Total
3900 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-17247 | 1 Irfanview | 1 Irfanview | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
IrfanView 4.53 allows Data from a Faulting Address to control a subsequent Write Address starting at JPEG_LS+0x0000000000007da8.
|
|||||
| CVE-2019-17244 | 1 Irfanview | 1 Irfanview | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
IrfanView 4.53 allows Data from a Faulting Address to control Code Flow starting at JPEG_LS+0x0000000000001d8a.
|
|||||
| CVE-2019-17243 | 1 Irfanview | 1 Irfanview | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
IrfanView 4.53 allows Data from a Faulting Address to control Code Flow starting at JPEG_LS+0x0000000000003155.
|
|||||
| CVE-2019-17181 | 1 Intrasrv Project | 1 Intrasrv | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
A remote SEH buffer overflow has been discovered in IntraSrv 1.0 (2007-06-03). An attacker may send a crafted HTTP GET or HEAD request that can result in a compromise of the hosting system.
|
|||||
| CVE-2019-17147 | 1 Tp-link | 2 Tl-wr841n, Tl-wr841n Firmware | 2024-11-21 | 9.3 HIGH | 8.8 HIGH |
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-LINK TL-WR841N routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 80 by default. When parsing the Host request header, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length static buffer. An attacker can leverage this vulnerability to execute code ...
Show More |
|||||
| CVE-2019-17133 | 4 Canonical, Debian, Linux and 1 more | 4 Ubuntu Linux, Debian Linux, Linux Kernel and 1 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow.
|
|||||
| CVE-2019-17113 | 1 Openmpt | 1 Libopenmpt | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
In libopenmpt before 0.3.19 and 0.4.x before 0.4.9, ModPlug_InstrumentName and ModPlug_SampleName in libopenmpt_modplug.c do not restrict the lengths of libmodplug output-buffer strings in the C API, leading to a buffer overflow.
|
|||||
| CVE-2019-17061 | 1 Cypress | 2 Psoc 4, Psoc 4 Ble | 2024-11-21 | 6.1 MEDIUM | 6.5 MEDIUM |
|
The Bluetooth Low Energy (BLE) stack implementation on Cypress PSoC 4 through 3.62 devices does not properly restrict the BLE Link Layer header and executes certain memory contents upon receiving a packet with a Link Layer ID (LLID) equal to zero. This allows attackers within radio range to cause deadlocks, cause anomalous behavior in the BLE state machine, or trigger a buffer overflow via a crafted BLE Link Layer frame.
|
|||||
| CVE-2019-17060 | 1 Nxp | 9 Kw31z, Kw34, Kw35 and 6 more | 2024-11-21 | 6.1 MEDIUM | 6.5 MEDIUM |
|
The Bluetooth Low Energy (BLE) stack implementation on the NXP KW41Z (based on the MCUXpresso SDK with Bluetooth Low Energy Driver 2.2.1 and earlier) does not properly restrict the BLE Link Layer header and executes certain memory contents upon receiving a packet with a Link Layer ID (LLID) equal to zero. This allows attackers within radio range to cause deadlocks, cause anomalous behavior in the BLE state machine, or trigger a buffer overflow via a crafted BLE Link Layer frame.
|
|||||
| CVE-2019-16887 | 1 Irfanview | 1 Irfanview | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
In IrfanView 4.53, Data from a Faulting Address controls a subsequent Write Address starting at image00400000+0x000000000001dcfc.
|
|||||
| CVE-2019-16746 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not check the length of variable elements in a beacon head, leading to a buffer overflow.
|
|||||
| CVE-2019-16724 | 1 Upredsun | 1 File Sharing Wizard | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
File Sharing Wizard 1.5.0 allows a remote attacker to obtain arbitrary code execution by exploiting a Structured Exception Handler (SEH) based buffer overflow in an HTTP POST parameter, a similar issue to CVE-2010-2330 and CVE-2010-2331.
|
|||||
| CVE-2019-16702 | 1 Integard Pro Project | 1 Integard Pro | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Integard Pro 2.2.0.9026 allows remote attackers to execute arbitrary code via a buffer overflow involving a long NoJs parameter to the /LoginAdmin URI.
|
|||||
| CVE-2019-16336 | 1 Cypress | 2 Cybl11573, Cyble-416045 | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
|
The Bluetooth Low Energy implementation in Cypress PSoC 4 BLE component 3.61 and earlier processes data channel frames with a payload length larger than the configured link layer maximum RX payload size, which allows attackers (in radio range) to cause a denial of service (crash) via a crafted BLE Link Layer frame.
