Total
3128 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-7485 | 1 Sonicwall | 2 Sma 100, Sma 100 Firmware | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Buffer overflow in SonicWall SMA100 allows an authenticated user to execute arbitrary code in DEARegister CGI script. This vulnerability impacted SMA100 version 9.0.0.3 and earlier. | |||||
| CVE-2019-7366 | 1 Autodesk | 1 Fbx Software Development Kit | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Buffer overflow vulnerability in Autodesk FBX Software Development Kit version 2019.5. A user may be tricked into opening a malicious FBX file which may exploit a buffer overflow vulnerability causing it to run arbitrary code on the system. | |||||
| CVE-2019-6557 | 1 Moxa | 8 Eds-405a, Eds-405a Firmware, Eds-408a and 5 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Several buffer overflow vulnerabilities have been identified in Moxa IKS and EDS, which may allow remote code execution. | |||||
| CVE-2019-6327 | 1 Hp | 20 Laserjet Pro M280-m281 T6b80a, Laserjet Pro M280-m281 T6b80a Firmware, Laserjet Pro M280-m281 T6b81a and 17 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| HP Color LaserJet Pro M280-M281 Multifunction Printer series (before v. 20190419), HP LaserJet Pro MFP M28-M31 Printer series (before v. 20190426) may have an IPP Parser potentially vulnerable to Buffer Overflow. | |||||
| CVE-2019-6258 | 2 D-link, Dlink | 2 Dir-822 Firmware, Dir-822 | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| D-Link DIR-822 Rev.Bx devices with firmware v.202KRb06 and older allow a buffer overflow via long MacAddress data in a /HNAP1/SetClientInfo HNAP protocol message, which is mishandled in /usr/sbin/udhcpd during reading of the /var/servd/LAN-1-udhcpd.conf file. | |||||
| CVE-2019-6192 | 1 Lenovo | 81 Power Management Driver, Thinkpad 13 Gen 2, Thinkpad 25 and 78 more | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
| A potential vulnerability has been reported in Lenovo Power Management Driver versions prior to 1.67.17.48 leading to a buffer overflow which could cause a denial of service. | |||||
| CVE-2019-5439 | 1 Videolan | 1 Vlc Media Player | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| A Buffer Overflow in VLC Media Player < 3.0.7 causes a crash which can possibly be further developed into a remote code execution exploit. | |||||
| CVE-2019-5319 | 2 Arubanetworks, Siemens | 3 Instant, Scalance W1750d, Scalance W1750d Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| A remote buffer overflow vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.16 and below; Aruba Instant 8.3.x: 8.3.0.12 and below; Aruba Instant 8.5.x: 8.5.0.6 and below; Aruba Instant 8.6.x: 8.6.0.2 and below. Aruba has released patches for Aruba Instant that address this security vulnerability. | |||||
| CVE-2019-5304 | 1 Huawei | 52 Ar120-s, Ar120-s Firmware, Ar1200 and 49 more | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| Some Huawei products have a buffer error vulnerability. An unauthenticated, remote attacker could send specific MPLS Echo Request messages to the target products. Due to insufficient input validation of some parameters in the messages, successful exploit may cause the device to reset. | |||||
| CVE-2019-5276 | 1 Huawei | 2 Elle-al00b, Elle-al00b Firmware | 2024-11-21 | 5.8 MEDIUM | 8.8 HIGH |
| Huawei smart phones with earlier versions than ELLE-AL00B 9.1.0.222(C00E220R2P1) have a buffer overflow vulnerability. An attacker may intercept and tamper with the packet in the local area network (LAN) to exploit this vulnerability. Successful exploitation may cause the affected phone abnormal. | |||||
| CVE-2019-5273 | 1 Huawei | 2 Usg9500, Usg9500 Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| USG9500 with versions of V500R001C30;V500R001C60 have a denial of service vulnerability. Due to a flaw in the X.509 implementation in the affected products which can result in a large heap buffer overrun error, an attacker may exploit the vulnerability by a malicious certificate, resulting a denial of service on the affected products. | |||||
