| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2019-1010220 |
125 |
|
|
2019-07-22 |
2019-08-20 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact is: May expose Saved Frame Pointer, Return Address etc. on stack. The component is: line 234: "ND_PRINT((ndo, "%s", buf));", in function named "print_prefix", in "print-hncp.c". The attack vector is: The victim must open a specially crafted pcap file. |
|
2 |
CVE-2019-1010204 |
125 |
|
DoS |
2019-07-23 |
2019-08-22 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. The impact is: Denial of service. The component is: gold/fileread.cc:497, elfcpp/elfcpp_file.h:644. The attack vector is: An ELF file with an invalid e_shoff header field must be opened. |
|
3 |
CVE-2019-1010190 |
125 |
|
|
2019-07-24 |
2019-07-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
mgetty prior to 1.2.1 is affected by: out-of-bounds read. The impact is: DoS, the program may crash if the memory is not mapped. The component is: putwhitespan() in g3/pbm2g3.c. The attack vector is: Local, the victim must open a specially crafted file. The fixed version is: 1.2.1. |
|
4 |
CVE-2019-1010169 |
125 |
|
DoS |
2019-07-23 |
2019-07-23 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Jsish 2.4.77 2.0477 is affected by: Out-of-bounds Read. The impact is: denial of service. The component is: function lexer_getchar (jsiLexer.c:9). The attack vector is: executing crafted javascript code. The fixed version is: 2.4.78. |
|
5 |
CVE-2019-1010004 |
125 |
|
DoS |
2019-07-14 |
2019-08-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
SoX - Sound eXchange 14.4.2 and earlier is affected by: Out-of-bounds Read. The impact is: Denial of Service. The component is: read_samples function at xa.c:219. The attack vector is: Victim must open specially crafted .xa file. NOTE: this may overlap CVE-2017-18189. |
|
6 |
CVE-2019-1000019 |
125 |
|
DoS |
2019-02-04 |
2019-04-12 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
libarchive version commit bf9aec176c6748f0ee7a678c5f9f9555b9a757c1 onwards (release v3.0.2 onwards) contains a CWE-125: Out-of-bounds Read vulnerability in 7zip decompression, archive_read_support_format_7zip.c, header_bytes() that can result in a crash (denial of service). This attack appears to be exploitable via the victim opening a specially crafted 7zip file. |
|
7 |
CVE-2019-17401 |
125 |
|
|
2019-10-09 |
2019-10-11 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
** DISPUTED ** libyal liblnk 20191006 has a heap-based buffer over-read in the network_share_name_offset>20 code block of liblnk_location_information_read_data in liblnk_location_information.c, a different issue than CVE-2019-17264. NOTE: the vendor has disputed this as described in the GitHub issue. |
|
8 |
CVE-2019-17362 |
125 |
|
DoS |
2019-10-08 |
2019-10-15 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
In LibTomCrypt through 1.18.2, the der_decode_utf8_string function (in der_decode_utf8_string.c) does not properly detect certain invalid UTF-8 sequences. This allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) or read information from other memory locations via carefully crafted DER-encoded data. |
|
9 |
CVE-2019-17266 |
125 |
|
|
2019-10-06 |
2019-10-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
libsoup from versions 2.65.1 until 2.68.1 have a heap-based buffer over-read because soup_ntlm_parse_challenge() in soup-auth-ntlm.c does not properly check an NTLM message's length before proceeding with a memcpy. |
|
10 |
CVE-2019-17264 |
125 |
|
|
2019-10-06 |
2019-10-10 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
** DISPUTED ** In libyal liblnk before 20191006, liblnk_location_information_read_data in liblnk_location_information.c has a heap-based buffer over-read because an incorrect variable name is used for a certain offset. NOTE: the vendor has disputed this as described in the GitHub issue. |
|