|
|||||
| CVE-2019-16240 | 1 Hp | 88 Officejet Pro 8210 D9l63a, Officejet Pro 8210 D9l63a Firmware, Officejet Pro 8210 D9l64a and 85 more | 2024-11-21 | 5.8 MEDIUM | 9.1 CRITICAL |
|
A Buffer Overflow and Information Disclosure issue exists in HP OfficeJet Pro Printers before 001.1937C, and HP PageWide Managed Printers and HP PageWide Pro Printers before 001.1937D exists; A maliciously crafted print file might cause certain HP Inkjet printers to assert. Under certain circumstances, the printer produces a core dump to a local device.
|
|||||
| CVE-2019-16239 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
process_http_response in OpenConnect before 8.05 has a Buffer Overflow when a malicious server uses HTTP chunked encoding with crafted chunk sizes.
|
|||||
| CVE-2019-16129 | 1 Microchip | 1 Cryptoauthlib | 2024-11-21 | 4.6 MEDIUM | 6.8 MEDIUM |
|
Microchip CryptoAuthentication Library CryptoAuthLib prior to 20191122 has a Buffer Overflow (issue 2 of 2).
|
|||||
| CVE-2019-16128 | 1 Microchip | 1 Cryptoauthlib | 2024-11-21 | 4.6 MEDIUM | 6.8 MEDIUM |
|
Microchip CryptoAuthentication Library CryptoAuthLib prior to 20191122 has a Buffer Overflow (issue 1 of 2).
|
|||||
| CVE-2019-15948 | 1 Ti | 6 Cc256xb-bt-sp, Cc256xb-bt-sp Firmware, Cc256xc-bt-sp and 3 more | 2024-11-21 | 5.8 MEDIUM | 8.8 HIGH |
|
Texas Instruments CC256x and WL18xx dual-mode Bluetooth controller devices, when LE scan mode is used, allow remote attackers to trigger a buffer overflow via a malformed Bluetooth Low Energy advertising packet, to cause a denial of service or potentially execute arbitrary code. This affects CC256xC-BT-SP 1.2, CC256xB-BT-SP 1.8, and WL18xx-BT-SP 4.4.
|
|||||
| CVE-2019-15034 | 1 Qemu | 1 Qemu | 2024-11-21 | 4.4 MEDIUM | 5.8 MEDIUM |
|
hw/display/bochs-display.c in QEMU 4.0.0 does not ensure a sufficient PCI config space allocation, leading to a buffer overflow involving the PCIe extended config space.
|
|||||
| CVE-2019-14835 | 8 Canonical, Debian, Fedoraproject and 5 more | 44 Ubuntu Linux, Debian Linux, Fedora and 41 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.
|
|||||
| CVE-2019-14753 | 1 Sick | 4 Fx0-gent00000, Fx0-gent00000 Firmware, Fx0-gpnt00000 and 1 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
SICK FX0-GPNT00000 and FX0-GENT00000 devices through 3.4.0 have a Buffer Overflow
|
|||||
| CVE-2019-14717 | 1 Verifone | 2 Verix Os, Vx520 | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Verifone Verix OS on VerixV Pinpad Payment Terminals with QT000530 have a Buffer Overflow via the Run system call.
|
|||||
| CVE-2019-14557 | 1 Intel | 55 Bios, Celeron 4205u, Celeron 4305u and 52 more | 2024-11-21 | 5.2 MEDIUM | 8.0 HIGH |
|
Buffer overflow in BIOS firmware for 8th, 9th, 10th Generation Intel(R) Core(TM), Intel(R) Celeron(R) Processor 4000 & 5000 Series Processors may allow an authenticated user to potentially enable elevation of privilege or denial of service via adjacent access.
|
|||||
| CVE-2019-14135 | 1 Qualcomm | 72 Apq8009, Apq8009 Firmware, Apq8017 and 69 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Possible integer overflow to buffer overflow in WLAN while parsing nonstandard NAN IE messages. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA4010, QCA6174A, QCA6574AU, QCA ...
Show More |
|||||
| CVE-2019-14127 | 1 Qualcomm | 86 Apq8009, Apq8009 Firmware, Apq8017 and 83 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
Possible buffer overflow while playing mkv clip due to lack of validation of atom size buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCS605, QM215, Rennell, SA6155P, Saipan, SDA660, SDM429, SDM429W, SD ...
Show More |
|||||
| CVE-2019-14112 | 1 Qualcomm | 52 Apq8098, Apq8098 Firmware, Ipq6018 and 49 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
Potential buffer overflow while processing CBF frames due to lack of check of buffer length before copy in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in APQ8098, IPQ6018, IPQ8074, MSM8998, Nicobar, QCA8081, QCN7605, QCS404, QCS605, Rennell, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SM6150, SM71 ...
