Export limit exceeded: 339825 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (426 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-3692 | 2 Opensuse, Suse | 5 Backports Sle, Factory, Leap and 2 more | 2024-11-21 | 7.7 High |
| The packaging of inn on SUSE Linux Enterprise Server 11; openSUSE Factory, Leap 15.1 allows local attackers to escalate from user inn to root via symlink attacks. This issue affects: SUSE Linux Enterprise Server 11 inn version 2.4.2-170.21.3.1 and prior versions. openSUSE Factory inn version 2.6.2-2.2 and prior versions. openSUSE Leap 15.1 inn version 2.5.4-lp151.2.47 and prior versions. | ||||
| CVE-2019-20637 | 4 Opensuse, Redhat, Varnish-cache and 1 more | 5 Backports Sle, Leap, Enterprise Linux and 2 more | 2024-11-21 | 7.5 High |
| An issue was discovered in Varnish Cache before 6.0.5 LTS, 6.1.x and 6.2.x before 6.2.2, and 6.3.x before 6.3.1. It does not clear a pointer between the handling of one client request and the next request within the same connection. This sometimes causes information to be disclosed from the connection workspace, such as data structures associated with previous requests within this connection or VCL-related temporary headers. | ||||
| CVE-2019-20015 | 2 Gnu, Opensuse | 3 Libredwg, Backports Sle, Leap | 2024-11-21 | 6.5 Medium |
| An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_LWPOLYLINE_private in dwg.spec. | ||||
| CVE-2019-20014 | 2 Gnu, Opensuse | 3 Libredwg, Backports Sle, Leap | 2024-11-21 | 8.8 High |
| An issue was discovered in GNU LibreDWG before 0.93. There is a double-free in dwg_free in free.c. | ||||
| CVE-2019-20013 | 2 Gnu, Opensuse | 3 Libredwg, Backports Sle, Leap | 2024-11-21 | 6.5 Medium |
| An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in decode_3dsolid in dwg.spec. | ||||
| CVE-2019-20012 | 2 Gnu, Opensuse | 3 Libredwg, Backports Sle, Leap | 2024-11-21 | 6.5 Medium |
| An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_HATCH_private in dwg.spec. | ||||
| CVE-2019-20011 | 2 Gnu, Opensuse | 3 Libredwg, Backports Sle, Leap | 2024-11-21 | 8.8 High |
| An issue was discovered in GNU LibreDWG 0.92. There is a heap-based buffer over-read in decode_R13_R2000 in decode.c. | ||||
| CVE-2019-20010 | 2 Gnu, Opensuse | 3 Libredwg, Backports Sle, Leap | 2024-11-21 | 8.8 High |
| An issue was discovered in GNU LibreDWG 0.92. There is a use-after-free in resolve_objectref_vector in decode.c. | ||||
| CVE-2019-20009 | 2 Gnu, Opensuse | 3 Libredwg, Backports Sle, Leap | 2024-11-21 | 6.5 Medium |
| An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_SPLINE_private in dwg.spec. | ||||
| CVE-2019-19953 | 3 Debian, Graphicsmagick, Opensuse | 4 Debian Linux, Graphicsmagick, Backports and 1 more | 2024-11-21 | 9.1 Critical |
| In GraphicsMagick 1.4 snapshot-20191208 Q8, there is a heap-based buffer over-read in the function EncodeImage of coders/pict.c. | ||||
| CVE-2019-19951 | 3 Debian, Graphicsmagick, Opensuse | 4 Debian Linux, Graphicsmagick, Backports and 1 more | 2024-11-21 | 9.8 Critical |
| In GraphicsMagick 1.4 snapshot-20190423 Q8, there is a heap-based buffer overflow in the function ImportRLEPixels of coders/miff.c. | ||||
| CVE-2019-19950 | 3 Debian, Graphicsmagick, Opensuse | 4 Debian Linux, Graphicsmagick, Backports and 1 more | 2024-11-21 | 9.8 Critical |
| In GraphicsMagick 1.4 snapshot-20190403 Q8, there is a use-after-free in ThrowException and ThrowLoggedException of magick/error.c. | ||||
| CVE-2019-19926 | 8 Debian, Netapp, Opensuse and 5 more | 13 Debian Linux, Cloud Backup, Backports Sle and 10 more | 2024-11-21 | 7.5 High |
| multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880. | ||||
| CVE-2019-19925 | 8 Debian, Netapp, Opensuse and 5 more | 14 Debian Linux, Cloud Backup, Backports Sle and 11 more | 2024-11-21 | 7.5 High |
| zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive. | ||||
| CVE-2019-19923 | 8 Debian, Netapp, Opensuse and 5 more | 14 Debian Linux, Cloud Backup, Backports Sle and 11 more | 2024-11-21 | 7.5 High |
| flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results). | ||||
| CVE-2019-19918 | 3 Fedoraproject, Lout Project, Opensuse | 4 Fedora, Lout, Backports Sle and 1 more | 2024-11-21 | 7.8 High |
| Lout 3.40 has a heap-based buffer overflow in the srcnext() function in z02.c. | ||||
| CVE-2019-19917 | 3 Fedoraproject, Lout Project, Opensuse | 4 Fedora, Lout, Backports Sle and 1 more | 2024-11-21 | 7.8 High |
| Lout 3.40 has a buffer overflow in the StringQuotedWord() function in z39.c. | ||||
| CVE-2019-19880 | 8 Debian, Netapp, Opensuse and 5 more | 13 Debian Linux, Cloud Backup, Backports Sle and 10 more | 2024-11-21 | 7.5 High |
| exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled. | ||||
| CVE-2019-18932 | 2 Opensuse, Squid Analysis Report Generator Project | 3 Backports Sle, Leap, Squid Analysis Report Generator | 2024-11-21 | 7.0 High |
| log.c in Squid Analysis Report Generator (sarg) through 2.3.11 allows local privilege escalation. By default, it uses a fixed temporary directory /tmp/sarg. As the root user, sarg creates this directory or reuses an existing one in an insecure manner. An attacker can pre-create the directory, and place symlinks in it (after winning a /tmp/sarg/denied.int_unsort race condition). The outcome will be corrupted or newly created files in privileged file system locations. | ||||
| CVE-2019-18899 | 2 Apt-cacher-ng Project, Opensuse | 3 Apt-cacher-ng, Backports, Leap | 2024-11-21 | 6.2 Medium |
| The apt-cacher-ng package of openSUSE Leap 15.1 runs operations in user owned directory /run/apt-cacher-ng with root privileges. This can allow local attackers to influence the outcome of these operations. This issue affects: openSUSE Leap 15.1 apt-cacher-ng versions prior to 3.1-lp151.3.3.1. | ||||