|
222361
|
9.8 |
CRITICAL
Network
|
wordpress
debian
|
wordpress
debian_linux
|
wp_kses_bad_protocol in wp-includes/kses.php in WordPress before 5.3.1 mishandles the HTML5 colon named entity, allowing attackers to bypass input sanitization, as demonstrated by the javascript&colo…
|
CWE-20
Improper Input Validation
|
CVE-2019-20041
|
2024-11-21 13:37 |
2019-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222362
|
5.5 |
MEDIUM
Local
|
upx_project
fedoraproject
|
upx
fedora
|
A heap-based buffer over-read was discovered in canUnpack in p_mach.cpp in UPX 3.95 via a crafted Mach-O file.
|
CWE-125
Out-of-bounds Read
|
CVE-2019-20021
|
2024-11-21 13:37 |
2019-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222363
|
6.5 |
MEDIUM
Network
|
matio_project
|
matio
|
A stack-based buffer over-read was discovered in ReadNextStructField in mat5.c in matio 1.5.17.
|
CWE-125
Out-of-bounds Read
|
CVE-2019-20020
|
2024-11-21 13:37 |
2019-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222364
|
6.5 |
MEDIUM
Network
|
matio_project
|
matio
|
An attempted excessive memory allocation was discovered in Mat_VarRead5 in mat5.c in matio 1.5.17.
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2019-20019
|
2024-11-21 13:37 |
2019-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222365
|
6.5 |
MEDIUM
Network
|
matio_project
|
matio
|
A stack-based buffer over-read was discovered in ReadNextCell in mat5.c in matio 1.5.17.
|
CWE-125
Out-of-bounds Read
|
CVE-2019-20018
|
2024-11-21 13:37 |
2019-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222366
|
6.5 |
MEDIUM
Network
|
matio_project
|
matio
|
A stack-based buffer over-read was discovered in Mat_VarReadNextInfo5 in mat5.c in matio 1.5.17.
|
CWE-125
Out-of-bounds Read
|
CVE-2019-20017
|
2024-11-21 13:37 |
2019-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222367
|
6.5 |
MEDIUM
Network
|
symonics
|
libmysofa
|
libmysofa before 2019-11-24 does not properly restrict recursive function calls, as demonstrated by reports of stack consumption in readOHDRHeaderMessageDatatype in dataobject.c and directblockRead i…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-20016
|
2024-11-21 13:37 |
2019-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222368
|
6.5 |
MEDIUM
Network
|
gnu
opensuse
|
libredwg
leap
backports_sle
|
An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_LWPOLYLINE_private in dwg.spec.
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2019-20015
|
2024-11-21 13:37 |
2019-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222369
|
8.8 |
HIGH
Network
|
gnu
opensuse
|
libredwg
leap
backports_sle
|
An issue was discovered in GNU LibreDWG before 0.93. There is a double-free in dwg_free in free.c.
|
CWE-415
Double Free
|
CVE-2019-20014
|
2024-11-21 13:37 |
2019-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222370
|
6.5 |
MEDIUM
Network
|
gnu
opensuse
|
libredwg
leap
backports_sle
|
An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in decode_3dsolid in dwg.spec.
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2019-20013
|
2024-11-21 13:37 |
2019-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
