Max CVSS 7.8 Min CVSS 4.3 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2019-9518 7.8
Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker sends a stream of frames with an empty payload and without the end-of-stream flag. These frames can be DATA, HEADERS, CONT
22-10-2020 - 17:23 13-08-2019 - 21:15
CVE-2019-9515 7.8
Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS f
22-10-2020 - 17:22 13-08-2019 - 21:15
CVE-2019-9514 7.8
Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the p
22-10-2020 - 17:21 13-08-2019 - 21:15
CVE-2019-11038 5.0
When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause t
16-10-2020 - 12:58 19-06-2019 - 00:15
CVE-2019-11039 6.4
Function iconv_mime_decode_headers() in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 may perform out-of-buffer read due to integer overflow when parsing MIME headers. This may lead to information disclosure or crash.
16-10-2020 - 12:57 19-06-2019 - 00:15
CVE-2019-11040 6.4
When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 it is possible to supply it with data what will cause it to read past
16-10-2020 - 12:57 19-06-2019 - 00:15
CVE-2019-16378 7.5
OpenDMARC through 1.3.2 and 1.4.x through 1.4.0-Beta1 is prone to a signature-bypass vulnerability with multiple From: addresses, which might affect applications that consider a domain name to be relevant to the origin of an e-mail message.
14-10-2020 - 05:15 17-09-2019 - 12:15
CVE-2019-11042 5.8
When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past
02-10-2020 - 15:19 09-08-2019 - 20:15
CVE-2019-11041 5.8
When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past
02-10-2020 - 15:05 09-08-2019 - 20:15
CVE-2019-11034 6.4
When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_process_IFD_TAG function. This may lead to information disclosure or crash.
02-10-2020 - 13:33 18-04-2019 - 17:29
CVE-2019-11036 6.4
When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.29, 7.2.x below 7.2.18 and 7.3.x below 7.3.5 can be caused to read past allocated buffer in exif_process_IFD_TAG function. This may lead to information disclosure or crash.
02-10-2020 - 13:14 03-05-2019 - 20:29
CVE-2019-11035 6.4
When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_iif_add_value function. This may lead to information disclosure or crash.
02-10-2020 - 13:13 18-04-2019 - 17:29
CVE-2019-16237 5.0
Dino before 2019-09-10 does not properly check the source of an MAM message in module/xep/0313_message_archive_management.vala.
14-09-2020 - 14:27 11-09-2019 - 19:15
CVE-2019-16236 5.0
Dino before 2019-09-10 does not check roster push authorization in module/roster/module.vala.
14-09-2020 - 14:27 11-09-2019 - 19:15
CVE-2019-16235 5.0
Dino before 2019-09-10 does not properly check the source of a carbons message in module/xep/0280_message_carbons.vala.
14-09-2020 - 14:26 11-09-2019 - 19:15
CVE-2018-19502 6.8
An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.1. There was a heap-based buffer overflow in the function excluded_channels() in libfaad/syntax.c.
24-08-2020 - 17:37 23-11-2018 - 19:29
CVE-2018-19503 6.8
An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.1. There was a stack-based buffer overflow in the function calculate_gain() in libfaad/sbr_hfadj.c.
24-08-2020 - 17:37 23-11-2018 - 19:29
CVE-2019-13139 4.6
In Docker before 18.09.4, an attacker who is capable of supplying or manipulating the build path for the "docker build" command would be able to gain command execution. An issue exists in the way "docker build" processes remote git URLs, and results
24-08-2020 - 17:37 22-08-2019 - 20:15
CVE-2018-20359 4.3
An invalid memory address dereference was discovered in the sbrDecodeSingleFramePS function of libfaad/sbr_dec.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to d
15-06-2020 - 18:15 22-12-2018 - 15:29
CVE-2018-20198 4.3
A NULL pointer dereference was discovered in ifilter_bank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service because adding t
15-06-2020 - 18:15 18-12-2018 - 01:29
CVE-2018-20362 4.3
A NULL pointer dereference was discovered in ifilter_bank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash because adding to windowed output is mishandled in
15-06-2020 - 18:15 22-12-2018 - 15:29
CVE-2018-20195 4.3
A NULL pointer dereference was discovered in ic_predict of libfaad/ic_predict.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.
15-06-2020 - 18:15 18-12-2018 - 01:29
CVE-2018-20357 4.3
A NULL pointer dereference was discovered in sbr_process_channel of libfaad/sbr_dec.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash.
15-06-2020 - 18:15 22-12-2018 - 15:29
CVE-2018-20358 4.3
An invalid memory address dereference was discovered in the lt_prediction function of libfaad/lt_predict.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial
15-06-2020 - 18:15 22-12-2018 - 15:29
CVE-2018-20194 6.8
There is a stack-based buffer underflow in the third instance of the calculate_gain function in libfaad/sbr_hfadj.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. A crafted input will lead to a denial of service or possibly unspecified other imp
15-06-2020 - 18:15 18-12-2018 - 01:29
CVE-2018-20361 4.3
An invalid memory address dereference was discovered in the hf_assembly function of libfaad/sbr_hfadj.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of
15-06-2020 - 18:15 22-12-2018 - 15:29
CVE-2018-19504 6.8
An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.1. There is a NULL pointer dereference in ifilter_bank() in libfaad/filtbank.c.
15-06-2020 - 18:15 23-11-2018 - 19:29
CVE-2018-20197 6.8
There is a stack-based buffer underflow in the third instance of the calculate_gain function in libfaad/sbr_hfadj.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. A crafted input will lead to a denial of service or possibly unspecified other imp
15-06-2020 - 18:15 18-12-2018 - 01:29
CVE-2019-15296 6.8
An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The faad_resetbits function in libfaad/bits.c is affected by a buffer overflow vulnerability. The number of bits to be read is determined by ld->buffer_size - words*4, cast t
15-06-2020 - 18:15 21-08-2019 - 07:15
CVE-2019-16159 5.0
BIRD Internet Routing Daemon 1.6.x through 1.6.7 and 2.x through 2.0.5 has a stack-based buffer overflow. The BGP daemon's support for RFC 8203 administrative shutdown communication messages included an incorrect logical expression when checking the
20-09-2019 - 03:15 09-09-2019 - 15:15
CVE-2019-14271 7.5
In Docker 19.03.x before 19.03.1 linked against the GNU C Library (aka glibc), code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container.
28-08-2019 - 13:15 29-07-2019 - 18:15
CVE-2019-13509 5.0
In Docker CE and EE before 18.09.8 (as well as Docker EE before 17.06.2-ee-23 and 18.x before 18.03.1-ee-10), Docker Engine in debug mode may sometimes add secrets to the debug log. This applies to a scenario where docker stack deploy is run to redep
27-08-2019 - 17:15 18-07-2019 - 16:15
CVE-2019-9512 7.8
Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this d
23-08-2019 - 21:15 13-08-2019 - 21:15
CVE-2003-0973 5.0
Unknown vulnerability in mod_python 3.0.x before 3.0.4, and 2.7.x before 2.7.9, allows remote attackers to cause a denial of service (httpd crash) via a certain query string.
11-10-2017 - 01:29 15-12-2003 - 05:00
Back to Top Mark selected
Back to Top