Export limit exceeded: 43742 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (43742 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-14906 | 2 Libsdl, Redhat | 2 Simple Directmedia Layer, Enterprise Linux | 2024-11-21 | 9.8 Critical |
| A flaw was found with the RHSA-2019:3950 erratum, where it did not fix the CVE-2019-13616 SDL vulnerability. This issue only affects Red Hat SDL packages, SDL versions through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow flaw while copying an existing surface into a new optimized one, due to a lack of validation while loading a BMP image, is possible. An application that uses SDL to parse untrusted input files may be vulnerable to this flaw, which could allow an attacker to make the application crash or execute code. | ||||
| CVE-2019-14901 | 5 Canonical, Debian, Fedoraproject and 2 more | 7 Ubuntu Linux, Debian Linux, Fedora and 4 more | 2024-11-21 | 9.8 Critical |
| A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The vulnerability allows a remote attacker to cause a system crash, resulting in a denial of service, or execute arbitrary code. The highest threat with this vulnerability is with the availability of the system. If code execution occurs, the code will run with the permissions of root. This will affect both confidentiality and integrity of files on the system. | ||||
| CVE-2019-14897 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2024-11-21 | 9.8 Critical |
| A stack-based buffer overflow was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. An attacker is able to cause a denial of service (system crash) or, possibly execute arbitrary code, when a STA works in IBSS mode (allows connecting stations together without the use of an AP) and connects to another STA. | ||||
| CVE-2019-14896 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2024-11-21 | 9.8 Critical |
| A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. A remote attacker could cause a denial of service (system crash) or, possibly execute arbitrary code, when the lbs_ibss_join_existing function is called after a STA connects to an AP. | ||||
| CVE-2019-14895 | 6 Canonical, Debian, Fedoraproject and 3 more | 12 Ubuntu Linux, Debian Linux, Fedora and 9 more | 2024-11-21 | 9.8 Critical |
| A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the handling of the remote devices country settings. This could allow the remote device to cause a denial of service (system crash) or possibly execute arbitrary code. | ||||
| CVE-2019-14864 | 3 Debian, Opensuse, Redhat | 9 Debian Linux, Backports Sle, Leap and 6 more | 2024-11-21 | 6.5 Medium |
| Ansible, versions 2.9.x before 2.9.1, 2.8.x before 2.8.7 and Ansible versions 2.7.x before 2.7.15, is not respecting the flag no_log set it to True when Sumologic and Splunk callback plugins are used send tasks results events to collectors. This would discloses and collects any sensitive data. | ||||
| CVE-2019-14858 | 1 Redhat | 3 Ansible Engine, Ansible Tower, Openstack | 2024-11-21 | 5.5 Medium |
| A vulnerability was found in Ansible engine 2.x up to 2.8 and Ansible tower 3.x up to 3.5. When a module has an argument_spec with sub parameters marked as no_log, passing an invalid parameter name to the module will cause the task to fail before the no_log options in the sub parameters are processed. As a result, data in the sub parameter fields will not be masked and will be displayed if Ansible is run with increased verbosity and present in the module invocation arguments for the task. | ||||
| CVE-2019-14854 | 1 Redhat | 2 Openshift, Openshift Container Platform | 2024-11-21 | 6.5 Medium |
| OpenShift Container Platform 4 does not sanitize secret data written to static pod logs when the log level in a given operator is set to Debug or higher. A low privileged user could read pod logs to discover secret material if the log level has already been modified in an operator by a privileged user. | ||||
| CVE-2019-14846 | 3 Debian, Opensuse, Redhat | 6 Debian Linux, Backports Sle, Leap and 3 more | 2024-11-21 | 7.8 High |
| In Ansible, all Ansible Engine versions up to ansible-engine 2.8.5, ansible-engine 2.7.13, ansible-engine 2.6.19, were logging at the DEBUG level which lead to a disclosure of credentials if a plugin used a library that logged credentials at the DEBUG level. This flaw does not affect Ansible modules, as those are executed in a separate process. | ||||
| CVE-2019-14835 | 8 Canonical, Debian, Fedoraproject and 5 more | 49 Ubuntu Linux, Debian Linux, Fedora and 46 more | 2024-11-21 | 7.8 High |
| A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host. | ||||
| CVE-2019-14816 | 7 Canonical, Debian, Fedoraproject and 4 more | 60 Ubuntu Linux, Debian Linux, Fedora and 57 more | 2024-11-21 | 7.8 High |
| There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code. | ||||
| CVE-2019-14815 | 3 Linux, Netapp, Redhat | 19 Linux Kernel, Altavault, Baseboard Management Controller and 16 more | 2024-11-21 | 7.8 High |
| A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver. | ||||
| CVE-2019-14814 | 6 Canonical, Debian, Linux and 3 more | 50 Ubuntu Linux, Debian Linux, Linux Kernel and 47 more | 2024-11-21 | 7.8 High |
| There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code. | ||||
| CVE-2019-14794 | 1 Metabox | 1 Meta Box | 2024-11-21 | N/A |
| The Meta Box plugin before 4.16.2 for WordPress mishandles the uploading of files to custom folders. | ||||
| CVE-2019-14776 | 2 Debian, Videolan | 2 Debian Linux, Vlc Media Player | 2024-11-21 | N/A |
| A heap-based buffer over-read exists in DemuxInit() in demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1 via a crafted .mkv file. | ||||
| CVE-2019-14753 | 1 Sick | 4 Fx0-gent00000, Fx0-gent00000 Firmware, Fx0-gpnt00000 and 1 more | 2024-11-21 | 7.5 High |
| SICK FX0-GPNT00000 and FX0-GENT00000 devices through 3.4.0 have a Buffer Overflow | ||||
| CVE-2019-14749 | 1 Osticket | 1 Osticket | 2024-11-21 | N/A |
| An issue was discovered in osTicket before 1.10.7 and 1.12.x before 1.12.1. CSV (aka Formula) injection exists in the export spreadsheets functionality. These spreadsheets are generated dynamically from unvalidated or unfiltered user input in the Name and Internal Notes fields in the Users tab, and the Issue Summary field in the tickets tab. This allows other agents to download data in a .csv file format or .xls file format. This is used as input for spreadsheet applications such as Excel and OpenOffice Calc, resulting in a situation where cells in the spreadsheets can contain input from an untrusted source. As a result, the end user who is accessing the exported spreadsheet can be affected. | ||||
| CVE-2019-14717 | 1 Verifone | 2 Verix Os, Vx520 | 2024-11-21 | 7.8 High |
| Verifone Verix OS on VerixV Pinpad Payment Terminals with QT000530 have a Buffer Overflow via the Run system call. | ||||
| CVE-2019-14708 | 1 Microdigital | 6 Mdc-n2190v, Mdc-n2190v Firmware, Mdc-n4090 and 3 more | 2024-11-21 | N/A |
| An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. A buffer overflow in the action parameter leads to remote code execution in the context of the nobody account. | ||||
| CVE-2019-14706 | 1 Microdigital | 6 Mdc-n2190v, Mdc-n2190v Firmware, Mdc-n4090 and 3 more | 2024-11-21 | N/A |
| A denial of service issue in HTTPD was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. An attacker without authorization can upload a file to upload.php with a filename longer than 256 bytes. This will be placed in the updownload area. It will not be deleted, because of a buffer overflow in a Bash command string. | ||||