Vulnerabilities (CVE)

CWE filter

CWE-119

Filter

11986 total CVE
CVE Vendors Products Updated CVSS
CVE-2018-12547 2019-02-21 7.5
In Eclipse OpenJ9, prior to the 0.12.0 release, the jio_snprintf() and jio_vsnprintf() native methods ignored the length parameter. This affects existing APIs that called the functions to exceed the allocated buffer. This functions were not...
CVE-2018-4012 1 Webroot 1 Brightcloud 2019-02-21 9.3
An exploitable buffer overflow vulnerability exists in the HTTP header-parsing function of the Webroot BrightCloud SDK. The function bc_http_read_header incorrectly handles overlong headers, leading to arbitrary code execution. An unauthenticated...
CVE-2019-8356 1 Sound Exchange Project 1 Sound Exchange 2019-02-21 4.3
An issue was discovered in SoX 14.4.2. One of the arguments to bitrv2 in fft4g.c is not guarded, such that it can lead to write access outside of the statically declared array, aka a stack-based buffer overflow.
CVE-2018-18601 1 Guardzilla 1 Gz621w Firmware 2019-02-20 6.8
The TK_set_deviceModel_req_handle function in the cloud communication component in Guardzilla GZ621W devices with firmware 0.5.1.4 has a Buffer Overflow.
CVE-2018-12548 1 Eclipse 1 Openj9 2019-02-20 7.5
In OpenJDK + Eclipse OpenJ9 version 0.11.0 builds, the public jdk.crypto.jniprovider.NativeCrypto class contains public static natives which accept pointer values that are dereferenced in the native code.
CVE-2019-5771 2 Google, Redhat 4 Chrome, Enterprise Linux Desktop, Enterprise Linux Server and 1 more 2019-02-20 6.8
An incorrect JIT of GLSL shaders in SwiftShader in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code via a crafted HTML page.
CVE-2016-0778 5 Sophos, Hp, Apple and 2 more 6 Linux, Openssh, Solaris and 3 more 2019-02-20 4.6
The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when certain proxy and forward options are enabled, do not properly maintain connection file descriptors, which...
CVE-2019-8383 2019-02-20 6.8
An issue was discovered in AdvanceCOMP before 2.1. An invalid memory address occurs in the function adv_png_unfilter_8 in png.c. It can be triggered by sending a crafted file to a binary. It allows an attacker to cause a Denial of Service...
CVE-2019-5762 3 Google, Debian, Redhat 5 Chrome, Debian Linux, Enterprise Linux Desktop and 2 more 2019-02-20 6.8
Inappropriate memory management when caching in PDFium in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file.
CVE-2018-12159 1 Intel 1 Proset%2fwireless 2019-02-20 2.1
Buffer overflow in the command-line interface for Intel(R) PROSet Wireless v20.50 and before may allow an authenticated user to potentially enable denial of service via local access.
CVE-2018-8800 1 Rdesktop 1 Rdesktop 2019-02-20 7.5
rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function ui_clip_handle_data() that results in a memory corruption and probably even a remote code execution.
CVE-2018-8797 1 Rdesktop 1 Rdesktop 2019-02-20 7.5
rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function process_plane() that results in a memory corruption and probably even a remote code execution.
CVE-2018-8793 1 Rdesktop 1 Rdesktop 2019-02-20 7.5
rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function cssp_read_tsrequest() that results in a memory corruption and probably even a remote code execution.
CVE-2018-4193 1 Apple 1 Mac Os X 2019-02-20 9.3
An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Windows Server" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory...
CVE-2019-8396 1 Hdfgroup 1 Hdf5 2019-02-19 4.3
A buffer overflow in H5O__layout_encode in H5Olayout.c in the HDF HDF5 through 1.10.4 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while repacking an HDF5 file, aka "Invalid write of size 2."
CVE-2019-7629 1 Tintin%2b%2b Project 2 Tintin%2b%2b, Wintin%2b%2b 2019-02-19 7.5
Stack-based buffer overflow in the strip_vt102_codes function in TinTin++ 2.01.6 and WinTin++ 2.01.6 allows remote attackers to execute arbitrary code by sending a long message to the client.
CVE-2019-8381 1 Appneta 1 Tcpreplay 2019-02-19 6.8
An issue was discovered in Tcpreplay 4.3.1. An invalid memory access occurs in do_checksum in checksum.c. It can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service...
CVE-2019-8907 1 File Project 1 File 2019-02-19 6.8
do_core_note in readelf.c in libmagic.a in file 5.35 allows remote attackers to cause a denial of service (stack corruption and application crash) or possibly have unspecified other impact.
CVE-2019-7659 2019-02-19 6.8
Genivia gSOAP 2.7.x and 2.8.x before 2.8.75 allows attackers to cause a denial of service (application abort) or possibly have unspecified other impact if a server application is built with the -DWITH_COOKIES flag. This affects the C/C++...
CVE-2018-16865 4 Freedesktop, Canonical, Debian and 1 more 9 Systemd, Ubuntu Linux, Debian Linux and 6 more 2019-02-19 4.6
An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. A local attacker, or a remote one if...