| Max CVSS | 7.2 | Min CVSS | 1.2 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-18506 | 4.3 |
When proxy auto-detection is enabled, if a web server serves a Proxy Auto-Configuration (PAC) file or if a PAC file is loaded locally, this PAC file can specify that requests to the localhost are to be sent through the proxy to another server. This b
|
17-03-2023 - 18:31 | 05-02-2019 - 21:29 | |
| CVE-2019-2422 | 2.6 |
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u201, 8u192 and 11.0.1; Java SE Embedded: 8u191. Difficult to exploit vulnerability allows unauthenticated attacker
|
06-10-2022 - 17:52 | 16-01-2019 - 19:30 | |
| CVE-2019-9209 | 4.3 |
In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the ASN.1 BER and related dissectors could crash. This was addressed in epan/dissectors/packet-ber.c by preventing a buffer overflow associated with excessive digits in time values.
|
05-04-2022 - 20:51 | 28-02-2019 - 04:29 | |
| CVE-2019-9942 | 4.3 |
A sandbox information disclosure exists in Twig before 1.38.0 and 2.x before 2.7.0 because, under some circumstances, it is possible to call the __toString() method on an object even if not allowed by the security policy in place.
|
05-04-2022 - 20:10 | 23-03-2019 - 15:29 | |
| CVE-2019-5719 | 4.3 |
In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the ISAKMP dissector could crash. This was addressed in epan/dissectors/packet-isakmp.c by properly handling the case of a missing decryption data block.
|
24-08-2020 - 17:37 | 08-01-2019 - 23:29 | |
| CVE-2019-5717 | 4.3 |
In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the P_MUL dissector could crash. This was addressed in epan/dissectors/packet-p_mul.c by rejecting the invalid sequence number of zero.
|
20-03-2020 - 01:15 | 08-01-2019 - 23:29 | |
| CVE-2019-5716 | 4.3 |
In Wireshark 2.6.0 to 2.6.5, the 6LoWPAN dissector could crash. This was addressed in epan/dissectors/packet-6lowpan.c by avoiding use of a TVB before its creation.
|
20-03-2020 - 01:15 | 08-01-2019 - 23:29 | |
| CVE-2019-5718 | 4.3 |
In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the RTSE dissector and other ASN.1 dissectors could crash. This was addressed in epan/charsets.c by adding a get_t61_string length check.
|
15-01-2020 - 20:15 | 08-01-2019 - 23:29 | |
| CVE-2017-16355 | 1.2 |
In agent/Core/SpawningKit/Spawner.h in Phusion Passenger 5.1.10 (fixed in Passenger Open Source 5.1.11 and Passenger Enterprise 5.1.10), if Passenger is running as root, it is possible to list the contents of arbitrary files on a system by symlinking
|
28-10-2019 - 15:31 | 14-12-2017 - 22:29 | |
| CVE-2019-7524 | 7.2 |
In Dovecot before 2.2.36.3 and 2.3.x before 2.3.5.1, a local attacker can cause a buffer overflow in the indexer-worker process, which can be used to elevate to root. This occurs because of missing checks in the fts and pop3-uidl components.
|
14-06-2019 - 03:29 | 28-03-2019 - 14:29 | |
| CVE-2019-9214 | 5.0 |
In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the RPCAP dissector could crash. This was addressed in epan/dissectors/packet-rpcap.c by avoiding an attempted dereference of a NULL conversation.
|
16-05-2019 - 18:29 | 28-02-2019 - 04:29 | |
| CVE-2019-9208 | 5.0 |
In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the TCAP dissector could crash. This was addressed in epan/dissectors/asn1/tcap/tcap.cnf by avoiding NULL pointer dereferences.
|
16-05-2019 - 18:29 | 28-02-2019 - 04:29 | |
| CVE-2004-0077 | 7.2 |
The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the do_munmap function when the maximum number of VMA descriptors is exceeded, which allows local
|
03-05-2018 - 01:29 | 03-03-2004 - 05:00 |