Total
4813 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-14130 | 1 Gnu | 1 Binutils | 2019-10-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| The _bfd_elf_parse_attributes function in elf-attrs.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (_bfd_elf_attr_strdup heap-based buffer over-read and application crash) via a crafted ELF file. | |||||
| CVE-2018-11436 | 1 Libmobi Project | 1 Libmobi | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
| The buffer_addraw function in buffer.c in Libmobi 0.3 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted mobi file. | |||||
| CVE-2018-11434 | 1 Libmobi Project | 1 Libmobi | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
| The buffer_fill64 function in compression.c in Libmobi 0.3 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted mobi file. | |||||
| CVE-2018-11433 | 1 Libmobi Project | 1 Libmobi | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
| The mobi_get_kf8boundary_seqnumber function in util.c in Libmobi 0.3 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted mobi file. | |||||
| CVE-2018-11432 | 1 Libmobi Project | 1 Libmobi | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
| The mobi_parse_mobiheader function in read.c in Libmobi 0.3 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted mobi file. | |||||
| CVE-2018-11504 | 2 Debian, Discount Project | 2 Debian Linux, Discount | 2019-10-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| The islist function in markdown.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file, as demonstrated by mkd2html. | |||||
| CVE-2017-14129 | 1 Gnu | 1 Binutils | 2019-10-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| The read_section function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (parse_comp_unit heap-based buffer over-read and application crash) via a crafted ELF file. | |||||
| CVE-2018-11419 | 1 Jerryscript | 1 Jerryscript | 2019-10-02 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in JerryScript 1.0. There is a heap-based buffer over-read in the lit_read_code_unit_from_hex function via a RegExp("[\\u0") payload, related to re_parse_char_class in parser/regexp/re-parser.c. | |||||
| CVE-2018-11418 | 1 Jerryscript | 1 Jerryscript | 2019-10-02 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in JerryScript 1.0. There is a heap-based buffer over-read in the lit_read_code_unit_from_utf8 function via a RegExp("[\\u0020") payload, related to re_parse_char_class in parser/regexp/re-parser.c. | |||||
| CVE-2017-14128 | 1 Gnu | 1 Binutils | 2019-10-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| The decode_line_info function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (read_1_byte heap-based buffer over-read and application crash) via a crafted ELF file. | |||||
| CVE-2017-13019 | 1 Tcpdump | 1 Tcpdump | 2019-10-02 | 7.5 HIGH | 9.8 CRITICAL |
| The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print(). | |||||
| CVE-2017-14034 | 1 Libbpg Project | 1 Libbpg | 2019-10-02 | 6.8 MEDIUM | 8.8 HIGH |
| The restore_tqb_pixels function in hevc_filter.c in libavcodec, as used in libbpg 0.9.7 and other products, miscalculates a memcpy destination address, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact. | |||||
| CVE-2018-11363 | 1 Pdfgen | 1 Pdfgen | 2019-10-02 | 5.0 MEDIUM | 7.5 HIGH |
| jpeg_size in pdfgen.c in PDFGen before 2018-04-09 has a heap-based buffer over-read. | |||||
| CVE-2016-2091 | 1 Libdwarf Project | 1 Libdwarf | 2019-10-02 | 4.3 MEDIUM | 3.3 LOW |
| The dwarf_read_cie_fde_prefix function in dwarf_frame2.c in libdwarf 20151114 allows attackers to cause a denial of service (out-of-bounds read) via a crafted ELF object file. | |||||
| CVE-2019-9383 | 1 Google | 1 Android | 2019-10-02 | 1.9 LOW | 5.0 MEDIUM |
| In NFC server, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120843827 | |||||
| CVE-2019-9296 | 1 Google | 1 Android | 2019-10-02 | 1.9 LOW | 5.0 MEDIUM |
| In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112162089 | |||||
| CVE-2019-9239 | 1 Google | 1 Android | 2019-10-02 | 1.9 LOW | 5.0 MEDIUM |
| In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-121263487 | |||||
| CVE-2019-9250 | 1 Google | 1 Android | 2019-10-02 | 5.0 MEDIUM | 7.5 HIGH |
| In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120276962 | |||||
| CVE-2019-9360 | 1 Google | 1 Android | 2019-10-02 | 4.9 MEDIUM | 4.4 MEDIUM |
| In the TEE, there's a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120610663 | |||||
| CVE-2019-9249 | 1 Google | 1 Android | 2019-10-02 | 2.1 LOW | 5.5 MEDIUM |
| In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120255805 | |||||