|
223911
|
7.5 |
HIGH
Network
|
chacha20_project
|
chacha20
|
An issue was discovered in the chacha20 crate before 0.2.3 for Rust. A ChaCha20 counter overflow makes it easier for attackers to determine plaintext.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2019-25005
|
2024-11-21 13:39 |
2020-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223912
|
9.8 |
CRITICAL
Network
|
google
|
flatbuffers
|
An issue was discovered in the flatbuffers crate before 0.6.1 for Rust. Arbitrary bytes can be reinterpreted as a bool, defeating soundness.
|
NVD-CWE-noinfo
|
CVE-2019-25004
|
2024-11-21 13:39 |
2020-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223913
|
7.5 |
HIGH
Network
|
parity
|
libsecp256k1
|
An issue was discovered in the libsecp256k1 crate before 0.3.1 for Rust. Scalar::check_overflow allows a timing side-channel attack; consequently, attackers can obtain sensitive information.
|
NVD-CWE-Other
|
CVE-2019-25003
|
2024-11-21 13:39 |
2020-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223914
|
9.8 |
CRITICAL
Network
|
sodiumoxide_project
|
sodiumoxide
|
An issue was discovered in the sodiumoxide crate before 0.2.5 for Rust. generichash::Digest::eq compares itself to itself and thus has degenerate security properties.
|
NVD-CWE-noinfo
|
CVE-2019-25002
|
2024-11-21 13:39 |
2020-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223915
|
7.5 |
HIGH
Network
|
serde_cbor_project
|
serde_cbor
|
An issue was discovered in the serde_cbor crate before 0.10.2 for Rust. The CBOR deserializer can cause stack consumption via nested semantic tags.
|
CWE-787
Out-of-bounds Write
|
CVE-2019-25001
|
2024-11-21 13:39 |
2020-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223916
|
6.5 |
MEDIUM
Local
|
qemu
|
qemu
|
In QEMU 4.1.0, an out-of-bounds read flaw was found in the ATI VGA implementation. It occurs in the ati_cursor_define() routine while handling MMIO write operations through the ati_mm_write() callbac…
|
CWE-125
Out-of-bounds Read
|
CVE-2019-20808
|
2024-11-21 13:39 |
2020-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223917
|
5.3 |
MEDIUM
Local
|
linux
|
linux_kernel
|
An issue was discovered in the Linux kernel before 5.2.6. On NUMA systems, the Linux fair scheduler has a use-after-free in show_numa_stats() because NUMA fault statistics are inappropriately freed, …
|
CWE-416
Use After Free
|
CVE-2019-20934
|
2024-11-21 13:39 |
2020-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223918
|
7.5 |
HIGH
Network
|
mongodb
|
mongodb
|
An unauthenticated client can trigger denial of service by issuing specially crafted wire protocol messages, which cause the message decompressor to incorrectly allocate memory. This issue affects Mo…
|
CWE-697
Incorrect Comparison
|
CVE-2019-20925
|
2024-11-21 13:39 |
2020-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223919
|
6.5 |
MEDIUM
Network
|
mongodb
|
mongodb
|
A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries which trigger an invariant in the IndexBoundsBuilder. This issue affects MongoDB Serve…
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2019-20924
|
2024-11-21 13:39 |
2020-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223920
|
6.5 |
MEDIUM
Network
|
mongodb
|
mongodb
|
A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which throw unhandled Javascript exceptions containing types intended to be scoped to…
|
NVD-CWE-Other
|
CVE-2019-20923
|
2024-11-21 13:39 |
2020-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