11 |
CVE-2019-17263 |
125 |
|
|
2019-10-06 |
2019-10-14 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
** DISPUTED ** In libyal libfwsi before 20191006, libfwsi_extension_block_copy_from_byte_stream in libfwsi_extension_block.c has a heap-based buffer over-read because rejection of an unsupported size only considers values less than 6, even though values of 6 and 7 are also unsupported. NOTE: the vendor has disputed this as described in the GitHub issue. |
|
12 |
CVE-2019-17040 |
125 |
|
|
2019-09-30 |
2019-10-07 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
contrib/pmdb2diag/pmdb2diag.c in Rsyslog v8.1908.0 allows out-of-bounds access because the level length is mishandled. |
|
13 |
CVE-2019-16748 |
125 |
|
|
2019-09-24 |
2019-09-24 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
In wolfSSL through 4.1.0, there is a missing sanity check of memory accesses in parsing ASN.1 certificate data while handshaking. Specifically, there is a one-byte heap-based buffer over-read in CheckCertSignature_ex in wolfcrypt/src/asn.c. |
|
14 |
CVE-2019-16705 |
125 |
|
|
2019-09-23 |
2019-09-23 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
Ming (aka libming) 0.4.8 has an out of bounds read vulnerability in the function OpCode() in the decompile.c file in libutil.a. |
|
15 |
CVE-2019-16411 |
125 |
|
|
2019-09-24 |
2019-10-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in Suricata 4.1.4. By sending multiple IPv4 packets that have invalid IPv4Options, the function IPV4OptValidateTimestamp in decode-ipv4.c tries to access a memory region that is not allocated. There is a check for o->len < 5 (corresponding to 2 bytes of header and 3 bytes of data). Then, "flag = *(o->data + 3)" places one beyond the 3 bytes, because the code should have been "flag = *(o->data + 1)" instead. |
|
16 |
CVE-2019-16410 |
125 |
|
|
2019-09-24 |
2019-09-25 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
An issue was discovered in Suricata 4.1.4. By sending multiple fragmented IPv4 packets, the function Defrag4Reassemble in defrag.c tries to access a memory region that is not allocated, because of a lack of header_len checking. |
|
17 |
CVE-2019-16249 |
125 |
|
|
2019-09-11 |
2019-09-13 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
OpenCV 4.1.1 has an out-of-bounds read in hal_baseline::v_load in core/hal/intrin_sse.hpp when called from computeSSDMeanNorm in modules/video/src/dis_flow.cpp. |
|
18 |
CVE-2019-16166 |
125 |
|
|
2019-09-09 |
2019-09-10 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
GNU cflow through 1.6 has a heap-based buffer over-read in the nexttoken function in parser.c. |
|
19 |
CVE-2019-16162 |
125 |
|
|
2019-09-09 |
2019-09-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Onigmo through 6.2.0 has an out-of-bounds read in parse_char_class because of missing codepoint validation in regenc.c. |
|
20 |
CVE-2019-16139 |
125 |
|
|
2019-09-09 |
2019-09-09 |
9.0 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Complete |
|
An issue was discovered in the compact_arena crate before 0.4.0 for Rust. Generativity is mishandled, leading to an out-of-bounds write or read. |
|
21 |
CVE-2019-16095 |
125 |
|
|
2019-09-07 |
2019-09-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Symonics libmysofa 0.7 has an invalid read in getDimension in hrtf/reader.c. |
|
22 |
CVE-2019-16094 |
125 |
|
|
2019-09-07 |
2019-09-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Symonics libmysofa 0.7 has an invalid read in readOHDRHeaderMessageDataLayout in hdf/dataobject.c. |
|
23 |
CVE-2019-16091 |
125 |
|
|
2019-09-07 |
2019-09-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Symonics libmysofa 0.7 has an out-of-bounds read in directblockRead in hdf/fractalhead.c. |
|
24 |
CVE-2019-15927 |
125 |
|
|
2019-09-04 |
