CVE-2019-5188
- EPSS 1.03%
- Veröffentlicht 08.01.2020 16:15:11
- Zuletzt bearbeitet 21.11.2024 04:44:31
A code execution vulnerability exists in the directory rehashing functionality of E2fsprogs e2fsck 1.45.4. A specially crafted ext4 directory can cause an out-of-bounds write on the stack, resulting in code execution. An attacker can corrupt a partit...
CVE-2019-19911
- EPSS 2.12%
- Veröffentlicht 05.01.2020 22:15:11
- Zuletzt bearbeitet 21.11.2024 04:35:38
There is a DoS vulnerability in Pillow before 6.2.2 caused by FpxImagePlugin.py calling the range function on an unvalidated 32-bit integer if the number of bands is large. On Windows running 32-bit Python, this results in an OverflowError or MemoryE...
CVE-2019-19959
- EPSS 3.24%
- Veröffentlicht 03.01.2020 22:15:12
- Zuletzt bearbeitet 21.11.2024 04:35:44
ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames, leading to a memory-management error that can be detected by (for example) valgrind.
CVE-2020-5310
- EPSS 1.98%
- Veröffentlicht 03.01.2020 01:15:11
- Zuletzt bearbeitet 21.11.2024 05:33:53
libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc.
CVE-2020-5311
- EPSS 4.21%
- Veröffentlicht 03.01.2020 01:15:11
- Zuletzt bearbeitet 21.11.2024 05:33:53
libImaging/SgiRleDecode.c in Pillow before 6.2.2 has an SGI buffer overflow.
CVE-2020-5312
- EPSS 3.69%
- Veröffentlicht 03.01.2020 01:15:11
- Zuletzt bearbeitet 21.11.2024 05:33:53
libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow.
CVE-2020-5313
- EPSS 2.75%
- Veröffentlicht 03.01.2020 01:15:11
- Zuletzt bearbeitet 21.11.2024 05:33:53
libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow.
CVE-2013-4532
- EPSS 0.47%
- Veröffentlicht 02.01.2020 16:15:11
- Zuletzt bearbeitet 21.11.2024 01:55:45
Qemu 1.1.2+dfsg to 2.1+dfsg suffers from a buffer overrun which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process.
CVE-2019-20218
- EPSS 3.62%
- Veröffentlicht 02.01.2020 14:16:36
- Zuletzt bearbeitet 21.11.2024 04:38:13
selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error.
CVE-2013-4357
- EPSS 3.23%
- Veröffentlicht 31.12.2019 19:15:10
- Zuletzt bearbeitet 21.11.2024 01:55:25
The eglibc package before 2.14 incorrectly handled the getaddrinfo() function. An attacker could use this issue to cause a denial of service.