|
225191
|
8.8 |
HIGH
Network
|
totaljs
|
total.js_cms
|
An issue was discovered in Total.js CMS 12.0.0. An authenticated user with the Pages privilege can conduct a path traversal attack (../) to include .html files that are outside the permitted director…
|
CWE-22
Path Traversal
|
CVE-2019-15952
|
2024-11-21 13:29 |
2019-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225192
|
7.5 |
HIGH
Network
|
bitcoin
|
bitcoin_core
|
In Bitcoin Core 0.18.0, bitcoin-qt stores wallet.dat data unencrypted in memory. Upon a crash, it may dump a core file. If a user were to mishandle a core file, an attacker can reconstruct the user's…
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2019-15947
|
2024-11-21 13:29 |
2019-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225193
|
6.4 |
MEDIUM
Physics
|
opensc_project
debian
fedoraproject
|
opensc
debian_linux
fedora
|
OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Octet string in asn1_decode_entry in libopensc/asn1.c.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2019-15946
|
2024-11-21 13:29 |
2019-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225194
|
6.4 |
MEDIUM
Physics
|
opensc_project
debian
fedoraproject
|
opensc
debian_linux
fedora
|
OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Bitstring in decode_bit_string in libopensc/asn1.c.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2019-15945
|
2024-11-21 13:29 |
2019-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225195
|
8.8 |
HIGH
Network
|
ffmpeg
|
ffmpeg
|
FFmpeg through 4.2 has a "Conditional jump or move depends on uninitialised value" issue in h2645_parse because alloc_rbsp_buffer in libavcodec/h2645_parse.c mishandles rbsp_buffer.
|
CWE-252
Unchecked Return Value
|
CVE-2019-15942
|
2024-11-21 13:29 |
2019-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225196
|
5.9 |
MEDIUM
Network
|
opencv
opensuse
debian
|
opencv
leap
debian_linux
|
An issue was discovered in OpenCV 4.1.0. There is a divide-by-zero error in cv::HOGDescriptor::getDescriptorSize in modules/objdetect/src/hog.cpp.
|
CWE-369
Divide By Zero
|
CVE-2019-15939
|
2024-11-21 13:29 |
2019-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225197
|
9.8 |
CRITICAL
Network
|
pengutronix
|
barebox
|
Pengutronix barebox through 2019.08.1 has a remote buffer overflow in nfs_readlink_req in fs/nfs.c because a length field is directly used for a memcpy.
|
CWE-787
Out-of-bounds Write
|
CVE-2019-15938
|
2024-11-21 13:29 |
2019-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225198
|
9.8 |
CRITICAL
Network
|
pengutronix
|
barebox
|
Pengutronix barebox through 2019.08.1 has a remote buffer overflow in nfs_readlink_reply in net/nfs.c because a length field is directly used for a memcpy.
|
CWE-787
Out-of-bounds Write
|
CVE-2019-15937
|
2024-11-21 13:29 |
2019-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225199
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
An issue was discovered in the Linux kernel before 4.20.2. An out-of-bounds access exists in the function build_audio_procunit in the file sound/usb/mixer.c.
|
CWE-125
Out-of-bounds Read
|
CVE-2019-15927
|
2024-11-21 13:29 |
2019-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225200
|
9.1 |
CRITICAL
Network
|
linux
debian
canonical
|
linux_kernel
debian_linux
ubuntu_linux
|
An issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the functions ath6kl_wmi_pstream_timeout_event_rx and ath6kl_wmi_cac_event_rx in the file drivers/net/wireless…
|
CWE-125
Out-of-bounds Read
|
CVE-2019-15926
|
2024-11-21 13:29 |
2019-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
