CVE-2019-9640
- EPSS 6.18%
- Veröffentlicht 09.03.2019 00:29:00
- Zuletzt bearbeitet 21.11.2024 04:52:01
An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an Invalid Read in exif_process_SOFn.
CVE-2019-9641
- EPSS 9.4%
- Veröffentlicht 09.03.2019 00:29:00
- Zuletzt bearbeitet 21.11.2024 04:52:02
An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_TIFF.
CVE-2019-9636
- EPSS 8.81%
- Veröffentlicht 08.03.2019 21:29:00
- Zuletzt bearbeitet 21.11.2024 04:52:01
Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding (with an incorrect netloc) during NFKC normalization. The impact is: Information disclosure (credentials, cookies, etc. that are cached against a ...
CVE-2019-7175
- EPSS 2.94%
- Veröffentlicht 07.03.2019 23:29:01
- Zuletzt bearbeitet 21.11.2024 04:47:43
In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c.
CVE-2019-3824
- EPSS 2.82%
- Veröffentlicht 06.03.2019 15:29:00
- Zuletzt bearbeitet 21.11.2024 04:42:37
A flaw was found in the way an LDAP search expression could crash the shared LDAP server process of a samba AD DC in samba before version 4.10. An authenticated user, having read permissions on the LDAP server, could use this flaw to cause denial of ...
CVE-2019-9213
- EPSS 5.67%
- Veröffentlicht 05.03.2019 22:29:00
- Zuletzt bearbeitet 21.11.2024 04:51:13
In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check...
CVE-2019-6212
- EPSS 1.86%
- Veröffentlicht 05.03.2019 16:29:01
- Zuletzt bearbeitet 21.11.2024 04:46:14
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to ...
CVE-2019-6215
- EPSS 9.76%
- Veröffentlicht 05.03.2019 16:29:01
- Zuletzt bearbeitet 21.11.2024 04:46:14
A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary co...
CVE-2018-12399
- EPSS 1.36%
- Veröffentlicht 28.02.2019 18:29:01
- Zuletzt bearbeitet 21.11.2024 03:45:08
When a new protocol handler is registered, the API accepts a title argument which can be used to mislead users about which domain is registering the new protocol. This may result in the user approving a protocol handler that they otherwise would not ...
CVE-2018-12401
- EPSS 2.29%
- Veröffentlicht 28.02.2019 18:29:01
- Zuletzt bearbeitet 21.11.2024 03:45:08
Some special resource URIs will cause a non-exploitable crash if loaded with optional parameters following a '?' in the parsed string. This could lead to denial of service (DOS) attacks. This vulnerability affects Firefox < 63.