CVE-2019-17024
- EPSS 2.46%
- Veröffentlicht 08.01.2020 22:15:12
- Zuletzt bearbeitet 21.11.2024 04:31:34
Mozilla developers reported memory safety bugs present in Firefox 71 and Firefox ESR 68.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. T...
CVE-2019-14906
- EPSS 1.75%
- Veröffentlicht 07.01.2020 21:15:10
- Zuletzt bearbeitet 21.11.2024 04:27:39
A flaw was found with the RHSA-2019:3950 erratum, where it did not fix the CVE-2019-13616 SDL vulnerability. This issue only affects Red Hat SDL packages, SDL versions through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow flaw while c...
CVE-2019-14866
- EPSS 0.69%
- Veröffentlicht 07.01.2020 17:15:11
- Zuletzt bearbeitet 21.11.2024 04:27:32
In all versions of cpio before 2.13 does not properly validate input files when generating TAR archives. When cpio is used to create TAR archives from paths an attacker can write to, the resulting archive may contain files with permissions the attack...
CVE-2012-4451
- EPSS 1.37%
- Veröffentlicht 03.01.2020 17:15:11
- Zuletzt bearbeitet 21.11.2024 01:42:55
Multiple cross-site scripting (XSS) vulnerabilities in Zend Framework 2.0.x before 2.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified input to (1) Debug, (2) Feed\PubSubHubbub, (3) Log\Formatter\Xml, (4) Tag\Cloud\Dec...
CVE-2019-14864
- EPSS 1.86%
- Veröffentlicht 02.01.2020 15:15:12
- Zuletzt bearbeitet 21.11.2024 04:27:31
Ansible, versions 2.9.x before 2.9.1, 2.8.x before 2.8.7 and Ansible versions 2.7.x before 2.7.15, is not respecting the flag no_log set it to True when Sumologic and Splunk callback plugins are used send tasks results events to collectors. This woul...
CVE-2011-3585
- EPSS 0.32%
- Veröffentlicht 31.12.2019 20:15:11
- Zuletzt bearbeitet 21.11.2024 01:30:48
Multiple race conditions in the (1) mount.cifs and (2) umount.cifs programs in Samba 3.6 allow local users to cause a denial of service (mounting outage) via a SIGKILL signal during a time window when the /etc/mtab~ file exists.
CVE-2019-18389
- EPSS 0.44%
- Veröffentlicht 23.12.2019 16:15:11
- Zuletzt bearbeitet 21.11.2024 04:33:11
A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service, or QEMU guest-to-host escape and code execution, via VIRGL_CCMD_RESO...
CVE-2019-18390
- EPSS 0.35%
- Veröffentlicht 23.12.2019 16:15:11
- Zuletzt bearbeitet 21.11.2024 04:33:11
An out-of-bounds read in the vrend_blit_need_swizzle function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via VIRGL_CCMD_BLIT commands.
CVE-2019-18391
- EPSS 0.36%
- Veröffentlicht 23.12.2019 16:15:11
- Zuletzt bearbeitet 21.11.2024 04:33:11
A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via VIRGL_CCMD_RESOURCE_INLINE_WRITE commands.
CVE-2019-19340
- EPSS 1.53%
- Veröffentlicht 19.12.2019 21:15:13
- Zuletzt bearbeitet 21.11.2024 04:34:36
A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2 and 3.5.x before 3.5.3, where enabling RabbitMQ manager by setting it with '-e rabbitmq_enable_manager=true' exposes the RabbitMQ management interface publicly, as expected. If the defaul...