Security Vulnerabilities, CVEs, Published In December 2019 (Overflow)
Kernel/VM/MemoryManager.cpp in SerenityOS before 2019-12-30 does not reject syscalls with pointers into the kernel-only virtual address space, which allows local users to gain privileges by overwriting a return address that was found on the kernel stack.
Max CVSS
7.8
EPSS Score
0.04%
Published
2019-12-31
Updated
2022-12-08
An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is heap-based buffer overflow in the function gf_isom_box_parse_ex() in isomedia/box_funcs.c.
Max CVSS
5.5
EPSS Score
0.08%
Published
2019-12-31
Updated
2022-10-14
An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is heap-based buffer overflow in the function ReadGF_IPMPX_WatermarkingInit() in odf/ipmpx_code.c.
Max CVSS
5.5
EPSS Score
0.08%
Published
2019-12-31
Updated
2022-10-14
An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a stack-based buffer overflow in the function av1_parse_tile_group() in media_tools/av_parsers.c.
Max CVSS
5.5
EPSS Score
0.07%
Published
2019-12-31
Updated
2020-01-02
An issue was discovered in libsixel 1.8.4. There is a heap-based buffer overflow in the function gif_out_code at fromgif.c.
Max CVSS
8.8
EPSS Score
0.30%
Published
2019-12-30
Updated
2020-01-07
An issue was discovered in libsixel 1.8.4. There is a heap-based buffer overflow in the function gif_init_frame at fromgif.c.
Max CVSS
8.8
EPSS Score
0.20%
Published
2019-12-30
Updated
2020-01-03
An invalid memory address dereference was discovered in the canUnpack function in p_mach.cpp in UPX 3.95 via a crafted Mach-O file.
Max CVSS
5.5
EPSS Score
0.06%
Published
2019-12-27
Updated
2022-01-01
A heap-based buffer overflow was discovered in image_buffer_resize in fromsixel.c in libsixel before 1.8.4.
Max CVSS
6.5
EPSS Score
0.10%
Published
2019-12-27
Updated
2020-01-02
In GraphicsMagick 1.4 snapshot-20190423 Q8, there is a heap-based buffer overflow in the function ImportRLEPixels of coders/miff.c.
Max CVSS
9.8
EPSS Score
1.21%
Published
2019-12-24
Updated
2022-10-31
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c.
Max CVSS
9.8
EPSS Score
0.93%
Published
2019-12-24
Updated
2022-10-31
In libIEC61850 1.4.0, MmsValue_decodeMmsData in mms/iso_mms/server/mms_access_result.c has a heap-based buffer overflow.
Max CVSS
8.8
EPSS Score
0.23%
Published
2019-12-23
Updated
2019-12-30
In libIEC61850 1.4.0, MmsValue_newOctetString in mms/iso_mms/common/mms_value.c has an integer signedness error that can lead to an attempted excessive memory allocation.
Max CVSS
6.5
EPSS Score
0.10%
Published
2019-12-23
Updated
2019-12-30
Lout 3.40 has a heap-based buffer overflow in the srcnext() function in z02.c.
Max CVSS
7.8
EPSS Score
0.15%
Published
2019-12-20
Updated
2022-12-14
Lout 3.40 has a buffer overflow in the StringQuotedWord() function in z39.c.
Max CVSS
7.8
EPSS Score
0.12%
Published
2019-12-20
Updated
2020-11-05
HrAddFBBlock in libfreebusy/freebusyutil.cpp in Kopano Groupware Core before 8.7.7 allows out-of-bounds access, as demonstrated by mishandling of an array copy during parsing of ICal data.
Max CVSS
9.8
EPSS Score
0.42%
Published
2019-12-19
Updated
2023-03-06
NetHack 3.6.x before 3.6.4 is prone to a buffer overflow vulnerability when reading very long lines from configuration files. This affects systems that have NetHack installed suid/sgid, and shared systems that allow users to upload their own configuration files.
Max CVSS
9.8
EPSS Score
0.38%
Published
2019-12-19
Updated
2019-12-27
Libspiro through 20190731 has a stack-based buffer overflow in the spiro_to_bpath0() function in spiro.c.
Max CVSS
8.1
EPSS Score
0.28%
Published
2019-12-17
Updated
2020-01-08
Yabasic 2.86.2 has a heap-based buffer overflow in myformat in function.c via a crafted BASIC source file.
Max CVSS
7.8
EPSS Score
0.09%
Published
2019-12-13
Updated
2019-12-17
samurai 0.7 has a heap-based buffer overflow in canonpath in util.c via a crafted build file.
Max CVSS
7.8
EPSS Score
0.09%
Published
2019-12-13
Updated
2019-12-17
ATasm 1.06 has a stack-based buffer overflow in the get_signed_expression() function in setparse.c via a crafted .m65 file.
Max CVSS
7.8
EPSS Score
0.11%
Published
2019-12-13
Updated
2022-10-14
ATasm 1.06 has a stack-based buffer overflow in the parse_expr() function in setparse.c via a crafted .m65 file.
Max CVSS
7.8
EPSS Score
0.11%
Published
2019-12-13
Updated
2022-10-14
ATasm 1.06 has a stack-based buffer overflow in the to_comma() function in asm.c via a crafted .m65 file.
Max CVSS
7.8
EPSS Score
0.11%
Published
2019-12-13
Updated
2022-10-14
The FTP client in AceaXe Plus 1.0 allows a buffer overflow via a long EHLO response from an FTP server.
Max CVSS
10.0
EPSS Score
0.51%
Published
2019-12-13
Updated
2019-12-16
make_arrow in arrow.c in Xfig fig2dev 3.2.7b allows a segmentation fault and out-of-bounds write because of an integer overflow via a large arrow type.
Max CVSS
5.5
EPSS Score
0.15%
Published
2019-12-12
Updated
2023-02-02
Yabasic 2.86.1 has a heap-based buffer overflow in the yylex() function in flex.c via a crafted BASIC source file.
Max CVSS
8.8
EPSS Score
0.21%
Published
2019-12-11
Updated
2020-08-24