Redhat : Security Vulnerabilities, CVEs, Published In November 2019 (Code Execution)
A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. A remote attacker could cause a denial of service (system crash) or, possibly execute arbitrary code, when the lbs_ibss_join_existing function is called after a STA connects to an AP.
Max CVSS
10.0
EPSS Score
1.66%
Published
2019-11-27
Updated
2023-02-12
Integer overflow in the extract_group_icon_cursor_resource function in b/wrestool/extract.c in icoutils before 0.31.1 allows local users to cause a denial of service (process crash) or execute arbitrary code via a crafted executable file.
Max CVSS
7.8
EPSS Score
0.10%
Published
2019-11-04
Updated
2019-11-07
The extract_group_icon_cursor_resource in wrestool/extract.c in icoutils before 0.31.1 can access unallocated memory, which allows local users to cause a denial of service (process crash) and execute arbitrary code via a crafted executable.
Max CVSS
7.8
EPSS Score
0.10%
Published
2019-11-04
Updated
2019-11-06
The plural form formula in ngettext family of calls in php-gettext before 1.0.12 allows remote attackers to execute arbitrary code.
Max CVSS
9.8
EPSS Score
0.82%
Published
2019-11-04
Updated
2019-11-06
eDeploy through at least 2014-10-14 has remote code execution due to eval() of untrusted data
Max CVSS
9.8
EPSS Score
1.39%
Published
2019-11-21
Updated
2019-11-27
5 vulnerabilities found