CVE-2019-12527
- EPSS 50.45%
- Veröffentlicht 11.07.2019 19:15:13
- Zuletzt bearbeitet 21.11.2024 04:23:02
An issue was discovered in Squid 4.0.23 through 4.7. When checking Basic Authentication with HttpHeader::getAuth, Squid uses a global buffer to store the decoded data. Squid does not check that the decoded length isn't greater than the buffer, leadin...
CVE-2019-12529
- EPSS 8.09%
- Veröffentlicht 11.07.2019 19:15:13
- Zuletzt bearbeitet 21.11.2024 04:23:02
An issue was discovered in Squid 2.x through 2.7.STABLE9, 3.x through 3.5.28, and 4.x through 4.7. When Squid is configured to use Basic Authentication, the Proxy-Authorization header is parsed via uudecode. uudecode determines how many bytes will be...
CVE-2019-10192
- EPSS 26.05%
- Veröffentlicht 11.07.2019 19:15:12
- Zuletzt bearbeitet 21.11.2024 04:18:37
A heap-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By carefully corrupting a hyperloglog using the SETRANGE command, an attacker could trick Redis...
CVE-2019-10193
- EPSS 23.7%
- Veröffentlicht 11.07.2019 19:15:12
- Zuletzt bearbeitet 21.11.2024 04:18:37
A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By corrupting a hyperloglog using the SETRANGE command, an attacker could cause Redis to perfo...
CVE-2019-13132
- EPSS 42.46%
- Veröffentlicht 10.07.2019 19:15:10
- Zuletzt bearbeitet 21.11.2024 04:24:15
In ZeroMQ libzmq before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.3.2, a remote, unauthenticated client connecting to a libzmq application, running with a socket listening with CURVE encryption/authentication enabled, may cause a stack overflow a...
CVE-2019-13224
- EPSS 4.05%
- Veröffentlicht 10.07.2019 14:15:11
- Zuletzt bearbeitet 21.11.2024 04:24:29
A use-after-free in onig_new_deluxe() in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair o...
CVE-2019-13454
- EPSS 4.35%
- Veröffentlicht 09.07.2019 17:15:11
- Zuletzt bearbeitet 11.07.2025 20:05:48
ImageMagick 7.0.1-0 to 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c.
CVE-2019-13297
- EPSS 3.13%
- Veröffentlicht 05.07.2019 01:15:10
- Zuletzt bearbeitet 21.11.2024 04:24:39
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled.
CVE-2019-13300
- EPSS 3.17%
- Veröffentlicht 05.07.2019 01:15:10
- Zuletzt bearbeitet 21.11.2024 04:24:39
ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns.
CVE-2019-13301
- EPSS 2.7%
- Veröffentlicht 05.07.2019 01:15:10
- Zuletzt bearbeitet 21.11.2024 04:24:39
ImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory because of an AnnotateImage error.