|
222971
|
7.8 |
HIGH
Local
|
virustotal
fedoraproject
|
yara
fedora
|
In the macho_parse_file functionality in macho/macho.c of YARA 3.11.0, command_size may be inconsistent with the real size. A specially crafted MachO file can cause an out-of-bounds memory access, re…
|
CWE-125
Out-of-bounds Read
|
CVE-2019-19648
|
2024-11-21 13:35 |
2019-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222972
|
7.8 |
HIGH
Local
|
radare
fedoraproject
|
radare2
fedora
|
radare2 through 4.0.0 lacks validation of the content variable in the function r_asm_pseudo_incbin at libr/asm/asm.c, ultimately leading to an arbitrary write. This allows remote attackers to cause a…
|
CWE-476
NULL Pointer Dereference
|
CVE-2019-19647
|
2024-11-21 13:35 |
2019-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222973
|
8.8 |
HIGH
Network
|
supermicro
|
x8sti-f_bios
x8sti-f_firmware
|
On SuperMicro X8STi-F motherboards with IPMI firmware 2.06 and BIOS 02.68, the Virtual Media feature allows OS Command Injection by authenticated attackers who can send HTTP requests to the IPMI IP a…
|
CWE-78
OS Command
|
CVE-2019-19642
|
2024-11-21 13:35 |
2019-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222974
|
7.8 |
HIGH
Local
|
htmldoc_project
debian
fedoraproject
|
htmldoc
debian_linux
fedora
|
HTMLDOC 1.9.7 allows a stack-based buffer overflow in the hd_strlcpy() function in string.c (when called from render_contents in ps-pdf.cxx) via a crafted HTML document.
|
CWE-787
Out-of-bounds Write
|
CVE-2019-19630
|
2024-11-21 13:35 |
2019-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222975
|
5.3 |
MEDIUM
Network
|
ros
|
sros2
|
SROS 2 0.8.1 (after CVE-2019-19625 is mitigated) leaks ROS 2 node-related information regardless of the rtps_protection_kind configuration. (SROS2 provides the tools to generate and distribute keys f…
|
CWE-200
Information Exposure
|
CVE-2019-19627
|
2024-11-21 13:35 |
2019-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222976
|
5.3 |
MEDIUM
Network
|
ros
|
sros2
|
SROS 2 0.8.1 (which provides the tools that generate and distribute keys for Robot Operating System 2 and uses the underlying security plugins of DDS from ROS 2) leaks node information due to a leaky…
|
CWE-200
Information Exposure
|
CVE-2019-19625
|
2024-11-21 13:35 |
2019-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222977
|
3.3 |
LOW
Local
|
dell
|
red_cloak_windows_agent
|
In SecureWorks Red Cloak Windows Agent before 2.0.7.9, a local user can bypass the generation of telemetry alerts by removing NT AUTHORITY\SYSTEM permissions from a file. This is limited in scope to …
|
CWE-281
Improper Preservation of Permissions
|
CVE-2019-19620
|
2024-11-21 13:35 |
2019-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222978
|
6.5 |
MEDIUM
Network
|
opencv
redhat
|
opencv
enterprise_linux
|
An out-of-bounds read was discovered in OpenCV before 4.1.1. Specifically, variable coarsest_scale is assumed to be greater than or equal to finest_scale within the calc()/ocl_calc() functions in dis…
|
CWE-125
Out-of-bounds Read
|
CVE-2019-19624
|
2024-11-21 13:35 |
2019-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222979
|
6.1 |
MEDIUM
Network
|
documize
|
documize
|
domain/section/markdown/markdown.go in Documize before 3.5.1 mishandles untrusted Markdown content. This was addressed by adding the bluemonday HTML sanitizer to defend against XSS.
|
CWE-79
Cross-site Scripting
|
CVE-2019-19619
|
2024-11-21 13:35 |
2019-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222980
|
9.8 |
CRITICAL
Network
|
phpmyadmin
debian
|
phpmyadmin
debian_linux
|
phpMyAdmin before 4.9.2 does not escape certain Git information, related to libraries/classes/Display/GitRevision.php and libraries/classes/Footer.php.
|
NVD-CWE-noinfo
|
CVE-2019-19617
|
2024-11-21 13:35 |
2019-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
