Export limit exceeded: 45226 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45226 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-16254 | 3 Debian, Redhat, Ruby-lang | 6 Debian Linux, Enterprise Linux, Rhel E4s and 3 more | 2024-11-21 | 5.3 Medium |
| Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows HTTP Response Splitting. If a program using WEBrick inserts untrusted input into the response header, an attacker can exploit it to insert a newline character to split a header, and inject malicious content to deceive clients. NOTE: this issue exists because of an incomplete fix for CVE-2017-17742, which addressed the CRLF vector, but did not address an isolated CR or an isolated LF. | ||||
| CVE-2019-16249 | 1 Opencv | 1 Opencv | 2024-11-21 | 5.3 Medium |
| OpenCV 4.1.1 has an out-of-bounds read in hal_baseline::v_load in core/hal/intrin_sse.hpp when called from computeSSDMeanNorm in modules/video/src/dis_flow.cpp. | ||||
| CVE-2019-16240 | 1 Hp | 88 Officejet Pro 8210 D9l63a, Officejet Pro 8210 D9l63a Firmware, Officejet Pro 8210 D9l64a and 85 more | 2024-11-21 | 9.1 Critical |
| A Buffer Overflow and Information Disclosure issue exists in HP OfficeJet Pro Printers before 001.1937C, and HP PageWide Managed Printers and HP PageWide Pro Printers before 001.1937D exists; A maliciously crafted print file might cause certain HP Inkjet printers to assert. Under certain circumstances, the printer produces a core dump to a local device. | ||||
| CVE-2019-16239 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2024-11-21 | 9.8 Critical |
| process_http_response in OpenConnect before 8.05 has a Buffer Overflow when a malicious server uses HTTP chunked encoding with crafted chunk sizes. | ||||
| CVE-2019-16215 | 1 Zulip | 1 Zulip Server | 2024-11-21 | 6.5 Medium |
| The Markdown parser in Zulip server before 2.0.5 used a regular expression vulnerable to exponential backtracking. A user who is logged into the server could send a crafted message causing the server to spend an effectively arbitrary amount of CPU time and stall the processing of future messages. | ||||
| CVE-2019-16184 | 1 Limesurvey | 1 Limesurvey | 2024-11-21 | 9.8 Critical |
| A CSV injection vulnerability was found in Limesurvey before 3.17.14 that allows survey participants to inject commands via their survey responses that will be included in the export CSV file. | ||||
| CVE-2019-16175 | 1 Limesurvey | 1 Limesurvey | 2024-11-21 | 4.3 Medium |
| A clickjacking vulnerability was found in Limesurvey before 3.17.14. | ||||
| CVE-2019-16167 | 6 Canonical, Debian, Fedoraproject and 3 more | 7 Ubuntu Linux, Debian Linux, Fedora and 4 more | 2024-11-21 | 5.5 Medium |
| sysstat before 12.1.6 has memory corruption due to an Integer Overflow in remap_struct() in sa_common.c. | ||||
| CVE-2019-16166 | 1 Gnu | 1 Cflow | 2024-11-21 | 6.5 Medium |
| GNU cflow through 1.6 has a heap-based buffer over-read in the nexttoken function in parser.c. | ||||
| CVE-2019-16163 | 5 Canonical, Debian, Fedoraproject and 2 more | 6 Ubuntu Linux, Debian Linux, Fedora and 3 more | 2024-11-21 | 7.5 High |
| Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of recursion in regparse.c. | ||||
| CVE-2019-16162 | 1 K-takata | 1 Onigmo | 2024-11-21 | 7.5 High |
| Onigmo through 6.2.0 has an out-of-bounds read in parse_char_class because of missing codepoint validation in regenc.c. | ||||
| CVE-2019-16160 | 1 Mikrotik | 1 Routeros | 2024-11-21 | 7.5 High |
| An integer underflow in the SMB server of MikroTik RouterOS before 6.45.5 allows remote unauthenticated attackers to crash the service. | ||||
| CVE-2019-16139 | 1 Compact Arena Project | 1 Compact Arena | 2024-11-21 | 9.8 Critical |
| An issue was discovered in the compact_arena crate before 0.4.0 for Rust. Generativity is mishandled, leading to an out-of-bounds write or read. | ||||
| CVE-2019-16129 | 1 Microchip | 1 Cryptoauthlib | 2024-11-21 | 6.8 Medium |
| Microchip CryptoAuthentication Library CryptoAuthLib prior to 20191122 has a Buffer Overflow (issue 2 of 2). | ||||
| CVE-2019-16128 | 1 Microchip | 1 Cryptoauthlib | 2024-11-21 | 6.8 Medium |
| Microchip CryptoAuthentication Library CryptoAuthLib prior to 20191122 has a Buffer Overflow (issue 1 of 2). | ||||
| CVE-2019-16127 | 1 Microchip | 1 Advanced Software Framework 4 | 2024-11-21 | 9.1 Critical |
| Atmel Advanced Software Framework (ASF) 4 has an Integer Overflow. | ||||
| CVE-2019-16115 | 1 Glyphandcog | 1 Xpdfreader | 2024-11-21 | 7.8 High |
| In Xpdf 4.01.01, a stack-based buffer under-read could be triggered in IdentityFunction::transform in Function.cc, used by GfxAxialShading::getColor. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It allows an attacker to use a crafted PDF file to cause Denial of Service or possibly unspecified other impact. | ||||
| CVE-2019-16102 | 1 Silver-peak | 2 Unity Edgeconnect Sd-wan, Unity Edgeconnect Sd-wan Firmware | 2024-11-21 | N/A |
| Silver Peak EdgeConnect SD-WAN before 8.1.7.x has an SNMP service with a public value for rocommunity and trapcommunity. | ||||
| CVE-2019-16098 | 1 Msi | 1 Afterburner | 2024-11-21 | 7.8 High |
| The driver in Micro-Star MSI Afterburner 4.6.2.15658 (aka RTCore64.sys and RTCore32.sys) allows any authenticated user to read and write to arbitrary memory, I/O ports, and MSRs. This can be exploited for privilege escalation, code execution under high privileges, and information disclosure. These signed drivers can also be used to bypass the Microsoft driver-signing policy to deploy malicious code. | ||||
| CVE-2019-16096 | 1 Kilo Project | 1 Kilo | 2024-11-21 | 7.5 High |
| Kilo 0.0.1 has a heap-based buffer overflow because there is an integer overflow in a calculation involving the number of tabs in one row. | ||||