2019-09-24 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
An issue was discovered in the Linux kernel before 4.20.2. An out-of-bounds access exists in the function build_audio_procunit in the file sound/usb/mixer.c. |
|
25 |
CVE-2019-15926 |
125 |
|
|
2019-09-04 |
2019-09-14 |
9.4 |
None |
Remote |
Low |
Not required |
Complete |
None |
Complete |
|
An issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the functions ath6kl_wmi_pstream_timeout_event_rx and ath6kl_wmi_cac_event_rx in the file drivers/net/wireless/ath/ath6kl/wmi.c. |
|
26 |
CVE-2019-15925 |
125 |
|
|
2019-09-04 |
2019-10-04 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
An issue was discovered in the Linux kernel before 5.2.3. An out of bounds access exists in the function hclge_tm_schd_mode_vnet_base_cfg in the file drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_tm.c. |
|
27 |
CVE-2019-15918 |
125 |
|
|
2019-09-04 |
2019-10-04 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
An issue was discovered in the Linux kernel before 5.0.10. SMB2_negotiate in fs/cifs/smb2pdu.c has an out-of-bounds read because data structures are incompletely updated after a change from smb30 to smb21. |
|
28 |
CVE-2019-15699 |
125 |
|
|
2019-09-24 |
2019-09-25 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
An issue was discovered in app-layer-ssl.c in Suricata 4.1.4. Upon receiving a corrupted SSLv3 (TLS 1.2) packet, the parser function TLSDecodeHSHelloExtensions tries to access a memory region that is not allocated, because the expected length of HSHelloExtensions does not match the real length of the HSHelloExtensions part of the packet. |
|
29 |
CVE-2019-15666 |
125 |
|
DoS |
2019-08-27 |
2019-09-14 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
An issue was discovered in the Linux kernel before 5.0.19. There is an out-of-bounds array access in __xfrm_policy_unlink, which will cause denial of service, because verify_newpolicy_info in net/xfrm/xfrm_user.c mishandles directory validation. |
|
30 |
CVE-2019-15651 |
125 |
|
|
2019-08-26 |
2019-09-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
wolfSSL 4.1.0 has a one-byte heap-based buffer over-read in DecodeCertExtensions in wolfcrypt/src/asn.c because reading the ASN_BOOLEAN byte is mishandled for a crafted DER certificate in GetLength_ex. |
|
31 |
CVE-2019-15550 |
125 |
|
|
2019-08-26 |
2019-09-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
An issue was discovered in the simd-json crate before 0.1.15 for Rust. There is an out-of-bounds read and an incorrect crossing of a page boundary. |
|
32 |
CVE-2019-15531 |
125 |
|
|
2019-08-23 |
2019-08-30 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
GNU Libextractor through 1.9 has a heap-based buffer over-read in the function EXTRACTOR_dvi_extract_method in plugins/dvi_extractor.c. |
|
33 |
CVE-2019-15505 |
125 |
|
|
2019-08-23 |
2019-09-04 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
drivers/media/usb/dvb-usb/technisat-usb2.c in the Linux kernel through 5.2.9 has an out-of-bounds read via crafted USB device traffic (which may be remote via usbip or usbredir). |
|
34 |
CVE-2019-15147 |
125 |
|
|
2019-08-18 |
2019-08-22 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
GoPro GPMF-parser 1.2.2 has an out-of-bounds read and SEGV in GPMF_Next in GPMF_parser.c. |
|
35 |
CVE-2019-15146 |
125 |
|
|
2019-08-18 |
2019-08-22 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
GoPro GPMF-parser 1.2.2 has a heap-based buffer over-read (4 bytes) in GPMF_Next in GPMF_parser.c. |
|
36 |
CVE-2019-15145 |
125 |
|
|
2019-08-18 |
2019-08-30 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
DjVuLibre 3.5.27 allows attackers to cause a denial-of-service attack (application crash via an out-of-bounds read) by crafting a corrupted JB2 image file that is mishandled in JB2Dict::JB2Codec::get_direct_context in libdjvu/JB2Image.h because of a missing zero-bytes check in libdjvu/GBitmap.h. |
|
37 |
CVE-2019-15141 |
125 |
|
|
2019-08-18 |
2019-08-22 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
WriteTIFFImage in coders/tiff.c in ImageMagick 7.0.8-43 Q16 allows attackers to cause a denial-of-service (application crash resulting from a heap-based buffer over-read) via a crafted TIFF image file, related to TIFFRewriteDirectory, TIFFWriteDirectory, TIFFWriteDirectorySec, and TIFFWriteDirectoryTagColormap in tif_dirwrite.c of LibTIFF. NOTE: this occurs because of an incomplete fix for CVE-2019-11597. |
|
38 |
CVE-2019-15139 |
125 |
|
|
2019-08-18 |
2019-08-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The XWD image (X Window System window dumping file) parsing component in ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (application crash resulting from an out-of-bounds Read) in ReadXWDImage in coders/xwd.c by crafting a corrupted XWD image file, a different vulnerability than CVE-2019-11472. |
|
39 |
CVE-2019-15090 |
125 |
|
|
2019-08-15 |
2019-09-02 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in drivers/scsi/qedi/qedi_dbg.c in the Linux kernel before 5.1.12. In the qedi_dbg_* family of functions, there is an out-of-bounds read. |
|
40 |
CVE-2019-15050 |
125 |
|
|
2019-08-14 |
2019-08-19 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the AP4_AvccAtom class at Core/Ap4AvccAtom.cpp. |
|
41 |
CVE-2019-15049 |
125 |
|
|
2019-08-14 |
2019-08-16 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the AP4_Dec3Atom class at Core/Ap4Dec3Atom.cpp. |
|
42 |
CVE-2019-15047 |
125 |
|
|
2019-08-14 |
2019-08-16 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the function AP4_BitReader::SkipBits at Core/Ap4Utils.cpp. |
|
43 |
CVE-2019-15026 |
125 |
|
|
2019-08-30 |
2019-09-07 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
memcached 1.5.16, when UNIX sockets are used, has a stack-based buffer over-read in conn_to_str in memcached.c. |
|
44 |
CVE-2019-14975 |
125 |
|
|
2019-08-14 |
2019-08-26 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
None |
Partial |
|
Artifex MuPDF before 1.16.0 has a heap-based buffer over-read in fz_chartorune in fitz/string.c because pdf/pdf-op-filter.c does not check for a missing string. |
|
45 |
CVE-2019-14776 |
125 |
|
|
2019-08-29 |
2019-09-06 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A heap-based buffer over-read exists in DemuxInit() in demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1 via a crafted .mkv file. |
|
46 |
CVE-2019-14531 |
125 |
|
|
2019-08-02 |
2019-08-12 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in The Sleuth Kit (TSK) 4.6.6. There is an out of bounds read on iso9660 while parsing System Use Sharing Protocol data in fs/iso9660.c. |
|
47 |
CVE-2019-14492 |
125 |
|
DoS |
2019-08-01 |
2019-08-09 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1. There is an out of bounds read/write in the function HaarEvaluator::OptFeature::calc in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service. |
|
48 |
CVE-2019-14491 |
125 |
|
DoS |
2019-08-01 |
2019-08-09 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1. There is an out of bounds read in the function cv::predictOrdered<cv::HaarEvaluator> in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service. |
|
49 |
CVE-2019-14463 |
125 |
|
|
2019-07-31 |
2019-08-24 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in libmodbus before 3.0.7 and 3.1.x before 3.1.5. There is an out-of-bounds read for the MODBUS_FC_WRITE_MULTIPLE_REGISTERS case, aka VD-1301. |
|
50 |
CVE-2019-14462 |
125 |
|
|
2019-07-31 |
2019-08-24 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in libmodbus before 3.0.7 and 3.1.x before 3.1.5. There is an out-of-bounds read for the MODBUS_FC_WRITE_MULTIPLE_COILS case, aka VD-1302. |
