Recent vulnerabilities and exploits

445
VMScore
CVE-2019-0941

A denial of service exists in Microsoft IIS Server when the optional request filtering feature improperly handles requests, aka 'Microsoft IIS Server Denial of Service Vulnerability'....

445
VMScore
CVE-2018-13844

An issue has been found in HTSlib 1.8. It is a memory leak in fai_read in faidx.c....

Htslib
668
VMScore
CVE-2018-18834

An issue has been found in libIEC61850 v1.3. It is a heap-based buffer overflow in BerEncoder_encodeOctetString in mms/asn1/ber_encoder.c....

Mz-automationLibiec61850
383
VMScore
CVE-2018-20005

An issue has been found in Mini-XML (aka mxml) 2.12. It is a use-after-free in mxmlWalkNext in mxml-search.c, as demonstrated by mxmldoc....

MsweetMini-xmlFedoraprojectFedora
605
VMScore
CVE-2018-20004

An issue has been found in Mini-XML (aka mxml) 2.12. It is a stack-based buffer overflow in mxml_write_node in mxml-file.c via vectors involving a double-precision floating point number and the '<order type="real">' substring, as demonstrated by...

NA
CVE-2018-13945

<!-- '"` --><!-- </textarea></xmp> --> In this repository All GitHub ...

NA
CVE-2018-19764

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none....

445
VMScore
CVE-2018-13843

** DISPUTED ** An issue has been found in HTSlib 1.8. It is a memory leak in bgzf_getline in bgzf.c. NOTE: the software maintainer's position is that the "failure to free memory" can be fixed in applications that use the HTSlib library (such as test/test_bgzf.c in...

Htslib
891
VMScore
CVE-2016-2108

The ASN.1 implementation in OpenSSL before 1.0.1o and 1.0.2 before 1.0.2c allows remote attackers to execute arbitrary code or cause a denial of service (buffer underflow and memory corruption) via an ANY field in crafted serialized data, aka the "negative zero" issue....

445
VMScore
CVE-2019-6136

An issue has been found in libIEC61850 v1.3.1. Ethernet_setProtocolFilter in hal/ethernet/linux/ethernet_linux.c has a SEGV, as demonstrated by sv_subscriber_example.c and sv_subscriber.c....

Mz-automationLibiec61850