CVE-2019-12450
- EPSS 2.6%
- Veröffentlicht 29.05.2019 17:29:00
- Zuletzt bearbeitet 21.11.2024 04:22:52
file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress. Instead, default permissions are used.
CVE-2019-5436
- EPSS 49.74%
- Veröffentlicht 28.05.2019 19:29:06
- Zuletzt bearbeitet 15.04.2026 21:17:01
A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1.
- EPSS 0.35%
- Veröffentlicht 24.05.2019 17:29:02
- Zuletzt bearbeitet 21.11.2024 04:18:30
It was discovered freeradius up to and including version 3.0.19 does not correctly configure logrotate, allowing a local attacker who already has control of the radiusd user to escalate his privileges to root, by tricking logrotate into writing a rad...
CVE-2019-10132
- EPSS 1.41%
- Veröffentlicht 22.05.2019 18:29:00
- Zuletzt bearbeitet 21.11.2024 04:18:29
A vulnerability was found in libvirt >= 4.1.0 in the virtlockd-admin.socket and virtlogd-admin.socket systemd units. A missing SocketMode configuration parameter allows any user on the host to connect using virtlockd-admin-sock or virtlogd-admin-sock...
CVE-2019-12216
- EPSS 2.21%
- Veröffentlicht 20.05.2019 17:29:17
- Zuletzt bearbeitet 21.11.2024 04:22:26
An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a heap-based buffer overflow in the SDL2_image function IMG_LoadPCX_RW at IMG_pcx.c.
CVE-2019-12221
- EPSS 1.97%
- Veröffentlicht 20.05.2019 17:29:17
- Zuletzt bearbeitet 21.11.2024 04:22:27
An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a SEGV in the SDL function SDL_free_REAL at stdlib/SDL_malloc.c.
CVE-2019-12213
- EPSS 2.2%
- Veröffentlicht 20.05.2019 16:29:01
- Zuletzt bearbeitet 21.11.2024 04:22:26
When FreeImage 3.18.0 reads a special TIFF file, the TIFFReadDirectory function in PluginTIFF.cpp always returns 1, leading to stack exhaustion.
CVE-2019-3839
- EPSS 1.76%
- Veröffentlicht 16.05.2019 19:29:05
- Zuletzt bearbeitet 21.11.2024 04:42:40
It was found that in ghostscript some privileged operators remained accessible from various places after the CVE-2019-6116 fix. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside o...
CVE-2019-12098
- EPSS 1.98%
- Veröffentlicht 15.05.2019 23:29:00
- Zuletzt bearbeitet 15.04.2026 21:17:00
In the client side of Heimdal before 7.6.0, failure to verify anonymous PKINIT PA-PKINIT-KX key exchange permits a man-in-the-middle attack. This issue is in krb5_init_creds_step in lib/krb5/init_creds_pw.c.
CVE-2019-8936
- EPSS 5.73%
- Veröffentlicht 15.05.2019 16:29:01
- Zuletzt bearbeitet 21.11.2024 04:50:41
NTP through 4.2.8p12 has a NULL Pointer Dereference.