| Max CVSS | 5.0 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2019-15903 | 5.0 |
In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-r
|
28-07-2022 - 11:23 | 04-09-2019 - 06:15 | |
| CVE-2019-15165 | 5.0 |
sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory.
|
08-04-2022 - 13:27 | 03-10-2019 - 19:15 | |
| CVE-2019-15161 | 5.0 |
rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable. This may open up an attack vector involving extra data at the end of a request.
|
24-08-2020 - 17:37 | 03-10-2019 - 19:15 | |
| CVE-2019-15164 | 5.0 |
rpcapd/daemon.c in libpcap before 1.9.1 allows SSRF because a URL may be provided as a capture source.
|
27-10-2019 - 03:15 | 03-10-2019 - 19:15 | |
| CVE-2019-15162 | 5.0 |
rpcapd/daemon.c in libpcap before 1.9.1 on non-Windows platforms provides details about why authentication failed, which might make it easier for attackers to enumerate valid usernames.
|
27-10-2019 - 03:15 | 03-10-2019 - 19:15 | |
| CVE-2019-15163 | 5.0 |
rpcapd/daemon.c in libpcap before 1.9.1 allows attackers to cause a denial of service (NULL pointer dereference and daemon crash) if a crypt() call fails.
|
27-10-2019 - 03:15 | 03-10-2019 - 19:15 |