CVE-2019-10894
- EPSS 5.59%
- Veröffentlicht 09.04.2019 04:29:00
- Zuletzt bearbeitet 21.11.2024 04:20:04
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the GSS-API dissector could crash. This was addressed in epan/dissectors/packet-gssapi.c by ensuring that a valid dissector is called.
CVE-2019-0816
- EPSS 1.4%
- Veröffentlicht 09.04.2019 03:29:00
- Zuletzt bearbeitet 21.11.2024 04:17:19
A security feature bypass exists in Azure SSH Keypairs, due to a change in the provisioning logic for some Linux images that use cloud-init, aka 'Azure SSH Keypairs Security Feature Bypass Vulnerability'.
CVE-2019-0211
- EPSS 65.01%
- Veröffentlicht 08.04.2019 22:29:00
- Zuletzt bearbeitet 27.10.2025 17:37:51
In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with...
CVE-2019-0217
- EPSS 17.67%
- Veröffentlicht 08.04.2019 21:29:00
- Zuletzt bearbeitet 21.11.2024 04:16:30
In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in mod_auth_digest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictio...
CVE-2019-11007
- EPSS 1.97%
- Veröffentlicht 08.04.2019 19:29:05
- Zuletzt bearbeitet 21.11.2024 04:20:20
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the ReadMNGImage function of coders/png.c, which allows attackers to cause a denial of service or information disclosure via an image colormap.
CVE-2019-11008
- EPSS 3.77%
- Veröffentlicht 08.04.2019 19:29:05
- Zuletzt bearbeitet 21.11.2024 04:20:20
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer overflow in the function WriteXWDImage of coders/xwd.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact ...
CVE-2019-10906
- EPSS 3.6%
- Veröffentlicht 07.04.2019 00:29:00
- Zuletzt bearbeitet 21.11.2024 04:20:06
In Pallets Jinja before 2.10.1, str.format_map allows a sandbox escape.
CVE-2018-3979
- EPSS 1.44%
- Veröffentlicht 01.04.2019 21:30:43
- Zuletzt bearbeitet 21.11.2024 04:06:25
A remote denial-of-service vulnerability exists in the way the Nouveau Display Driver (the default Ubuntu Nvidia display driver) handles GPU shader execution. A specially crafted pixel shader can cause remote denial-of-service issues. An attacker can...
CVE-2019-8956
- EPSS 1.13%
- Veröffentlicht 01.04.2019 19:29:01
- Zuletzt bearbeitet 21.11.2024 04:50:44
In the Linux Kernel before versions 4.20.8 and 4.19.21 a use-after-free error in the "sctp_sendmsg()" function (net/sctp/socket.c) when handling SCTP_SENDALL flag can be exploited to corrupt memory.
CVE-2019-10649
- EPSS 1.74%
- Veröffentlicht 30.03.2019 14:29:00
- Zuletzt bearbeitet 21.11.2024 04:19:40
In ImageMagick 7.0.8-36 Q16, there is a memory leak in the function SVGKeyValuePairs of coders/svg.c, which allows an attacker to cause a denial of service via a crafted image file.