Total
12074 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-14274 | 2 Mcpp Project, Opensuse | 3 Mcpp, Backports Sle, Leap | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| MCPP 2.7.2 has a heap-based buffer overflow in the do_msg() function in support.c. | |||||
| CVE-2019-14267 | 2 Fedoraproject, Pdfresurrect Project | 2 Fedora, Pdfresurrect | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| PDFResurrect 0.15 has a buffer overflow via a crafted PDF file because data associated with startxref and %%EOF is mishandled. | |||||
| CVE-2019-14250 | 3 Canonical, Gnu, Opensuse | 3 Ubuntu Linux, Binutils, Leap | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow. | |||||
| CVE-2019-14247 | 1 Mpg321 Project | 1 Mpg321 | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| The scan() function in mad.c in mpg321 0.3.2 allows remote attackers to trigger an out-of-bounds write via a zero bitrate in an MP3 file. | |||||
| CVE-2019-14210 | 2 Foxitsoftware, Microsoft | 2 Phantompdf, Windows | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to Memory Corruption due to the use of an invalid pointer copy, resulting from a destructed string object. | |||||
| CVE-2019-14209 | 2 Foxitsoftware, Microsoft | 2 Phantompdf, Windows | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to Heap Corruption due to data desynchrony when adding AcroForm. | |||||
| CVE-2019-14204 | 1 Denx | 1 U-boot | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_umountall_reply. | |||||
| CVE-2019-14203 | 1 Denx | 1 U-boot | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_mount_reply. | |||||
| CVE-2019-14202 | 1 Denx | 1 U-boot | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_readlink_reply. | |||||
| CVE-2019-14201 | 1 Denx | 1 U-boot | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_lookup_reply. | |||||
| CVE-2019-14200 | 1 Denx | 1 U-boot | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: rpc_lookup_reply. | |||||
| CVE-2019-14198 | 1 Denx | 1 U-boot | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_read_reply when calling store_block in the NFSv3 case. | |||||
| CVE-2019-14196 | 1 Denx | 1 U-boot | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_lookup_reply. | |||||
| CVE-2019-14195 | 1 Denx | 1 U-boot | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with unvalidated length at nfs_readlink_reply in the "else" block after calculating the new path length. | |||||
| CVE-2019-14194 | 1 Denx | 1 U-boot | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_read_reply when calling store_block in the NFSv2 case. | |||||
| CVE-2019-14193 | 1 Denx | 1 U-boot | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with an unvalidated length at nfs_readlink_reply, in the "if" block after calculating the new path length. | |||||
| CVE-2019-14192 | 1 Denx | 1 U-boot | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a net_process_received_packet integer underflow during an nc_input_packet call. | |||||
| CVE-2019-14132 | 1 Qualcomm | 6 Qcs605, Qcs605 Firmware, Sa6155p and 3 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Buffer over-write when this 0-byte buffer is typecasted to some other structure and hence memory corruption in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile in QCS605, SA6155P, SM8150 | |||||
| CVE-2019-14131 | 1 Qualcomm | 42 Apq8053, Apq8053 Firmware, Apq8096au and 39 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Out of bound write can occur in radio measurement request if STA receives multiple invalid rrm measurement request from AP in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8053, APQ8096AU, MSM8998, Nicobar, QCA6574AU, QCS605, Rennell, SA6155P, Saipan, SC8180X, SDM660, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130 | |||||
| CVE-2019-14130 | 1 Qualcomm | 18 Kamorta, Kamorta Firmware, Qcs404 and 15 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Memory corruption can occurs in trusted application if offset size from HLOS is more than actual mapped buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404, Rennell, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130 | |||||