Export limit exceeded: 336422 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 20549 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (20549 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-13617 | 1 F5 | 1 Njs | 2024-11-21 | N/A |
| njs through 0.3.3, used in NGINX, has a heap-based buffer over-read in nxt_vsprintf in nxt/nxt_sprintf.c during error handling, as demonstrated by an njs_regexp_literal call that leads to an njs_parser_lexer_error call and then an njs_parser_scope_error call. | ||||
| CVE-2019-13616 | 6 Canonical, Debian, Fedoraproject and 3 more | 14 Ubuntu Linux, Debian Linux, Fedora and 11 more | 2024-11-21 | 8.1 High |
| SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c. | ||||
| CVE-2019-13615 | 1 Videolan | 1 Vlc Media Player | 2024-11-21 | N/A |
| libebml before 1.3.6, as used in the MKV module in VideoLAN VLC Media Player binaries before 3.0.3, has a heap-based buffer over-read in EbmlElement::FindNextElement. | ||||
| CVE-2019-13566 | 1 Ros | 1 Ros-comm | 2024-11-21 | 9.8 Critical |
| An issue was discovered in the ROS communications-related packages (aka ros_comm or ros-melodic-ros-comm) through 1.14.3. A buffer overflow allows attackers to cause a denial of service and possibly execute arbitrary code via an IP address with a long hostname. | ||||
| CVE-2019-13556 | 1 Advantech | 1 Webaccess | 2024-11-21 | 8.8 High |
| In WebAccess versions 8.4.1 and prior, multiple stack-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution. | ||||
| CVE-2019-13548 | 1 Codesys | 13 Control For Beaglebone, Control For Empc-a\/imx6, Control For Iot2000 and 10 more | 2024-11-21 | 9.8 Critical |
| CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which could cause a stack overflow and create a denial-of-service condition or allow remote code execution. | ||||
| CVE-2019-13540 | 1 Deltaww | 1 Tpeditor | 2024-11-21 | 7.8 High |
| Delta Electronics TPEditor, Versions 1.94 and prior. Multiple stack-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, which may allow an attacker to remotely execute arbitrary code. | ||||
| CVE-2019-13537 | 1 Aveva | 2 Iec870ip, Iec870ip Firmware | 2024-11-21 | 7.5 High |
| The IEC870IP driver for AVEVA’s Vijeo Citect and Citect SCADA and Schneider Electric’s Power SCADA Operation has a buffer overflow vulnerability that could result in a server-side crash. | ||||
| CVE-2019-13536 | 1 Deltaww | 1 Tpeditor | 2024-11-21 | 7.8 High |
| Delta Electronics TPEditor, Versions 1.94 and prior. Multiple heap-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, which may allow an attacker to remotely execute arbitrary code. | ||||
| CVE-2019-13520 | 1 Fujielectric | 2 Alpha5 Smart Loader, Alpha5 Smart Loader Firmware | 2024-11-21 | 7.8 High |
| Multiple buffer overflow issues have been identified in Alpha5 Smart Loader: All versions prior to 4.2. An attacker could use specially crafted project files to overflow the buffer and execute code under the privileges of the application. | ||||
| CVE-2019-13518 | 1 Ezautomation | 1 Ez Touch Editor | 2024-11-21 | N/A |
| An attacker could use a specially crafted project file to overflow the buffer and execute code under the privileges of the EZ Touch Editor Versions 2.1.0 and prior. | ||||
| CVE-2019-13513 | 1 Deltaww | 1 Delta Industrial Automation Dopsoft | 2024-11-21 | 7.8 High |
| In Delta Industrial Automation DOPSoft, Version 4.00.06.15 and prior, processing a specially crafted project file may trigger multiple out-of-bounds read vulnerabilities, which may allow information disclosure, remote code execution, or crash of the application. | ||||
| CVE-2019-13512 | 1 Fujielectric | 1 Frenic Loader | 2024-11-21 | 3.3 Low |
| Fuji Electric FRENIC Loader 3.5.0.0 and prior is vulnerable to an out-of-bounds read vulnerability, which may allow an attacker to read limited information from the device. | ||||
| CVE-2019-13504 | 2 Debian, Exiv2 | 2 Debian Linux, Exiv2 | 2024-11-21 | 6.5 Medium |
| There is an out-of-bounds read in Exiv2::MrwImage::readMetadata in mrwimage.cpp in Exiv2 through 0.27.2. | ||||
| CVE-2019-13503 | 1 Cesanta | 1 Mongoose | 2024-11-21 | 7.5 High |
| mq_parse_http in mongoose.c in Mongoose 6.15 has a heap-based buffer over-read. | ||||
| CVE-2019-13470 | 1 Matrixssl | 1 Matrixssl | 2024-11-21 | N/A |
| MatrixSSL before 4.2.1 has an out-of-bounds read during ASN.1 handling. | ||||
| CVE-2019-13418 | 1 Search-guard | 1 Search Guard | 2024-11-21 | 7.5 High |
| Search Guard versions before 24.0 had an issue that values of string arrays in documents are not properly anonymized. | ||||
| CVE-2019-13391 | 1 Imagemagick | 1 Imagemagick | 2024-11-21 | N/A |
| In ImageMagick 7.0.8-50 Q16, ComplexImages in MagickCore/fourier.c has a heap-based buffer over-read because of incorrect calls to GetCacheViewVirtualPixels. | ||||
| CVE-2019-13331 | 2 Foxitsoftware, Microsoft | 2 Reader, Windows | 2024-11-21 | 7.8 High |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPG files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8838. | ||||
| CVE-2019-13326 | 2 Foxitsoftware, Microsoft | 2 Reader, Windows | 2024-11-21 | 7.8 High |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of fields within Acroform objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8864. | ||||