CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 1CVE-2019-16710 – ImageMagick: memory leak in coders/dot.c
https://notcve.org/view.php?id=CVE-2019-16710
23 Sep 2019 — ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in MagickCore/memory.c. ImageMagick versión 7.0.8-35, presenta una pérdida de memoria en el archivo coders/dot.c, como es demostrado mediante la función AcquireMagickMemory en archivo MagickCore/memory.c. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Issues addressed include buffer overflow, denial of service, double free, information ... • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html • CWE-401: Missing Release of Memory after Effective Lifetime CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 1CVE-2019-16711 – ImageMagick: memory leak in Huffman2DEncodeImage in coders/ps2.c
https://notcve.org/view.php?id=CVE-2019-16711
23 Sep 2019 — ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c. ImageMagick versión 7.0.8-40, presenta una pérdida de memoria en la función Huffman2DEncodeImage en el archivo coders/ps2.c. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user inv... • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html • CWE-401: Missing Release of Memory after Effective Lifetime CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 1CVE-2019-16713 – ImageMagick: memory leak in coders/dot.c
https://notcve.org/view.php?id=CVE-2019-16713
23 Sep 2019 — ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c. ImageMagick versión 7.0.8-43, presenta una pérdida de memoria en el archivo coders/dot.c, como es demostrado mediante la función PingImage en el archivo MagickCore/constitut.c. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Issues addressed include buffer overflow, denial of service, double free, information leakage, n... • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html • CWE-401: Missing Release of Memory after Effective Lifetime CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2019-14822 – ibus: missing authorization allows local attacker to access the input bus of another user
https://notcve.org/view.php?id=CVE-2019-14822
16 Sep 2019 — A flaw was discovered in ibus in versions before 1.5.22 that allows any unprivileged user to monitor and send method calls to the ibus bus of another user due to a misconfiguration in the DBus server setup. A local attacker may use this flaw to intercept all keystrokes of a victim user who is using the graphical interface, change the input method engine, or modify other input related configurations of the victim user. Se detecto un fallo en el ibus en las versiones anteriores a la 1.5.22 que permite a cualq... • https://bugzilla.redhat.com/show_bug.cgi?id=1717958 • CWE-862: Missing Authorization •
CVSS: 4.7EPSS: 0%CPEs: 7EXPL: 0CVE-2019-16229 – Ubuntu Security Notice USN-4284-1
https://notcve.org/view.php?id=CVE-2019-16229
11 Sep 2019 — drivers/gpu/drm/amd/amdkfd/kfd_interrupt.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. NOTE: The security community disputes this issues as not being serious enough to be deserving a CVE id ** EN DISPUTA ** El archivo drivers/gpu/drm/amd/amdkfd/kfd_interrupt.c en el kernel de Linux versión 5.2.14 no comprueba el valor de retorno de alloc_workqueue, conllevando a una desreferencia del puntero NULL. NOTA: La comunidad de seguridad cuestion... • https://bugzilla.suse.com/show_bug.cgi?id=1150469#c3 • CWE-476: NULL Pointer Dereference •
CVSS: 4.7EPSS: 0%CPEs: 10EXPL: 0CVE-2019-16231 – kernel: null-pointer dereference in drivers/net/fjes/fjes_main.c
https://notcve.org/view.php?id=CVE-2019-16231
11 Sep 2019 — drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. El archivo drivers/net/fjes/fjes_main.c en el kernel de Linux versión 5.2.14, no comprueba el valor de retorno en alloc_workqueue, conllevando a una desreferencia del puntero NULL. A flaw was found in the Linux kernel. A NULL pointer dereference flaw was found in the FUJITSU Extended Socket Network driver. A call to the alloc_workqueue return was not validated and c... • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00035.html • CWE-476: NULL Pointer Dereference •
CVSS: 4.7EPSS: 0%CPEs: 9EXPL: 1CVE-2019-16232 – Ubuntu Security Notice USN-4904-1
https://notcve.org/view.php?id=CVE-2019-16232
11 Sep 2019 — drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. El archivo drivers/net/wireless/marvell/libertas/if_sdio.c en el kernel de Linux versión 5.2.14, no comprueba el valor de retorno en alloc_workqueue, conllevando a una desreferencia del puntero NULL. Ben Harris discovered that the Linux kernel would strip extended privilege attributes of files when performing a failed unprivileged system call. A l... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00064.html • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 27EXPL: 0CVE-2019-16168 – sqlite: Division by zero in whereLoopAddBtreeIndex in sqlite3.c
https://notcve.org/view.php?id=CVE-2019-16168
09 Sep 2019 — In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query planner." En SQLite versiones hasta 3.29.0, la función whereLoopAddBtreeIndex en el archivo sqlite3.c puede bloquear un navegador u otra aplicación debido a la falta de comprobación de un campo sqlite_stat1 sz, también se conoce como "severe division by zero in the query planner.". SQLite is a C library th... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00032.html • CWE-369: Divide By Zero •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 1CVE-2019-16167 – sysstat: memory corruption due to an integer overflow in remap_struct in sa_common.c
https://notcve.org/view.php?id=CVE-2019-16167
09 Sep 2019 — sysstat before 12.1.6 has memory corruption due to an Integer Overflow in remap_struct() in sa_common.c. sysstat versiones anteriores a 12.1.6, presenta una corrupción de la memoria debido a un desbordamiento de enteros en la función remap_struct() en el archivo sa_common.c. An integer overflow vulnerability was found in sysstat in the way the `sadf` command processes the contents of data files created by the `sar` command. A local attacker could exploit this flaw by creating a specially crafted file with m... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00067.html • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 9.4EPSS: 2%CPEs: 11EXPL: 0CVE-2019-15926 – Ubuntu Security Notice USN-4145-1
https://notcve.org/view.php?id=CVE-2019-15926
04 Sep 2019 — An issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the functions ath6kl_wmi_pstream_timeout_event_rx and ath6kl_wmi_cac_event_rx in the file drivers/net/wireless/ath/ath6kl/wmi.c. Se detectó un problema en el kernel de Linux versiones anteriores a 5.2.3. Se presenta un acceso fuera de límites en las funciones ath6kl_wmi_pstream_timeout_event_rx y ath6kl_wmi_cac_event_rx en el archivo drivers/net/wireless/ath/ath6kl/wmi.c. It was discovered that the Intel Wi-Fi device dr... • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html • CWE-125: Out-of-bounds Read •