match specially crafted subjects in non-UTF mode. Applications that use PCRE to parse untrusted input may be vulnerable to this flaw, which would allow an attacker to crash the application. The flaw occurs in do_extuni_no_utf in pcre2_jit_compile.c. | |||||
| CVE-2019-20433 | 1 Gnu | 1 Aspell | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| libaspell.a in GNU Aspell before 0.60.8 has a buffer over-read for a string ending with a single '\0' byte, if the encoding is set to ucs-2 or ucs-4 outside of the application, as demonstrated by the ASPELL_CONF environment variable. | |||||
| CVE-2019-20429 | 1 Lustre | 1 Lustre | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds read and panic (via a modified lm_bufcount field) due to the lack of validation for specific fields of packets sent by a client. This is caused by interaction between sptlrpc_svc_unwrap_request and lustre_msg_hdr_size_v2. | |||||
| CVE-2019-20428 | 1 Lustre | 1 Lustre | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds read and panic due to the lack of validation for specific fields of packets sent by a client. The ldl_request_cancel function mishandles a large lock_count parameter. | |||||
| CVE-2019-20387 | 2 Debian, Opensuse | 2 Debian Linux, Libsolv | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| repodata_schema2id in repodata.c in libsolv before 0.7.6 has a heap-based buffer over-read via a last schema whose length is less than the length of the input schema. | |||||
| CVE-2019-20367 | 4 Canonical, Debian, Freedesktop and 1 more | 4 Ubuntu Linux, Debian Linux, Libbsd and 1 more | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| nlist.c in libbsd before 0.10.0 has an out-of-bounds read during a comparison for a symbol name from the string table (strtab). | |||||
| CVE-2019-20352 | 1 Nasm | 1 Netwide Assembler | 2024-11-21 | 5.8 MEDIUM | 7.1 HIGH |
| In Netwide Assembler (NASM) 2.15rc0, a heap-based buffer over-read occurs (via a crafted .asm file) in set_text_free when called from expand_one_smacro in asm/preproc.c. | |||||
| CVE-2019-20219 | 1 Miniupnp Project | 1 Ngiflib | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| ngiflib 0.4 has a heap-based buffer over-read in GifIndexToTrueColor in ngiflib.c. | |||||
| CVE-2019-20200 | 1 Ezxml Project | 1 Ezxml | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_decode, while parsing crafted a XML file, performs incorrect memory handling, leading to a heap-based buffer over-read in the "normalize line endings" feature. | |||||
| CVE-2019-20199 | 1 Ezxml Project | 1 Ezxml | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_decode, while parsing a crafted XML file, performs incorrect memory handling, leading to NULL pointer dereference while running strlen() on a NULL pointer. | |||||
| CVE-2019-20089 | 1 Gopro | 1 Gpmf-parser | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| GoPro GPMF-parser 1.2.3 has an heap-based buffer over-read in GPMF_SeekToSamples in GPMF_parse.c for the size calculation. | |||||
| CVE-2019-20088 | 1 Gopro | 1 Gpmf-parser | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| GoPro GPMF-parser 1.2.3 has a heap-based buffer over-read in GetPayload in GPMF_mp4reader.c. | |||||
| CVE-2019-20087 | 1 Gopro | 1 Gpmf-parser | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| GoPro GPMF-parser 1.2.3 has a heap-based buffer over-read in GPMF_seekToSamples in GPMF-parse.c for the "matching tags" feature. | |||||