|
219551
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel before 5.3.4, fib6_rule_lookup in net/ipv6/ip6_fib.c mishandles the RT6_LOOKUP_F_DST_NOREF flag in a reference-count decision, leading to (for example) a crash that was identified…
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2019-20422
|
2024-11-21 13:38 |
2020-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219552
|
7.5 |
HIGH
Network
|
exiv2
canonical
debian
|
exiv2
ubuntu_linux
debian_linux
|
In Jp2Image::readMetadata() in jp2image.cpp in Exiv2 0.27.2, an input file can result in an infinite loop and hang, with high CPU consumption. Remote attackers could leverage this vulnerability to ca…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2019-20421
|
2024-11-21 13:38 |
2020-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219553
|
5.9 |
MEDIUM
Network
|
parity
|
libsecp256k1
|
A timing vulnerability in the Scalar::check_overflow function in Parity libsecp256k1-rs before 0.3.1 potentially allows an attacker to leak information via a side-channel attack.
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2019-20399
|
2024-11-21 13:38 |
2020-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219554
|
6.5 |
MEDIUM
Network
|
cesnet
|
libyang
|
A NULL pointer dereference is present in libyang before v1.0-r3 in the function lys_extension_instances_free() due to a copy of unresolved extensions in lys_restr_dup(). Applications that use libyang…
|
CWE-476
NULL Pointer Dereference
|
CVE-2019-20398
|
2024-11-21 13:38 |
2020-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219555
|
8.8 |
HIGH
Network
|
cesnet
|
libyang
|
A double-free is present in libyang before v1.0-r1 in the function yyparse() when an organization field is not terminated. Applications that use libyang to parse untrusted input yang files may be vul…
|
CWE-415
Double Free
|
CVE-2019-20397
|
2024-11-21 13:38 |
2020-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219556
|
6.5 |
MEDIUM
Network
|
cesnet
|
libyang
|
A segmentation fault is present in yyparse in libyang before v1.0-r1 due to a malformed pattern statement value during lys_parse_path parsing.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2019-20396
|
2024-11-21 13:38 |
2020-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219557
|
6.5 |
MEDIUM
Network
|
cesnet
|
libyang
|
A stack consumption issue is present in libyang before v1.0-r1 due to the self-referential union type containing leafrefs. Applications that use libyang to parse untrusted input yang files may crash.
|
CWE-674
Uncontrolled Recursion
|
CVE-2019-20395
|
2024-11-21 13:38 |
2020-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219558
|
8.8 |
HIGH
Network
|
cesnet
|
libyang
|
A double-free is present in libyang before v1.0-r3 in the function yyparse() when a type statement in used in a notification statement. Applications that use libyang to parse untrusted input yang fil…
|
CWE-415
Double Free
|
CVE-2019-20394
|
2024-11-21 13:38 |
2020-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219559
|
8.8 |
HIGH
Network
|
cesnet
|
libyang
|
A double-free is present in libyang before v1.0-r1 in the function yyparse() when an empty description is used. Applications that use libyang to parse untrusted input yang files may be vulnerable to …
|
CWE-415
Double Free
|
CVE-2019-20393
|
2024-11-21 13:38 |
2020-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219560
|
6.5 |
MEDIUM
Network
|
cesnet
|
libyang
|
An invalid memory access flaw is present in libyang before v1.0-r1 in the function resolve_feature_value() when an if-feature statement is used inside a list key node, and the feature used is not def…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2019-20392
|
2024-11-21 13:38 |
2020-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
