CVE-2019-3857
- EPSS 6.13%
- Veröffentlicht 25.03.2019 19:29:01
- Zuletzt bearbeitet 21.11.2024 04:42:43
An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execut...
CVE-2019-9948
- EPSS 11.84%
- Veröffentlicht 23.03.2019 18:29:02
- Zuletzt bearbeitet 21.11.2024 04:52:39
urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen('local_file:///etc/passwd') call...
CVE-2019-3855
- EPSS 9.22%
- Veröffentlicht 21.03.2019 21:29:00
- Zuletzt bearbeitet 21.11.2024 04:42:43
An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system wh...
CVE-2019-3858
- EPSS 6.45%
- Veröffentlicht 21.03.2019 21:29:00
- Zuletzt bearbeitet 21.11.2024 04:42:43
An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client mem...
CVE-2019-3871
- EPSS 12.86%
- Veröffentlicht 21.03.2019 21:29:00
- Zuletzt bearbeitet 21.11.2024 04:42:45
A vulnerability was found in PowerDNS Authoritative Server before 4.0.7 and before 4.1.7. An insufficient validation of data coming from the user when building a HTTP request from a DNS query in the HTTP Connector of the Remote backend, allowing a re...
CVE-2019-9903
- EPSS 2.25%
- Veröffentlicht 21.03.2019 18:29:00
- Zuletzt bearbeitet 21.11.2024 04:52:32
PDFDoc::markObject in PDFDoc.cc in Poppler 0.74.0 mishandles dict marking, leading to stack consumption in the function Dict::find() located at Dict.cc, which can (for example) be triggered by passing a crafted pdf file to the pdfunite binary.
CVE-2019-9894
- EPSS 2.45%
- Veröffentlicht 21.03.2019 16:01:17
- Zuletzt bearbeitet 21.11.2024 04:52:31
A remotely triggerable memory overwrite in RSA key exchange in PuTTY before 0.71 can occur before host key verification.
CVE-2019-9895
- EPSS 2.57%
- Veröffentlicht 21.03.2019 16:01:17
- Zuletzt bearbeitet 21.11.2024 04:52:31
In PuTTY versions before 0.71 on Unix, a remotely triggerable buffer overflow exists in any kind of server-to-client forwarding.
CVE-2019-9897
- EPSS 3.02%
- Veröffentlicht 21.03.2019 16:01:17
- Zuletzt bearbeitet 21.11.2024 04:52:31
Multiple denial-of-service attacks that can be triggered by writing to the terminal exist in PuTTY versions before 0.71.
CVE-2019-9898
- EPSS 3.94%
- Veröffentlicht 21.03.2019 16:01:17
- Zuletzt bearbeitet 21.11.2024 04:52:32
Potential recycling of random numbers used in cryptography exists within PuTTY before 0.71.