CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 1CVE-2019-19725
https://notcve.org/view.php?id=CVE-2019-19725
sysstat through 12.2.0 has a double free in check_file_actlst in sa_common.c. sysstat versiones hasta 12.2.0, presenta una doble liberación en la función check_file_actlst en el archivo sa_common.c. • https://github.com/sysstat/sysstat/issues/242 https://lists.debian.org/debian-lts-announce/2022/11/msg00014.html https://security.gentoo.org/glsa/202007-22 https://usn.ubuntu.com/4242-1 • CWE-415: Double Free •
CVSS: 6.5EPSS: 0%CPEs: 17EXPL: 0CVE-2019-13753 – sqlite: fts3: incorrectly removed corruption check
https://notcve.org/view.php?id=CVE-2019-13753
Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Una lectura fuera de límites en SQLite en Google Chrome versiones anteriores a la versión 79.0.3945.79, permitió a un atacante remoto conseguir información potencialmente confidencial desde la memoria del proceso por medio de una página HTML especialmente diseñada. • http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00032.html http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00036.html https://access.redhat.com/errata/RHSA-2019:4238 https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html https://crbug.com/1025471 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2Z5M4FPUMDNX2LDPHJKN5ZV5GIS2AKNU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/m • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 1%CPEs: 17EXPL: 0CVE-2019-13751 – sqlite: fts3: improve detection of corrupted records
https://notcve.org/view.php?id=CVE-2019-13751
Uninitialized data in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Datos no inicializados en SQLite en Google Chrome versiones anteriores a la versión 79.0.3945.79, permitió a un atacante remoto conseguir información potencialmente confidencial desde la memoria del proceso por medio de una página HTML especialmente diseñada. • http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00032.html http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00036.html https://access.redhat.com/errata/RHSA-2019:4238 https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html https://crbug.com/1025465 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2Z5M4FPUMDNX2LDPHJKN5ZV5GIS2AKNU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/m • CWE-908: Use of Uninitialized Resource •
CVSS: 6.5EPSS: 0%CPEs: 17EXPL: 0CVE-2019-13750 – sqlite: dropping of shadow tables not restricted in defensive mode
https://notcve.org/view.php?id=CVE-2019-13750
Insufficient data validation in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass defense-in-depth measures via a crafted HTML page. Una comprobación de datos insuficiente en SQLite en Google Chrome versiones anteriores a la versión 79.0.3945.79, permitió a un atacante remoto omitir las medidas de defensa en profundidad por medio de una página HTML especialmente diseñada. • http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00032.html http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00036.html https://access.redhat.com/errata/RHSA-2019:4238 https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html https://crbug.com/1025464 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2Z5M4FPUMDNX2LDPHJKN5ZV5GIS2AKNU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/m • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 17EXPL: 0CVE-2019-13752 – sqlite: fts3: improve shadow table corruption detection
https://notcve.org/view.php?id=CVE-2019-13752
Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Una lectura fuera de límites en SQLite en Google Chrome versiones anteriores a la versión 79.0.3945.79, permitió a un atacante remoto conseguir información potencialmente confidencial desde la memoria del proceso por medio de una página HTML especialmente diseñada. • http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00032.html http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00036.html https://access.redhat.com/errata/RHSA-2019:4238 https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html https://crbug.com/1025470 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2Z5M4FPUMDNX2LDPHJKN5ZV5GIS2AKNU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/m • CWE-125: Out-of-bounds Read •