Last 20 Scored Vulnerability IDs & Summaries
CVSS Severity
-
CVE-2019-19648 —
In the macho_parse_file functionality in macho/macho.c of YARA 3.11.0, command_size may be inconsistent with the real size. A specially crafted MachO file can cause an out-of-bounds memory access, resulting in Denial of Service (application crash) or... read CVE-2019-19648
Published: December 08, 2019; 08:15:10 PM -05:00
-
CVE-2015-1855 —
verify_certificate_identity in the OpenSSL extension in Ruby before 2.0.0 patchlevel 645, 2.1.x before 2.1.6, and 2.2.x before 2.2.2 does not properly validate hostnames, which allows remote attackers to spoof servers via vectors related to (1) multi... read CVE-2015-1855
Published: November 29, 2019; 04:15:10 PM -05:00
-
CVE-2013-4184 —
Perl module Data::UUID from CPAN version 1.219 vulnerable to symlink attacks
Published: December 10, 2019; 10:15:11 AM -05:00
-
CVE-2012-1577 —
lib/libc/stdlib/random.c in OpenBSD returns 0 when seeded with 0.
Published: December 10, 2019; 02:15:14 PM -05:00
-
CVE-2019-18308 —
A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with local access to the MS3000 Server and a low privileged user account could gain root privileges by manipulating specific files in the local file... read CVE-2019-18308
Published: December 12, 2019; 02:15:17 PM -05:00
-
CVE-2019-18309 —
A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with local access to the MS3000 Server and a low privileged user account could gain root privileges by manipulating specific files in the local file... read CVE-2019-18309
Published: December 12, 2019; 02:15:17 PM -05:00
-
CVE-2019-18310 —
A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 7061/tcp. This... read CVE-2019-18310
Published: December 12, 2019; 02:15:17 PM -05:00
-
CVE-2019-10013 —
The asn1_signature function in asn1.c in Cameron Hamilton-Rich axTLS through 2.1.5 has a Buffer Overflow that allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted certificate in the TLS certificate handshake... read CVE-2019-10013
Published: December 03, 2019; 03:15:10 PM -05:00
-
CVE-2019-18311 —
A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 7061/tcp. This... read CVE-2019-18311
Published: December 12, 2019; 02:15:17 PM -05:00
-
CVE-2019-18312 —
A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could be able to enumerate running RPC services. Please note that an attacker needs to have network access... read CVE-2019-18312
Published: December 12, 2019; 02:15:17 PM -05:00
-
CVE-2019-5092 —
An exploitable heap out of bounds write vulnerability exists in the UI tag parsing functionality of the DICOM image format of LEADTOOLS 20.0.2019.3.15. A specially crafted DICOM image can cause an offset beyond the bounds of a heap allocation to be w... read CVE-2019-5092
Published: December 11, 2019; 07:15:11 PM -05:00
-
CVE-2019-14890 —
A vulnerability was found in Ansible Tower before 3.6.1 where an attacker with low privilege could retrieve usernames and passwords credentials from the new RHSM saved in plain text into the database at '/api/v2/config' when applying the Ansible Towe... read CVE-2019-14890
Published: November 26, 2019; 02:15:11 AM -05:00
-
CVE-2019-10618 —
Driver may access an invalid address while processing IO control due to lack of check of address validation in Snapdragon Connectivity in QCA6390
Published: December 12, 2019; 04:15:12 AM -05:00
-
CVE-2019-19463 —
The Anhui Huami Mi Fit application before 4.0.11 for Android has an Unencrypted Update Check.
Published: November 29, 2019; 09:15:10 PM -05:00
-
CVE-2019-5093 —
An exploitable code execution vulnerability exists in the DICOM network response functionality of LEADTOOLS libltdic.so version 20.0.2019.3.15. A specially crafted packet can cause an integer overflow, resulting in heap corruption. An attacker can se... read CVE-2019-5093
Published: December 11, 2019; 07:15:11 PM -05:00
-
CVE-2019-5154 —
An exploitable heap overflow vulnerability exists in the JPEG2000 parsing functionality of LEADTOOLS 20.0.2019.3.15. A specially crafted J2K image file can cause an out of bounds write of a null byte in a heap buffer, potentially resulting in code ex... read CVE-2019-5154
Published: December 11, 2019; 07:15:11 PM -05:00
-
CVE-2015-1853 —
chrony before 1.31.1 does not properly protect state variables in authenticated symmetric NTP associations, which allows remote attackers with knowledge of NTP peering to cause a denial of service (inability to synchronize) via random timestamps in c... read CVE-2015-1853
Published: December 09, 2019; 02:15:14 PM -05:00
-
CVE-2016-4980 —
A password generation weakness exists in xquest through 2016-06-13.
Published: November 27, 2019; 11:15:11 AM -05:00
-
CVE-2019-19707 —
On Moxa EDS-G508E, EDS-G512E, and EDS-G516E devices (with firmware through 6.0), denial of service can occur via PROFINET DCE-RPC endpoint discovery packets.
Published: December 10, 2019; 09:15:14 PM -05:00
-
CVE-2019-18333 —
A vulnerability has been identified in SPPA-T3000 Application Server (All versions). An attacker with network access to the Application Server could gain access to filenames on the server by sending specifically crafted packets to 8090/tcp. Please no... read CVE-2019-18333
Published: December 12, 2019; 02:15:19 PM -05:00