| CVE-2019-5258 | 1 Huawei | 34 Ap2000, Ap2000 Firmware, Espace U1981 and 31 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a buffer overflow vulnerability. An attacker who logs in to the board may send crafted messages from the internal network port or tamper with inter-process message packets to exploit this vulnerability. Due to insufficient validation of the message, successful exploit may cause the affected board to be abnormal. | |||||
| CVE-2019-5257 | 1 Huawei | 34 Ap2000, Ap2000 Firmware, Espace U1981 and 31 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace) have a resource management vulnerability. An attacker who logs in to the board may send crafted messages from the internal network. | |||||
| CVE-2019-5247 | 1 Huawei | 4 Atlas 300, Atlas 300 Firmware, Atlas 500 and 1 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Huawei Atlas 300, Atlas 500 have a buffer overflow vulnerability. A local, authenticated attacker may craft specific parameter and send to the process to exploit this vulnerability. Successfully exploit may cause service crash. | |||||
| CVE-2019-5225 | 1 Huawei | 6 Mate 20, Mate 20 Firmware, P30 and 3 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| P30, Mate 20, P30 Pro smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), versions earlier than Hima-AL00B 9.1.0.135(C00E200R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12) have a buffer overflow vulnerability on several , the system does not properly validate certain length parameter which an application transports to kernel. An attacker tricks the user to install a malicious application, successful exploit could cause malicious code execution. | |||||
| CVE-2019-5186 | 1 Wago | 2 Pfc200, Pfc200 Firmware | 2024-11-21 | 4.4 MEDIUM | 7.0 HIGH |
| An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service "I/O-Check" functionality of WAGO PFC 200. An attacker can send a specially crafted packet to trigger the parsing of this cache file.At 0x1eb9c the extracted interface element name from the xml file is used as an argument to /etc/config-tools/config_interfaces interface=<contents of interface element> using sprintf(). The destination buffer sp+0x40 is overflowed with the call to sprintf() for any interface values that are greater than 512-len("/etc/config-tools/config_interfaces interface=") in length. Later, at 0x1ea08 strcpy() is used to copy the contents of the stack buffer that was overflowed sp+0x40 into sp+0x440. The buffer sp+0x440 is immediately adjacent to sp+0x40 on the stack. Therefore, there is no NULL termination on the buffer sp+0x40 since it overflowed into sp+0x440. The strcpy() will result in invalid memory access. An interface value of length 0x3c4 will cause the service to crash. | |||||
| CVE-2019-5143 | 1 Moxa | 2 Awk-3131a, Awk-3131a Firmware | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| An exploitable format string vulnerability exists in the iw_console conio_writestr functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted time server entry can cause an overflow of the time server buffer, resulting in remote code execution. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability. | |||||
| CVE-2019-5064 | 2 Opencv, Oracle | 4 Opencv, Application Testing Suite, Big Data Spatial And Graph and 1 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable heap buffer overflow vulnerability exists in the data structure persistence functionality of OpenCV, before version 4.2.0. A specially crafted JSON file can cause a buffer overflow, resulting in multiple heap corruptions and potentially code execution. An attacker can provide a specially crafted file to trigger this vulnerability. | |||||
| CVE-2019-5063 | 2 Opencv, Oracle | 4 Opencv, Application Testing Suite, Big Data Spatial And Graph and 1 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable heap buffer overflow vulnerability exists in the data structure persistence functionality of OpenCV 4.1.0. A specially crafted XML file can cause a buffer overflow, resulting in multiple heap corruptions and potential code execution. An attacker can provide a specially crafted file to trigger this vulnerability. | |||||
| CVE-2019-4523 | 4 Ibm, Linux, Microsoft and 1 more | 4 Db2 High Performance Unload Load, Linux Kernel, Windows and 1 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| IBM DB2 High Performance Unload load for LUW 6.1 and 6.5 is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privileges. IBM X-Force ID: 165481. | |||||