CVE-2019-11596
- EPSS 2.96%
- Veröffentlicht 29.04.2019 15:29:00
- Zuletzt bearbeitet 21.11.2024 04:21:24
In memcached before 1.5.14, a NULL pointer dereference was found in the "lru mode" and "lru temp_ttl" commands. This causes a denial of service when parsing crafted lru command messages in process_lru_command in memcached.c.
CVE-2019-3843
- EPSS 0.91%
- Veröffentlicht 26.04.2019 21:29:00
- Zuletzt bearbeitet 21.11.2024 04:42:41
It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access res...
CVE-2019-3844
- EPSS 0.89%
- Veröffentlicht 26.04.2019 21:29:00
- Zuletzt bearbeitet 21.11.2024 04:42:41
It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker...
CVE-2019-3900
- EPSS 4.43%
- Veröffentlicht 25.04.2019 15:29:00
- Zuletzt bearbeitet 21.11.2024 04:42:49
An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets faster than the other end can process them. A guest ...
CVE-2019-11506
- EPSS 2.56%
- Veröffentlicht 24.04.2019 21:29:01
- Zuletzt bearbeitet 21.11.2024 04:21:13
In GraphicsMagick from version 1.3.30 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WriteMATLABImage of coders/mat.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact...
CVE-2019-11505
- EPSS 2.85%
- Veröffentlicht 24.04.2019 21:29:00
- Zuletzt bearbeitet 21.11.2024 04:21:13
In GraphicsMagick from version 1.3.8 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WritePDBImage of coders/pdb.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via...
CVE-2019-3882
- EPSS 0.54%
- Veröffentlicht 24.04.2019 16:29:02
- Zuletzt bearbeitet 21.11.2024 04:42:47
A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of th...
CVE-2019-9928
- EPSS 5.96%
- Veröffentlicht 24.04.2019 15:29:02
- Zuletzt bearbeitet 17.03.2026 15:52:33
GStreamer before 1.16.0 has a heap-based buffer overflow in the RTSP connection parser via a crafted response from a server, potentially allowing remote code execution.
CVE-2019-11498
- EPSS 3.04%
- Veröffentlicht 24.04.2019 05:29:00
- Zuletzt bearbeitet 21.11.2024 04:21:12
WavpackSetConfiguration64 in pack_utils.c in libwavpack.a in WavPack through 5.1.0 has a "Conditional jump or move depends on uninitialised value" condition, which might allow attackers to cause a denial of service (application crash) via a DFF file ...
CVE-2019-11487
- EPSS 0.71%
- Veröffentlicht 23.04.2019 22:29:05
- Zuletzt bearbeitet 21.11.2024 04:21:11
The Linux kernel before 5.1-rc5 allows page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs...