Total
10975 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-13083 | 1 Xnview | 1 Xnview | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000000000384e2a. | |||||
| CVE-2019-12951 | 1 Cesanta | 1 Mongoose | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Mongoose before 6.15. The parse_mqtt() function in mg_mqtt.c has a critical heap-based buffer overflow. | |||||
| CVE-2019-12937 | 1 Toaruos Project | 1 Toaruos | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| apps/gsudo.c in gsudo in ToaruOS through 1.10.9 has a buffer overflow allowing local privilege escalation to the root user via the DISPLAY environment variable. | |||||
| CVE-2019-12900 | 6 Bzip, Canonical, Debian and 3 more | 6 Bzip2, Ubuntu Linux, Debian Linux and 3 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors. | |||||
| CVE-2019-12899 | 1 Deltaww | 1 Devicenet Builder | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Delta Electronics DeviceNet Builder 2.04 has a User Mode Write AV starting at ntdll!RtlQueueWorkItem+0x00000000000005e3. | |||||
| CVE-2019-12898 | 1 Deltaww | 1 Devicenet Builder | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Delta Electronics DeviceNet Builder 2.04 has a User Mode Write AV starting at image00400000+0x000000000017a45e. | |||||
| CVE-2019-12896 | 1 Edrawsoft | 1 Edraw Max | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Edraw Max 7.9.3 has Heap Corruption starting at ntdll!RtlpNtMakeTemporaryKey+0x0000000000001a77. | |||||
| CVE-2019-12895 | 1 Alternate-tools | 1 Alternate Pic View | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In Alternate Pic View 2.600, the Exception Handler Chain is Corrupted starting at PicViewer!PerfgrapFinalize+0x00000000000b916d. | |||||
| CVE-2019-12893 | 1 Alternate-tools | 1 Alternate Pic View | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Alternate Pic View 2.600 has a User Mode Write AV starting at PicViewer!PerfgrapFinalize+0x00000000000a8868. | |||||
| CVE-2019-12835 | 1 Leanify Project | 1 Leanify | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| formats/xml.cpp in Leanify 0.4.3 allows for a controlled out-of-bounds write in xml_memory_writer::write via characters that require escaping. | |||||
| CVE-2019-12829 | 1 Radare | 1 Radare2 | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| radare2 through 3.5.1 mishandles the RParse API, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact, as demonstrated by newstr buffer overflows during replace operations. This affects libr/asm/asm.c and libr/parse/parse.c. | |||||
| CVE-2019-12827 | 1 Digium | 2 Asterisk, Certified Asterisk | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Buffer overflow in res_pjsip_messaging in Digium Asterisk versions 13.21-cert3, 13.27.0, 15.7.2, 16.4.0 and earlier allows remote authenticated users to crash Asterisk by sending a specially crafted SIP MESSAGE message. | |||||
| CVE-2019-12817 | 6 Canonical, Debian, Fedoraproject and 3 more | 9 Ubuntu Linux, Debian Linux, Fedora and 6 more | 2024-11-21 | 6.9 MEDIUM | 7.0 HIGH |
| arch/powerpc/mm/mmu_context_book3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB. Only a subset of powerpc systems are affected. | |||||
| CVE-2019-12810 | 2 Estsoft, Microsoft | 2 Alsee, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A memory corruption vulnerability exists in the .PSD parsing functionality of ALSee v5.3 ~ v8.39. A specially crafted .PSD file can cause an out of bounds write vulnerability resulting in code execution. By persuading a victim to open a specially-crafted .PSD file, an attacker could execute arbitrary code. | |||||
| CVE-2019-12807 | 2 Estsoft, Microsoft | 2 Alzip, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Alzip 10.83 and earlier version contains a stack-based buffer overflow vulnerability, caused by improper bounds checking during the parsing of crafted ISO archive file format. By persuading a victim to open a specially-crafted ISO archive file, an attacker could execution arbitrary code. | |||||
| CVE-2019-12806 | 2 Crosscert, Microsoft | 2 Unisign, Windows | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| UniSign 2.0.4.0 and earlier version contains a stack-based buffer overflow vulnerability which can overwrite the stack with arbitrary data, due to a buffer overflow in a library. That leads remote attacker to execute arbitrary code via crafted https packets. | |||||
| CVE-2019-12788 | 1 Photodex | 1 Proshow Producer | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in Photodex ProShow Producer v9.0.3797 (an application that runs with Administrator privileges). It is possible to perform a buffer overflow via a crafted file. | |||||
| CVE-2019-12568 | 1 Open Tftp Server Project | 1 Open Tftp Server | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Stack-based overflow vulnerability in the logMess function in Open TFTP Server SP 1.66 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via a long TFTP error packet, a different vulnerability than CVE-2018-10387 and CVE-2019-12567. | |||||
| CVE-2019-12567 | 1 Open Tftp Server Project | 1 Open Tftp Server | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Stack-based overflow vulnerability in the logMess function in Open TFTP Server MT 1.65 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via a long TFTP error packet, a different vulnerability than CVE-2018-10387 and CVE-2019-12568. | |||||
| CVE-2019-12553 | 1 Sweetscape | 1 010 Editor | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| In SweetScape 010 Editor 9.0.1, improper validation of arguments in the internal implementation of the StrCat function (provided by the scripting engine) allows an attacker to overwrite arbitrary memory, which could lead to code execution. | |||||