|
223421
|
9.8 |
CRITICAL
Network
|
denx
|
u-boot
|
An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_lookup_reply.
|
CWE-787
Out-of-bounds Write
|
CVE-2019-14196
|
2024-11-21 13:26 |
2019-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223422
|
9.8 |
CRITICAL
Network
|
denx
|
u-boot
|
An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with unvalidated length at nfs_readlink_reply in the "else" block after calculating the new path length.
|
CWE-787
Out-of-bounds Write
|
CVE-2019-14195
|
2024-11-21 13:26 |
2019-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223423
|
9.8 |
CRITICAL
Network
|
denx
|
u-boot
|
An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_read_reply when calling store_block in the NFSv2 case.
|
CWE-787
Out-of-bounds Write
|
CVE-2019-14194
|
2024-11-21 13:26 |
2019-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223424
|
9.8 |
CRITICAL
Network
|
denx
|
u-boot
|
An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with an unvalidated length at nfs_readlink_reply, in the "if" block after calculating the new path length.
|
CWE-787
Out-of-bounds Write
|
CVE-2019-14193
|
2024-11-21 13:26 |
2019-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223425
|
9.8 |
CRITICAL
Network
|
denx
|
u-boot
|
An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a net_process_received_packet integer underflow during an nc_input_packet call.
|
CWE-787
CWE-191
Out-of-bounds Write
Integer Underflow (Wrap or Wraparound)
|
CVE-2019-14192
|
2024-11-21 13:26 |
2019-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223426
|
7.5 |
HIGH
Network
|
sigil-ebook
flightcrew_project
canonical
|
sigil
flightcrew
ubuntu_linux
|
Sigil before 0.9.16 is vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in a ZIP archive entry that is mishandled during extraction.
|
CWE-22
Path Traversal
|
CVE-2019-14452
|
2024-11-21 13:26 |
2019-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223427
|
6.5 |
MEDIUM
Network
|
openmpt
opensuse
|
libopenmpt
leap
|
J2B in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs.
|
CWE-617
Reachable Assertion
|
CVE-2019-14383
|
2024-11-21 13:26 |
2019-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223428
|
6.5 |
MEDIUM
Network
|
openmpt
|
libopenmpt
|
DSM in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs.
|
CWE-617
Reachable Assertion
|
CVE-2019-14382
|
2024-11-21 13:26 |
2019-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223429
|
6.5 |
MEDIUM
Network
|
openmpt
debian
|
libopenmpt
debian_linux
|
libopenmpt before 0.4.5 allows a crash during playback due to an out-of-bounds read in XM and MT2 files.
|
CWE-125
Out-of-bounds Read
|
CVE-2019-14380
|
2024-11-21 13:26 |
2019-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223430
|
9.8 |
CRITICAL
Network
|
10web
|
photo_gallery
|
A SQL injection vulnerability exists in the 10Web Photo Gallery plugin before 1.5.31 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQ…
|
CWE-89
SQL Injection
|
CVE-2019-14313
|
2024-11-21 13:26 |
2019-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
