CVE-2019-11484
- EPSS 0.43%
- Veröffentlicht 08.02.2020 05:15:13
- Zuletzt bearbeitet 21.11.2024 04:21:10
Kevin Backhouse discovered an integer overflow in bson_ensure_space, as used in whoopsie.
CVE-2019-11485
- EPSS 0.26%
- Veröffentlicht 08.02.2020 05:15:13
- Zuletzt bearbeitet 21.11.2024 04:21:10
Sander Bos discovered Apport's lock file was in a world-writable directory which allowed all users to prevent crash handling.
CVE-2019-11481
- EPSS 0.44%
- Veröffentlicht 08.02.2020 05:15:12
- Zuletzt bearbeitet 21.11.2024 04:21:10
Kevin Backhouse discovered that apport would read a user-supplied configuration file with elevated privileges. By replacing the file with a symbolic link, a user could get apport to read any file on the system as root, with unknown consequences.
CVE-2020-1700
- EPSS 2.49%
- Veröffentlicht 07.02.2020 21:15:10
- Zuletzt bearbeitet 21.11.2024 05:11:11
A flaw was found in the way the Ceph RGW Beast front-end handles unexpected disconnects. An authenticated attacker can abuse this flaw by making multiple disconnect attempts resulting in a permanent leak of a socket connection by radosgw. This flaw c...
CVE-2014-1958
- EPSS 3.54%
- Veröffentlicht 06.02.2020 15:15:10
- Zuletzt bearbeitet 21.11.2024 02:05:21
Buffer overflow in the DecodePSDPixels function in coders/psd.c in ImageMagick before 6.8.8-5 might allow remote attackers to execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-2030.
CVE-2014-2030
- EPSS 11.06%
- Veröffentlicht 06.02.2020 15:15:10
- Zuletzt bearbeitet 21.11.2024 02:05:29
Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick, possibly 6.8.8-5, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PSD image, involving the L%06ld...
CVE-2016-9928
- EPSS 4.51%
- Veröffentlicht 06.02.2020 14:15:10
- Zuletzt bearbeitet 21.11.2024 03:02:01
MCabber before 1.0.4 is vulnerable to roster push attacks, which allows remote attackers to intercept communications, or add themselves as an entity on a 3rd party's roster as another user, which will also garner associated privileges, via crafted XM...
CVE-2020-8648
- EPSS 0.66%
- Veröffentlicht 06.02.2020 01:15:10
- Zuletzt bearbeitet 21.11.2024 05:39:11
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.
CVE-2020-3123
- EPSS 2.6%
- Veröffentlicht 05.02.2020 18:15:11
- Zuletzt bearbeitet 21.11.2024 05:30:22
A vulnerability in the Data-Loss-Prevention (DLP) module in Clam AntiVirus (ClamAV) Software versions 0.102.1 and 0.102.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability ...
CVE-2019-12528
- EPSS 10.49%
- Veröffentlicht 04.02.2020 21:15:10
- Zuletzt bearbeitet 21.11.2024 04:23:02
An issue was discovered in Squid before 4.10. It allows a crafted FTP server to trigger disclosure of sensitive information from heap memory, such as information associated with other users' sessions or non-Squid processes.