CVE-2019-19004
- EPSS 1.02%
- Veröffentlicht 11.02.2021 21:15:12
- Zuletzt bearbeitet 21.11.2024 04:33:58
A biWidth*biBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image.
CVE-2019-19005
- EPSS 0.97%
- Veröffentlicht 11.02.2021 21:15:12
- Zuletzt bearbeitet 21.11.2024 04:33:58
A bitmap double free in main.c in autotrace 0.31.1 allows attackers to cause an unspecified impact via a malformed bitmap image. This may occur after the use-after-free in CVE-2017-9182.
CVE-2021-22880
- EPSS 4.43%
- Veröffentlicht 11.02.2021 18:15:17
- Zuletzt bearbeitet 21.11.2024 05:50:49
The PostgreSQL adapter in Active Record before 6.1.2.1, 6.0.3.5, 5.2.4.5 suffers from a regular expression denial of service (REDoS) vulnerability. Carefully crafted input can cause the input validation in the `money` type of the PostgreSQL adapter i...
CVE-2021-22881
- EPSS 87.3%
- Veröffentlicht 11.02.2021 18:15:17
- Zuletzt bearbeitet 21.11.2024 05:50:49
The Host Authorization middleware in Action Pack before 6.1.2.1, 6.0.3.5 suffers from an open redirect vulnerability. Specially crafted `Host` headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in A...
CVE-2020-35498
- EPSS 8.03%
- Veröffentlicht 11.02.2021 18:15:15
- Zuletzt bearbeitet 23.04.2025 20:15:20
A vulnerability was found in openvswitch. A limitation in the implementation of userspace packet parsing can allow a malicious user to send a specially crafted packet causing the resulting megaflow in the kernel to be too wide, potentially causing a ...
CVE-2020-13578
- EPSS 3.02%
- Veröffentlicht 10.02.2021 20:15:15
- Zuletzt bearbeitet 21.11.2024 05:01:32
A denial-of-service vulnerability exists in the WS-Security plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability.
CVE-2020-13574
- EPSS 3.02%
- Veröffentlicht 10.02.2021 20:15:14
- Zuletzt bearbeitet 21.11.2024 05:01:31
A denial-of-service vulnerability exists in the WS-Security plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability.
- EPSS 2.27%
- Veröffentlicht 10.02.2021 20:15:14
- Zuletzt bearbeitet 21.11.2024 05:01:31
A denial-of-service vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability.
CVE-2020-13576
- EPSS 5.86%
- Veröffentlicht 10.02.2021 20:15:14
- Zuletzt bearbeitet 21.11.2024 05:01:32
A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability.
CVE-2020-13577
- EPSS 3.02%
- Veröffentlicht 10.02.2021 20:15:14
- Zuletzt bearbeitet 21.11.2024 05:01:32
A denial-of-service vulnerability exists in the WS-Security plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability.