CVE-2019-9628
- EPSS 2.05%
- Veröffentlicht 11.04.2019 20:29:00
- Zuletzt bearbeitet 21.11.2024 04:52:00
The XMLTooling library all versions prior to V3.0.4, provided with the OpenSAML and Shibboleth Service Provider software, contains an XML parsing class. Invalid data in the XML declaration causes an exception of a type that was not handled properly i...
CVE-2019-3459
- EPSS 1.83%
- Veröffentlicht 11.04.2019 16:29:02
- Zuletzt bearbeitet 21.11.2024 04:42:05
A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel before 5.1-rc1.
CVE-2019-3460
- EPSS 1.83%
- Veröffentlicht 11.04.2019 16:29:02
- Zuletzt bearbeitet 21.11.2024 04:42:05
A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux kernel before 5.1-rc1.
CVE-2019-11068
- EPSS 5.09%
- Veröffentlicht 10.04.2019 20:29:01
- Zuletzt bearbeitet 28.05.2026 19:16:28
libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is su...
CVE-2019-3887
- EPSS 0.36%
- Veröffentlicht 09.04.2019 16:29:01
- Zuletzt bearbeitet 21.11.2024 04:42:48
A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled. In that, L1 guest could access L0's APIC register values via L2 guest, when 'virtualize x2APIC mode' is enabled....
CVE-2019-10895
- EPSS 5.8%
- Veröffentlicht 09.04.2019 04:29:01
- Zuletzt bearbeitet 21.11.2024 04:20:04
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the NetScaler file parser could crash. This was addressed in wiretap/netscaler.c by improving data validation.
CVE-2019-10896
- EPSS 5.74%
- Veröffentlicht 09.04.2019 04:29:01
- Zuletzt bearbeitet 21.11.2024 04:20:04
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DOF dissector could crash. This was addressed in epan/dissectors/packet-dof.c by properly handling generated IID and OID bytes.
CVE-2019-10899
- EPSS 5.59%
- Veröffentlicht 09.04.2019 04:29:01
- Zuletzt bearbeitet 21.11.2024 04:20:05
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the SRVLOC dissector could crash. This was addressed in epan/dissectors/packet-srvloc.c by preventing a heap-based buffer under-read.
CVE-2019-10901
- EPSS 5.59%
- Veröffentlicht 09.04.2019 04:29:01
- Zuletzt bearbeitet 21.11.2024 04:20:05
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by handling file digests properly.
CVE-2019-10903
- EPSS 5.59%
- Veröffentlicht 09.04.2019 04:29:01
- Zuletzt bearbeitet 21.11.2024 04:20:05
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DCERPC SPOOLSS dissector could crash. This was addressed in epan/dissectors/packet-dcerpc-spoolss.c by adding a boundary check.