Vulnerabilities (CVE)

Filtered by CWE-119
Total 12110 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-16869 1 Upx Project 1 Upx 2024-08-05 6.8 MEDIUM 7.8 HIGH
** DISPUTED ** p_mach.cpp in UPX 3.94 allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly have unspecified other impact via a crafted Mach-O file, related to canPack and unpack functions. NOTE: the vendor has stated "there is no security implication whatsoever."
CVE-2017-16231 1 Pcre 1 Pcre 2024-08-05 2.1 LOW 5.5 MEDIUM
** DISPUTED ** In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match() in pcre_exec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is used.
CVE-2017-9614 1 D.r.commander 1 Libjpeg-turbo 2024-08-05 6.8 MEDIUM 8.8 HIGH
The fill_input_buffer function in jdatasrc.c in libjpeg-turbo 1.5.1 allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly have unspecified other impact via a crafted jpg file.
CVE-2017-7961 1 Gnome 1 Libcroco 2024-08-05 6.8 MEDIUM 7.8 HIGH
** DISPUTED ** The cr_tknzr_parse_rgb function in cr-tknzr.c in libcroco 0.6.11 and 0.6.12 has an "outside the range of representable values of type long" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted CSS file. NOTE: third-party analysis reports "This is not a security issue in my view. The conversion surely is truncating the double into a long value, but there is no impact as the value is one of the RGB components."
CVE-2018-20534 2 Canonical, Opensuse 2 Ubuntu Linux, Libsolv 2024-08-05 4.3 MEDIUM 6.5 MEDIUM
** DISPUTED ** There is an illegal address access at ext/testcase.c in libsolv.a in libsolv through 0.7.2 that will cause a denial of service. NOTE: third parties dispute this issue stating that the issue affects the test suite and not the underlying library. It cannot be exploited in any real-world application.
CVE-2018-19183 1 Ethereumjs-vm Project 1 Ethereumjs-vm 2024-08-05 5.0 MEDIUM 7.5 HIGH
ethereumjs-vm 2.4.0 allows attackers to cause a denial of service (vm.runCode failure and REVERT) via a "code: Buffer.from(my_code, 'hex')" attribute. NOTE: the vendor disputes this because REVERT is a normal bytecode that can be triggered from high-level source code, leading to a normal programmatic execution result.
CVE-2018-19130 1 Libav 1 Libav 2024-08-05 4.3 MEDIUM 6.5 MEDIUM
** DISPUTED ** In Libav 12.3, there is an invalid memory access in vc1_decode_frame in libavcodec/vc1dec.c that allows attackers to cause a denial-of-service via a crafted aac file. NOTE: This may be a duplicate of CVE-2017-17127.
CVE-2018-16585 3 Artifex, Canonical, Debian 3 Ghostscript, Ubuntu Linux, Debian Linux 2024-08-05 6.8 MEDIUM 7.8 HIGH
** DISPUTED ** An issue was discovered in Artifex Ghostscript before 9.24. The .setdistillerkeys PostScript command is accepted even though it is not intended for use during document processing (e.g., after the startup phase). This leads to memory corruption, allowing remote attackers able to supply crafted PostScript to crash the interpreter or possibly have unspecified other impact. Note: A reputable source believes that the CVE is potentially a duplicate of CVE-2018-15910 as explained in Red Hat bugzilla (https://bugzilla.redhat.com/show_bug.cgi?id=1626193).
CVE-2018-14047 1 Pngwriter Project 1 Pngwriter 2024-08-05 4.3 MEDIUM 5.5 MEDIUM
** DISPUTED ** An issue has been found in PNGwriter 0.7.0. It is a SEGV in pngwriter::readfromfile in pngwriter.cc. NOTE: there is a "Warning: PNGwriter was never designed for reading untrusted files with it. Do NOT use this in sensitive environments, especially DO NOT read PNGs from unknown sources with it!" statement in the master/README.md file.
CVE-2018-12422 1 Gnome 1 Evolution 2024-08-05 7.5 HIGH 9.8 CRITICAL
** DISPUTED ** addressbook/backends/ldap/e-book-backend-ldap.c in Evolution-Data-Server in GNOME Evolution through 3.29.2 might allow attackers to trigger a Buffer Overflow via a long query that is processed by the strcat function. NOTE: the software maintainer disputes this because "the code had computed the required string length first, and then allocated a large-enough buffer on the heap."
CVE-2019-1010022 1 Gnu 1 Glibc 2024-08-05 7.5 HIGH 9.8 CRITICAL
** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."
CVE-2019-9675 3 Canonical, Opensuse, Php 3 Ubuntu Linux, Leap, Php 2024-08-04 6.8 MEDIUM 8.1 HIGH
** DISPUTED ** An issue was discovered in PHP 7.x before 7.1.27 and 7.3.x before 7.3.3. phar_tar_writeheaders_int in ext/phar/tar.c has a buffer overflow via a long link value. NOTE: The vendor indicates that the link value is used only when an archive contains a symlink, which currently cannot happen: "This issue allows theoretical compromise of security, but a practical attack is usually impossible."
CVE-2022-35911 1 Patlite 4 Nhl-fb2, Nhl-fb2 Firmware, Nhp-fb2 and 1 more 2024-08-03 N/A 7.5 HIGH
** DISPUTED ** On Patlite NH-FB series devices through 1.46, remote attackers can cause a denial of service by omitting the query string. NOTE: the vendor's perspective is that "omitting the query string does not cause a denial of service and the indicated event can not be reproduced."
CVE-2022-4603 1 Samba 1 Ppp 2024-08-03 N/A 6.5 MEDIUM
A vulnerability classified as problematic has been found in ppp. Affected is the function dumpppp of the file pppdump/pppdump.c of the component pppdump. The manipulation of the argument spkt.buf/rpkt.buf leads to improper validation of array index. The real existence of this vulnerability is still doubted at the moment. The name of the patch is a75fb7b198eed50d769c80c36629f38346882cbf. It is recommended to apply a patch to fix this issue. VDB-216198 is the identifier assigned to this vulnerability. NOTE: pppdump is not used in normal process of setting up a PPP connection, is not installed setuid-root, and is not invoked automatically in any scenario.
CVE-2023-39615 1 Xmlsoft 1 Libxml2 2024-08-02 N/A 6.5 MEDIUM
Xmlsoft Libxml2 v2.11.0 was discovered to contain an out-of-bounds read via the xmlSAX2StartElement() function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted XML file. NOTE: the vendor's position is that the product does not support the legacy SAX1 interface with custom callbacks; there is a crash even without crafted input.
CVE-2024-22080 2024-08-02 N/A 9.8 CRITICAL
An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. Unauthenticated memory corruption can occur during XML body parsing.
CVE-2023-4234 2024-08-02 N/A 8.1 HIGH
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_submit_report() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound check for this memcpy length in decode_submit(), but it was forgotten in decode_submit_report().
CVE-1999-0069 1 Sun 1 Sunos 2024-08-01 7.2 HIGH 8.4 HIGH
Solaris ufsrestore buffer overflow.
CVE-1999-1588 1 Sun 1 Solaris 2024-08-01 10.0 HIGH 9.8 CRITICAL
Buffer overflow in nlps_server in Sun Solaris x86 2.4, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code as root via a long string beginning with "NLPS:002:002:" to the listen (aka System V listener) port, TCP port 2766.
CVE-2024-6236 2024-08-01 N/A N/A
Denial of Service in NetScaler Console (formerly NetScaler ADM), NetScaler Agent, and NetScaler SDX