Page 57 of 425 results (0.013 seconds)

CVSS: 9.1EPSS: 0%CPEs: 6EXPL: 1

CVE-2019-19953

https://notcve.org/view.php?id=CVE-2019-19953

In GraphicsMagick 1.4 snapshot-20191208 Q8, there is a heap-based buffer over-read in the function EncodeImage of coders/pict.c. En GraphicsMagick versión 1.4 snapshot-20191208 Q8, se presenta una lectura excesiva de búfer en la región heap de la memoria en la función EncodeImage del archivo coders/pict.c. • http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/28f8bacd4bbf http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00064.html https://lists.debian.org/debian-lts-announce/2020/01/msg00029.html https://sourceforge.net/p/graphicsmagick/bugs/617 https://www.debian.org/security/2020/dsa-4640 • CWE-125: Out-of-bounds Read •

CVSS: 7.5EPSS: 1%CPEs: 13EXPL: 0

CVE-2019-19926 – sqlite: error mishandling because of incomplete fix of CVE-2019-19880

https://notcve.org/view.php?id=CVE-2019-19926

multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880. La función multiSelect en el archivo select.c en SQLite versión 3.30.1, maneja inapropiadamente determinados errores durante el análisis, como es demostrado por los errores de las llamadas de sqlite3WindowRewrite(). NOTA: esta vulnerabilidad se presenta debido a una corrección incompleta para CVE-2019-19880. • http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00025.html https://access.redhat.com/errata/RHSA-2020:0514 https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://github.com/sqlite/sqlite/commit/8428b3b437569338a9d1e10c4cd8154acbe33089 https://security.netapp.com/advisory/ntap-20200114-0003 https://usn.ubuntu.com/4298-1 https • CWE-476: NULL Pointer Dereference •

CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 1

CVE-2019-19917

https://notcve.org/view.php?id=CVE-2019-19917

Lout 3.40 has a buffer overflow in the StringQuotedWord() function in z39.c. Lout versión 3.40, presenta un desbordamiento de búfer en la función StringQuotedWord() en el archivo z39.c. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00068.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00069.html http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00011.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5OXECUBSXEO7S3TCLSBCITLQIMOCL6MV https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NEJVEIQMRXJ26ZT • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 1

CVE-2019-19918

https://notcve.org/view.php?id=CVE-2019-19918

Lout 3.40 has a heap-based buffer overflow in the srcnext() function in z02.c. Lout versión 3.40, presenta un desbordamiento de búfer en la región heap de la memoria en la función srcnext() en el archivo z02.c. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00068.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00069.html http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00011.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5OXECUBSXEO7S3TCLSBCITLQIMOCL6MV https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NEJVEIQMRXJ26ZT • CWE-787: Out-of-bounds Write •

CVSS: 7.5EPSS: 1%CPEs: 13EXPL: 0

CVE-2019-19880 – sqlite: invalid pointer dereference in exprListAppendList in window.c

https://notcve.org/view.php?id=CVE-2019-19880

exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled. La función exprListAppendList en el archivo window.c en SQLite versión 3.30.1, permite a atacantes desencadenar una desreferencia del puntero no válida porque los valores enteros constantes en las cláusulas ORDER BY de las definiciones de ventana son manejados inapropiadamente. • http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00025.html https://access.redhat.com/errata/RHSA-2020:0514 https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://github.com/sqlite/sqlite/commit/75e95e1fcd52d3ec8282edb75ac8cd0814095d54 https://security.netapp.com/advisory/ntap-20200114-0001 https://usn.ubuntu.com/4298-1 https • CWE-476: NULL Pointer Dereference •