|
219741
|
7.5 |
HIGH
Network
|
lustre
|
lustre
|
In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds read and panic (via a modified lm_bufcount field) due to the lack of validation for specific fields of packets sent by …
|
CWE-125
Out-of-bounds Read
|
CVE-2019-20429
|
2024-11-21 13:38 |
2020-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219742
|
7.5 |
HIGH
Network
|
lustre
|
lustre
|
In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds read and panic due to the lack of validation for specific fields of packets sent by a client. The ldl_request_cancel fu…
|
CWE-125
Out-of-bounds Read
|
CVE-2019-20428
|
2024-11-21 13:38 |
2020-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219743
|
9.8 |
CRITICAL
Network
|
lustre
|
lustre
|
In the Lustre file system before 2.12.3, the ptlrpc module has a buffer overflow and panic, and possibly remote code execution, due to the lack of validation for specific fields of packets sent by a …
|
CWE-120
Classic Buffer Overflow
|
CVE-2019-20427
|
2024-11-21 13:38 |
2020-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219744
|
7.5 |
HIGH
Network
|
lustre
|
lustre
|
In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. In the function ldlm_ca…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-20426
|
2024-11-21 13:38 |
2020-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219745
|
7.5 |
HIGH
Network
|
lustre
|
lustre
|
In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. In the function lustre_…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-20425
|
2024-11-21 13:38 |
2020-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219746
|
7.5 |
HIGH
Network
|
lustre
|
lustre
|
In the Lustre file system before 2.12.3, mdt_object_remote in the mdt module has a NULL pointer dereference and panic due to the lack of validation for specific fields of packets sent by a client.
|
CWE-476
NULL Pointer Dereference
|
CVE-2019-20424
|
2024-11-21 13:38 |
2020-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219747
|
7.5 |
HIGH
Network
|
lustre
|
lustre
|
In the Lustre file system before 2.12.3, the ptlrpc module has a buffer overflow and panic due to the lack of validation for specific fields of packets sent by a client. The function target_handle_co…
|
CWE-120
Classic Buffer Overflow
|
CVE-2019-20423
|
2024-11-21 13:38 |
2020-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219748
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel before 5.3.4, fib6_rule_lookup in net/ipv6/ip6_fib.c mishandles the RT6_LOOKUP_F_DST_NOREF flag in a reference-count decision, leading to (for example) a crash that was identified…
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2019-20422
|
2024-11-21 13:38 |
2020-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219749
|
7.5 |
HIGH
Network
|
exiv2
canonical
debian
|
exiv2
ubuntu_linux
debian_linux
|
In Jp2Image::readMetadata() in jp2image.cpp in Exiv2 0.27.2, an input file can result in an infinite loop and hang, with high CPU consumption. Remote attackers could leverage this vulnerability to ca…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2019-20421
|
2024-11-21 13:38 |
2020-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219750
|
5.9 |
MEDIUM
Network
|
parity
|
libsecp256k1
|
A timing vulnerability in the Scalar::check_overflow function in Parity libsecp256k1-rs before 0.3.1 potentially allows an attacker to leak information via a side-channel attack.
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2019-20399
|
2024-11-21 13:38 |
2020-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
