Vulnerabilities (CVE)

CWE filter

CWE-20

Filter

7158 total CVE
CVE Vendors Products Updated CVSS
CVE-2018-15734 1 Stopzilla 1 Antimalware 2019-06-21 2.1
An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains an Arbitrary Write vulnerability due to not validating the output buffer address value from IOCtl 0x8000206B.
CVE-2018-15729 1 Stopzilla 1 Antimalware 2019-06-21 2.1
An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains a Denial of Service vulnerability due to not validating the output buffer address value from IOCtl 0x8000204B.
CVE-2018-15732 1 Stopzilla 1 Antimalware 2019-06-21 2.1
An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains an Arbitrary Write vulnerability due to not validating the output buffer address value from IOCtl 0x80002063.
CVE-2018-15731 1 Stopzilla 1 Antimalware 2019-06-21 2.1
An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains a Denial of Service vulnerability due to not validating the output buffer address value from IOCtl 0x8000205B.
CVE-2018-15730 1 Stopzilla 1 Antimalware 2019-06-21 2.1
An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains a Denial of Service vulnerability due to not validating the output buffer address value from IOCtl 0x80002067.
CVE-2018-15735 1 Stopzilla 1 Antimalware 2019-06-21 2.1
An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains an Arbitrary Write vulnerability due to not validating the output buffer address value from IOCtl 0x8000206F.
CVE-2018-15737 1 Stopzilla 1 Antimalware 2019-06-21 2.1
An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains a Denial of Service vulnerability due to not validating the output buffer address value from IOCtl 0x80002043.
CVE-2018-15736 1 Stopzilla 1 Antimalware 2019-06-21 2.1
An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains a Denial of Service vulnerability due to not validating the output buffer address value from IOCtl 0x8000204F.
CVE-2017-8330 1 Securifi 3 Almond%2bfirmware, Almond 2015 Firmware, Almond Firmware 2019-06-21 3.3
An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a UPnP functionality for devices to interface with the router and interact with the device. It seems that the "NewInMessage"...
CVE-2019-11038 1 Php 1 Php 2019-06-20 5.0
When using gdImageCreateFromXbm() function of PHP gd extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized variable....
CVE-2017-7653 2 Eclipse, Debian 2 Mosquitto, Debian Linux 2019-06-20 3.5
The Eclipse Mosquitto broker up to version 1.4.15 does not reject strings that are not valid UTF-8. A malicious client could cause other clients that do reject invalid UTF-8 strings to disconnect themselves from the broker by sending a topic...
CVE-2019-3804 2 Cockpit-project, Fedoraproject 2 Cockpit, Fedora 2019-06-20 N/A
It was found that cockpit before version 184 used glib's base64 decode functionality incorrectly resulting in a denial of service attack. An unauthenticated attacker could send a specially crafted request with an invalid base64-encoded cookie...
CVE-2019-0097 2019-06-20 4.0
Insufficient input validation vulnerability in subsystem for Intel(R) AMT before version 12.0.35 may allow a privileged user to potentially enable denial of service via network access.
CVE-2019-0094 1 Intel 1 Active Management Technology 2019-06-20 3.3
Insufficient input validation vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an unauthenticated user to potentially enable denial of service via adjacent network access.
CVE-2019-0092 1 Intel 1 Active Management Technology 2019-06-20 4.6
Insufficient input validation vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
CVE-2019-12456 1 Linux 1 Linux Kernel 2019-06-20 7.2
** DISPUTED ** An issue was discovered in the MPT3COMMAND case in _ctl_ioctl_main in drivers/scsi/mpt3sas/mpt3sas_ctl.c in the Linux kernel through 5.1.5. It allows local users to cause a denial of service or possibly have unspecified other...
CVE-2017-7613 3 Elfutils Project, Canonical, Debian 3 Elfutils, Ubuntu Linux, Debian Linux 2019-06-20 4.3
elflint.c in elfutils 0.168 does not validate the number of sections and the number of segments, which allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file.
CVE-2019-1821 1 Cisco 3 Evolved Programmable Network Manager, Network Level Service, Prime Infrastructure 2019-06-19 10.0
A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote attacker to execute code with root-level privileges on the...
CVE-2018-20013 1 Urbackup 1 Urbackup 2019-06-19 5.0
In UrBackup 2.2.6, an attacker can send a malformed request to the client over the network, and trigger a fileservplugin/CClientThread.cpp CClientThread::ProcessPacket metadata_id!=0 assertion, leading to shutting down the client application.
CVE-2019-5678 2019-06-19 4.6
NVIDIA GeForce Experience versions prior to 3.19 contains a vulnerability in the Web Helper component, in which an attacker with local system access can craft input that may not be properly validated. Such an attack may lead to code execution,...