Total
10982 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-17013 | 1 Mozilla | 1 Firefox | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Mozilla developers reported memory safety bugs present in Firefox 70. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 71. | |||||
| CVE-2019-17012 | 3 Canonical, Mozilla, Opensuse | 5 Ubuntu Linux, Firefox, Firefox Esr and 2 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Mozilla developers reported memory safety bugs present in Firefox 70 and Firefox ESR 68.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71. | |||||
| CVE-2019-17005 | 3 Canonical, Mozilla, Opensuse | 5 Ubuntu Linux, Firefox, Firefox Esr and 2 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The plain text serializer used a fixed-size array for the number of <ol> elements it could process; however it was possible to overflow the static-sized array leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71. | |||||
| CVE-2019-16928 | 4 Canonical, Debian, Exim and 1 more | 4 Ubuntu Linux, Debian Linux, Exim and 1 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command. | |||||
| CVE-2019-16927 | 1 Glyphandcog | 1 Xpdf | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Xpdf 4.01.01 has an out-of-bounds write in the vertProfile part of the TextPage::findGaps function in TextOutputDev.cc, a different vulnerability than CVE-2019-9877. | |||||
| CVE-2019-16747 | 1 Matrixssl | 1 Matrixssl | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In MatrixSSL before 4.2.2 Open, the DTLS server can encounter an invalid pointer free (leading to memory corruption and a daemon crash) via a crafted incoming network message, a different vulnerability than CVE-2019-14431. | |||||
| CVE-2019-16736 | 2 Petwant, Skymee | 4 Pf-103, Pf-103 Firmware, Petalk Ai and 1 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| A stack-based buffer overflow in processCommandUploadSnapshot in libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to cause denial of service or run arbitrary code as the root user. | |||||
| CVE-2019-16735 | 2 Petwant, Skymee | 4 Pf-103, Pf-103 Firmware, Petalk Ai and 1 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| A stack-based buffer overflow in processCommandUploadLog in libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to cause denial of service or run arbitrary code as the root user. | |||||
| CVE-2019-16535 | 1 Yandex | 1 Clickhouse | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| In all versions of ClickHouse before 19.14, an OOB read, OOB write and integer underflow in decompression algorithms can be used to achieve RCE or DoS via native protocol. | |||||
| CVE-2019-16470 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2024-11-21 | N/A | 7.8 HIGH |
| Adobe Acrobat Reader versions 2019.021.20056 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2019-16454 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
| CVE-2019-16451 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
| CVE-2019-16450 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
| CVE-2019-16395 | 1 Gnucobol Project | 1 Gnucobol | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| GnuCOBOL 2.2 has a stack-based buffer overflow in the cb_name() function in cobc/tree.c via crafted COBOL source code. | |||||
| CVE-2019-16366 | 1 Moddable | 2 Moddable, Xs | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| In XS 9.0.0 in Moddable SDK OS180329, there is a heap-based buffer overflow in fxBeginHost in xsAPI.c when called from fxRunDefine in xsRun.c, as demonstrated by crafted JavaScript code to xst. | |||||
| CVE-2019-16352 | 1 Rockcarry | 1 Ffjpeg | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| ffjpeg before 2019-08-21 has a heap-based buffer overflow in jfif_load() at jfif.c. | |||||
| CVE-2019-16347 | 1 Miniupnp Project | 1 Ngiflib | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| ngiflib 0.4 has a heap-based buffer overflow in WritePixels() in ngiflib.c when called from DecodeGifImg, because deinterlacing for small pictures is mishandled. | |||||
| CVE-2019-16346 | 1 Miniupnp Project | 1 Ngiflib | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| ngiflib 0.4 has a heap-based buffer overflow in WritePixel() in ngiflib.c when called from DecodeGifImg, because deinterlacing for small pictures is mishandled. | |||||
| CVE-2019-16294 | 2 Notepad-plus-plus, Scintilla | 2 Notepad\+\+, Scintilla | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| SciLexer.dll in Scintilla in Notepad++ (x64) before 7.7 allows remote code execution or denial of service via Unicode characters in a crafted .ml file. | |||||
| CVE-2019-16277 | 1 Picoc Project | 1 Picoc | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| PicoC 2.1 has a heap-based buffer overflow in StringStrcpy in cstdlib/string.c when called from ExpressionParseFunctionCall in expression.c. | |||||