Skip to main content
CVE-2019-3574 HIGH POC This Week

In libsixel v1.8.2, there is a heap-based buffer over-read in the function load_jpeg() in the file loader.c, as demonstrated by img2sixel. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Libsixel
NVD GitHub
CVSS 3.0
7.8
EPSS
0.2%
CVE-2019-3500 HIGH PATCH This Week

aria2c in aria2 1.33.1, when --log is used, can store an HTTP Basic Authentication username and password in a file, which might allow local users to obtain sensitive information by reading this file. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Aria2 Debian Linux Fedora Ubuntu Linux
NVD GitHub
CVSS 3.1
7.8
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy