Skip to main content
CVE-2019-20024 MEDIUM POC This Month

A heap-based buffer overflow was discovered in image_buffer_resize in fromsixel.c in libsixel before 1.8.4. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Libsixel
NVD GitHub
CVSS 3.1
6.5
EPSS
0.5%
CVE-2019-20023 MEDIUM POC This Month

A memory leak was discovered in image_buffer_resize in fromsixel.c in libsixel 1.8.4. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Libsixel
NVD GitHub
CVSS 3.1
6.5
EPSS
0.4%
CVE-2019-20022 MEDIUM POC This Month

An invalid memory address dereference was discovered in load_pnm in frompnm.c in libsixel before 1.8.3. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Libsixel
NVD GitHub
CVSS 3.1
6.5
EPSS
0.4%
CVE-2019-20052 MEDIUM POC This Month

A memory leak was discovered in Mat_VarCalloc in mat.c in matio 1.5.17 because SafeMulDims does not consider the rank==0 case. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Matio
NVD GitHub
CVSS 3.1
6.5
EPSS
1.1%
CVE-2019-20020 MEDIUM POC This Month

A stack-based buffer over-read was discovered in ReadNextStructField in mat5.c in matio 1.5.17. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Matio
NVD GitHub
CVSS 3.1
6.5
EPSS
0.9%
CVE-2019-20019 MEDIUM POC This Month

An attempted excessive memory allocation was discovered in Mat_VarRead5 in mat5.c in matio 1.5.17. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Matio
NVD GitHub
CVSS 3.1
6.5
EPSS
0.9%
CVE-2019-20018 MEDIUM POC This Month

A stack-based buffer over-read was discovered in ReadNextCell in mat5.c in matio 1.5.17. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Matio
NVD GitHub
CVSS 3.1
6.5
EPSS
1.1%
CVE-2019-20017 MEDIUM POC This Month

A stack-based buffer over-read was discovered in Mat_VarReadNextInfo5 in mat5.c in matio 1.5.17. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Matio
NVD GitHub
CVSS 3.1
6.5
EPSS
0.9%
CVE-2019-20016 MEDIUM POC PATCH This Month

libmysofa before 2019-11-24 does not properly restrict recursive function calls, as demonstrated by reports of stack consumption in readOHDRHeaderMessageDatatype in dataobject.c and directblockRead. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Memory Corruption Libmysofa
NVD GitHub
CVSS 3.1
6.5
EPSS
1.7%
CVE-2019-20015 MEDIUM POC This Month

An issue was discovered in GNU LibreDWG 0.92. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Libredwg Backports Sle Leap
NVD GitHub
CVSS 3.1
6.5
EPSS
1.4%
CVE-2019-20013 MEDIUM POC PATCH This Month

An issue was discovered in GNU LibreDWG before 0.93. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Libredwg Backports Sle Leap
NVD GitHub
CVSS 3.1
6.5
EPSS
1.4%
CVE-2019-20012 MEDIUM POC This Month

An issue was discovered in GNU LibreDWG 0.92. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Libredwg Backports Sle Leap
NVD GitHub
CVSS 3.1
6.5
EPSS
1.4%
CVE-2019-20009 MEDIUM POC PATCH This Month

An issue was discovered in GNU LibreDWG before 0.93. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Libredwg Backports Sle Leap
NVD GitHub
CVSS 3.1
6.5
EPSS
1.4%
CVE-2019-20053 MEDIUM POC This Month

An invalid memory address dereference was discovered in the canUnpack function in p_mach.cpp in UPX 3.95 via a crafted Mach-O file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Upx Backports Leap
NVD GitHub
CVSS 3.1
5.5
EPSS
1.2%
CVE-2019-20051 MEDIUM POC This Month

A floating-point exception was discovered in PackLinuxElf::elf_hash in p_lx_elf.cpp in UPX 3.95. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Upx Fedora
NVD GitHub
CVSS 3.1
5.5
EPSS
0.9%
CVE-2019-20021 MEDIUM POC This Month

A heap-based buffer over-read was discovered in canUnpack in p_mach.cpp in UPX 3.95 via a crafted Mach-O file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Upx Fedora
NVD GitHub
CVSS 3.1
5.5
EPSS
1.1%
CVE-2019-20042 MEDIUM PATCH This Month

In wp-includes/formatting.php in WordPress 3.7 to 5.3.0, the function wp_targeted_link_rel() can be used in a particular way to result in a stored cross-site scripting (XSS) vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS WordPress PHP Debian Linux
NVD GitHub
CVSS 3.1
6.1
EPSS
2.8%
CVE-2019-20043 MEDIUM PATCH This Month

In in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php in WordPress 3.7 to 5.3.0, authenticated users who do not have the rights to publish a post are able to mark posts as sticky or. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation WordPress PHP Debian Linux
NVD GitHub
CVSS 3.1
4.3
EPSS
2.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy