xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc->oldNs.
Max CVSS
7.5
EPSS Score
0.44%
Published
2019-12-24
Updated
2021-07-21
pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns.
Max CVSS
9.8
EPSS Score
1.35%
Published
2019-12-09
Updated
2022-04-15
alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements.
Max CVSS
5.5
EPSS Score
0.09%
Published
2019-12-09
Updated
2022-04-15
SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application crash.
Max CVSS
7.5
EPSS Score
0.32%
Published
2019-12-09
Updated
2022-04-15
lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed bitmask in the case of a generated column, which allows attackers to cause a denial of service or possibly have unspecified other impact.
Max CVSS
9.8
EPSS Score
0.22%
Published
2019-12-05
Updated
2022-04-15
In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server.
Max CVSS
8.1
EPSS Score
0.41%
Published
2019-10-21
Updated
2023-09-08
All versions of ONTAP Select Deploy administration utility are susceptible to a vulnerability which when successfully exploited could allow an administrative user to escalate their privileges.
Max CVSS
7.2
EPSS Score
0.10%
Published
2019-11-21
Updated
2021-07-21
In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query planner."
Max CVSS
6.5
EPSS Score
0.41%
Published
2019-09-09
Updated
2023-03-23
In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data.
Max CVSS
5.3
EPSS Score
0.27%
Published
2019-07-01
Updated
2023-04-10
In libssh2 before 1.9.0, kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c has an integer overflow that could lead to an out-of-bounds read in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server. This is related to an _libssh2_check_length mistake, and is different from the various issues fixed in 1.8.1, such as CVE-2019-3855.
Max CVSS
8.1
EPSS Score
0.29%
Published
2019-07-16
Updated
2023-09-08
In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.
Max CVSS
9.8
EPSS Score
0.38%
Published
2019-02-26
Updated
2022-06-13
ONTAP Select Deploy administration utility versions 2.11.2 through 2.12.2 are susceptible to a code injection vulnerability which when successfully exploited could allow an unauthenticated remote attacker to enable and use a privileged user account.
Max CVSS
9.8
EPSS Score
0.31%
Published
2019-11-21
Updated
2020-08-24
ONTAP Select Deploy administration utility versions 2.2 through 2.12.1 transmit credentials in plaintext.
Max CVSS
9.8
EPSS Score
0.22%
Published
2019-09-24
Updated
2021-07-21
ONTAP Select Deploy administration utility versions 2.12 & 2.12.1 ship with an HTTP service bound to the network allowing unauthenticated remote attackers to perform administrative actions.
Max CVSS
9.8
EPSS Score
0.63%
Published
2019-09-24
Updated
2021-07-21
A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error.
Max CVSS
8.8
EPSS Score
0.52%
Published
2019-03-25
Updated
2019-05-14
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
Max CVSS
9.1
EPSS Score
1.45%
Published
2019-03-21
Updated
2019-04-15
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
Max CVSS
9.1
EPSS Score
3.32%
Published
2019-03-25
Updated
2019-04-15
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SFTP packets with empty payloads are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
Max CVSS
9.1
EPSS Score
4.63%
Published
2019-03-25
Updated
2019-04-15
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
Max CVSS
9.1
EPSS Score
2.07%
Published
2019-03-21
Updated
2019-07-25
An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
Max CVSS
9.1
EPSS Score
1.45%
Published
2019-03-21
Updated
2019-04-15
An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.
Max CVSS
8.8
EPSS Score
0.33%
Published
2019-03-25
Updated
2020-10-15
An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 before 1.8.1 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.
Max CVSS
8.8
EPSS Score
0.33%
Published
2019-03-25
Updated
2020-10-15
An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.
Max CVSS
9.3
EPSS Score
1.02%
Published
2019-03-21
Updated
2020-10-15
If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order for this to be exploitable "non-stitched" ciphersuites must be in use. Stitched ciphersuites are optimised implementations of certain commonly used ciphersuites. Also the application must call SSL_shutdown() twice even if a protocol error has occurred (applications should not do this but some do anyway). Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q).
Max CVSS
5.9
EPSS Score
0.81%
Published
2019-02-27
Updated
2022-08-19
In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\227|)(\\1\\1|t1|\\\2537)+' in grep.
Max CVSS
7.5
EPSS Score
0.63%
Published
2019-02-26
Updated
2019-11-05
26 vulnerabilities found
1 2
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!