Show More |
|||||
| CVE-2019-14111 | 1 Qualcomm | 30 Ipq6018, Ipq6018 Firmware, Ipq8074 and 27 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
Possible buffer overflow while handling NAN reception of NMF in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ6018, IPQ8074, Nicobar, QCA6390, QCA8081, QCN7605, QCS404, QCS405, Rennell, SC7180, SC8180X, SM6150, SM7150, SM8150, SXR2130
|
|||||
| CVE-2019-14110 | 1 Qualcomm | 104 Apq8009, Apq8009 Firmware, Apq8017 and 101 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
Buffer overflow can occur in function wlan firmware while copying association frame content if frame length is more than the maximum buffer size in case of SAP mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096, APQ8096AU, APQ80 ...
Show More |
|||||
| CVE-2019-14099 | 1 Qualcomm | 56 Apq8053, Apq8053 Firmware, Mdm9206 and 53 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Device misbehavior may be observed when incorrect offset, length or number of buffers is passed by user space in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8053, MDM9206, MDM9207C, MDM9607, MSM8909W, MSM8917, MSM8953, Nicobar, QCM2150, QCS405, QCS605, QM215, Saipan, SC8180X, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM632, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SX ...
Show More |
|||||
| CVE-2019-14098 | 1 Qualcomm | 88 Apq8009, Apq8009 Firmware, Apq8017 and 85 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
Possible buffer overflow in data offload handler due to lack of check of keydata length when copying data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096, APQ8096AU, IPQ6018, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, ...
Show More |
|||||
| CVE-2019-14097 | 1 Qualcomm | 80 Apq8096, Apq8096 Firmware, Apq8096au and 77 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
Possible buffer overflow in WLAN Parser due to lack of length check when copying data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8096, APQ8096AU, APQ8098, IPQ6018, IPQ8074, MDM9607, MDM9640, MDM9650, MSM8996AU, MSM8998, Nicobar, QCA6174A, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA ...
Show More |
|||||
| CVE-2019-14095 | 1 Qualcomm | 130 Apq8009, Apq8009 Firmware, Apq8016 and 127 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
Buffer overflow occurs while processing LMP packet in which name length parameter exceeds value specified in BT-specification in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8016, APQ8017, APQ8053, APQ8076, APQ8096, APQ8096AU, APQ8098, MDM9 ...
Show More |
|||||
| CVE-2019-14076 | 1 Qualcomm | 64 Apq8009, Apq8009 Firmware, Apq8098 and 61 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Buffer overflow occurs while processing an subsample data length out of range due to lack of user input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8098, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9650, MSM8905, MSM8909, MSM8998, Nicobar, QCS404, QCS405, QCS605, Rennell, SA415M, SC7180, SC8180X, SDA845, ...
Show More |
|||||
| CVE-2019-14068 | 1 Qualcomm | 42 Apq8009, Apq8009 Firmware, Apq8053 and 39 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Out of bound access in msm routing due to lack of check of size before accessing in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, APQ8096AU, MDM9607, MSM8905, MSM8909W, Nicobar, QCS405, QCS605, Rennell, Saipan, SDM429W, SDM845, SDX20, SDX24, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130
|
|||||
| CVE-2019-14062 | 1 Qualcomm | 114 Apq8009, Apq8009 Firmware, Apq8017 and 111 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
Buffer overflows while decoding setup message from Network due to lack of check of IE message length received from network in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8076, APQ8096, APQ8096AU, APQ8098, Kamorta, MDM9150, MDM9205, MDM9206, MDM9207C, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909 ...
Show More |
|||||
| CVE-2019-14045 | 1 Qualcomm | 10 Apq8096au, Apq8096au Firmware, Qcs605 and 7 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
Possible buffer overflow while processing clientlog and serverlog due to lack of validation of data received in logs in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile in APQ8096AU, QCS605, SDM439, SM8150, SXR1130
|
|||||
| CVE-2019-14041 | 1 Qualcomm | 86 Apq8009, Apq8009 Firmware, Apq8017 and 83 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
During listener modified response processing, a buffer overrun occurs due to lack of buffer size verification when updating message buffer with physical address information in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8953, MSM8996AU, Nicobar, ...
Show More |
|||||
| CVE-2019-14031 | 1 Qualcomm | 102 Apq8009, Apq8009 Firmware, Apq8017 and 99 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
Buffer overflow can occur while parsing RSN IE containing list of PMK ID`s which are more than the buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096, APQ8096AU, APQ8098, IPQ6018, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9 ...
Show More |
|||||
| CVE-2019-14030 | 1 Qualcomm | 24 Mdm9205, Mdm9205 Firmware, Qcs404 and 21 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
The size of a buffer is determined by addition and multiplications operations that have the potential to overflow due to lack of bound check in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in MDM9205, QCS404, Rennell, SC8180X, SDM845, SDM850, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130
|
|||||