Skip to main content
CVE-2019-18849 MEDIUM POC PATCH This Month

In tnef before 1.4.18, an attacker may be able to write to the victim's .ssh/authorized_keys file via an e-mail message with a crafted winmail.dat application/ms-tnef attachment, because of a. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Information Disclosure Tnef Fedora Ubuntu Linux +1
NVD GitHub
CVSS 3.1
5.5
EPSS
1.2%
CVE-2019-18853 MEDIUM PATCH This Month

ImageMagick before 7.0.9-0 allows remote attackers to cause a denial of service because XML_PARSE_HUGE is not properly restricted in coders/svg.c, related to SVG and libxml2. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Imagemagick
NVD GitHub
CVSS 3.1
6.5
EPSS
1.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy