Total
6778 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-13698 | 1 Google | 1 Chrome | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Out of bounds memory access in JavaScript in Google Chrome prior to 73.0.3683.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2019-13602 | 4 Canonical, Debian, Opensuse and 1 more | 5 Ubuntu Linux, Debian Linux, Backports Sle and 2 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| An Integer Underflow in MP4_EIA608_Convert() in modules/demux/mp4/mp4.c in VideoLAN VLC media player through 3.0.7.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and crash) or possibly have unspecified other impact via a crafted .mp4 file. | |||||
| CVE-2019-13568 | 1 Cimg | 1 Cimg | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| CImg through 2.6.7 has a heap-based buffer overflow in _load_bmp in CImg.h because of erroneous memory allocation for a malformed BMP image. | |||||
| CVE-2019-13556 | 1 Advantech | 1 Webaccess | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| In WebAccess versions 8.4.1 and prior, multiple stack-based buffer overflow vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution. | |||||
| CVE-2019-13545 | 1 Hornerautomation | 1 Cscape | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| In Horner Automation Cscape 9.90 and prior, improper validation of data may cause the system to write outside the intended buffer area, which may allow arbitrary code execution. | |||||
| CVE-2019-13544 | 1 Deltaww | 1 Tpeditor | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Delta Electronics TPEditor, Versions 1.94 and prior. Multiple out-of-bounds write vulnerabilities may be exploited by processing specially crafted project files, which may allow remote code execution. | |||||
| CVE-2019-13541 | 1 Hornerautomation | 1 Cscape | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| In Horner Automation Cscape 9.90 and prior, an improper input validation vulnerability has been identified that may be exploited by processing files lacking user input validation. This may allow an attacker to access information and remotely execute arbitrary code. | |||||
| CVE-2019-13540 | 1 Deltaww | 1 Tpeditor | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Delta Electronics TPEditor, Versions 1.94 and prior. Multiple stack-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, which may allow an attacker to remotely execute arbitrary code. | |||||
| CVE-2019-13537 | 1 Aveva | 2 Iec870ip, Iec870ip Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The IEC870IP driver for AVEVA’s Vijeo Citect and Citect SCADA and Schneider Electric’s Power SCADA Operation has a buffer overflow vulnerability that could result in a server-side crash. | |||||
| CVE-2019-13536 | 1 Deltaww | 1 Tpeditor | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Delta Electronics TPEditor, Versions 1.94 and prior. Multiple heap-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, which may allow an attacker to remotely execute arbitrary code. | |||||
| CVE-2019-13522 | 1 Ezautomation | 1 Ez Plc Editor | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| An attacker could use a specially crafted project file to corrupt the memory and execute code under the privileges of the EZ PLC Editor Versions 1.8.41 and prior. | |||||
| CVE-2019-13520 | 1 Fujielectric | 2 Alpha5 Smart Loader, Alpha5 Smart Loader Firmware | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Multiple buffer overflow issues have been identified in Alpha5 Smart Loader: All versions prior to 4.2. An attacker could use specially crafted project files to overflow the buffer and execute code under the privileges of the application. | |||||
| CVE-2019-13494 | 1 Castlerock | 1 Simple Network Management Protocol Console | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| nodeimp.exe in Castle Rock SNMPc before 9.0.12.1 and 10.x before 10.0.9 has a stack-based buffer overflow via a long variable string in a Map Objects text file. | |||||
| CVE-2019-13362 | 1 Codedoc Project | 1 Codedoc | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Codedoc v3.2 has a stack-based buffer overflow in add_variable in codedoc.c, related to codedoc_strlcpy. | |||||
| CVE-2019-13334 | 1 Foxitsoftware | 1 Phantompdf | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the conversion of DXF files to PDF. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8774. | |||||
| CVE-2019-13333 | 1 Foxitsoftware | 1 Phantompdf | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the conversion of DXF files to PDF. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8773. | |||||
| CVE-2019-13323 | 2 Foxitsoftware, Microsoft | 2 Foxit Studio Photo, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.909. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of TIF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8783. | |||||
| CVE-2019-13308 | 4 Canonical, Debian, Imagemagick and 1 more | 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow in MagickCore/fourier.c in ComplexImage. | |||||
| CVE-2019-13307 | 4 Canonical, Debian, Imagemagick and 1 more | 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows. | |||||
| CVE-2019-13306 | 4 Canonical, Debian, Imagemagick and 1 more | 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors. | |||||