Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
canonical vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-17542
FFmpeg prior to 4.2 has a heap-based buffer overflow in vqa_decode_chunk because of an out-of-array access in vqa_decode_init in libavcodec/vqavideo.c.
Ffmpeg Ffmpeg
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
9.8
CVSSv3
CVE-2019-17455
Libntlm up to and including 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read in buildSmbNtlmAuthRequest in smbutil.c for a crafted NTLM request.
Nongnu Libntlm
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
1 Github repository
9.8
CVSSv3
CVE-2019-17266
libsoup from versions 2.65.1 until 2.68.1 have a heap-based buffer over-read because soup_ntlm_parse_challenge() in soup-auth-ntlm.c does not properly check an NTLM message's length before proceeding with a memcpy.
Gnome Libsoup
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
9.8
CVSSv3
CVE-2019-17133
In the Linux kernel up to and including 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow.
Linux Linux Kernel
Debian Debian Linux 8.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.1
9.8
CVSSv3
CVE-2019-16928
Exim 4.92 up to and including 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command.
Exim Exim
Canonical Ubuntu Linux 19.04
Debian Debian Linux 10.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
1 Github repository
1 Article
9.8
CVSSv3
CVE-2019-16746
An issue exists in net/wireless/nl80211.c in the Linux kernel up to and including 5.2.17. It does not check the length of variable elements in a beacon head, leading to a buffer overflow.
Linux Linux Kernel
Debian Debian Linux 8.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
Fedoraproject Fedora 30
Opensuse Leap 15.1
1 Article
9.8
CVSSv3
CVE-2019-16239
process_http_response in OpenConnect prior to 8.05 has a Buffer Overflow when a malicious server uses HTTP chunked encoding with crafted chunk sizes.
Infradead Openconnect
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Opensuse Leap 15.0
Opensuse Leap 15.1
9.8
CVSSv3
CVE-2019-16378
OpenDMARC up to and including 1.3.2 and 1.4.x up to and including 1.4.0-Beta1 is prone to a signature-bypass vulnerability with multiple From: addresses, which might affect applications that consider a domain name to be relevant to the origin of an e-mail message.
Trusteddomain Opendmarc 1.4.0
Trusteddomain Opendmarc
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Canonical Ubuntu Linux 18.04
9.8
CVSSv3
CVE-2019-16092
Symonics libmysofa 0.7 has a NULL pointer dereference in getHrtf in hrtf/reader.c.
Symonics Libmysofa 0.7
Canonical Ubuntu Linux 18.04
9.8
CVSSv3
CVE-2019-16093
Symonics libmysofa 0.7 has an invalid write in readOHDRHeaderMessageDataLayout in hdf/dataobject.c.
Symonics Libmysofa 0.7
Canonical Ubuntu Linux 18.04
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »