Skip to main content

Leap

1763 CVEs product

Monthly

CVE-2019-18809 MEDIUM PATCH This Month

A memory leak in the af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Linux Linux Kernel Ubuntu Linux Debian Linux +2
NVD GitHub
CVSS 3.1
4.6
EPSS
0.5%
CVE-2019-18808 MEDIUM PATCH This Month

A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Linux Linux Kernel Fedora Leap +1
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-18805 CRITICAL PATCH Act Now

An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Denial Of Service Integer Overflow Linux Linux Kernel Leap +15
NVD
CVSS 3.1
9.8
EPSS
3.4%
CVE-2019-18804 HIGH POC This Week

DjVuLibre 3.5.27 has a NULL pointer dereference in the function DJVU::filter_fv at IW44EncodeCodec.cpp. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Djvulibre Debian Linux Fedora +2
NVD GitHub
CVSS 3.1
7.5
EPSS
3.7%
CVE-2019-14847 MEDIUM POC This Month

A flaw was found in samba 4.0.0 before samba 4.9.15 and samba 4.10.x before 4.10.10. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Privilege Escalation Denial Of Service Samba Fedora +1
NVD
CVSS 3.1
4.9
EPSS
2.4%
CVE-2019-14833 MEDIUM PATCH This Month

A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user password change or a new password for a samba user. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Samba Fedora Leap
NVD
CVSS 3.1
5.4
EPSS
2.1%
CVE-2019-5068 MEDIUM POC PATCH This Month

An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Mesa Leap Debian Linux Ubuntu Linux
NVD
CVSS 3.1
4.4
EPSS
0.5%
CVE-2019-18683 HIGH POC PATCH This Week

An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. Rated high severity (CVSS 7.0). Public exploit code available.

Race Condition Linux Privilege Escalation Linux Kernel Ubuntu Linux +16
NVD
CVSS 3.1
7.0
EPSS
1.0%
CVE-2019-6470 HIGH POC This Week

There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in DHCPv6 mode. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Dhcpd Enterprise Linux Enterprise Linux Desktop Enterprise Linux Eus +15
NVD
CVSS 3.1
7.5
EPSS
8.8%
CVE-2019-5010 HIGH POC THREAT This Week

An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Python Leap Debian Linux +4
NVD
CVSS 3.1
7.5
EPSS
21.4%
CVE-2019-18425 CRITICAL PATCH Act Now

An issue was discovered in Xen through 4.12.x allowing 32-bit PV guest OS users to gain guest OS privileges by installing and using descriptors. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Xen Debian Linux Fedora Leap
NVD
CVSS 3.1
9.8
EPSS
2.5%
CVE-2019-18424 MEDIUM PATCH This Month

An issue was discovered in Xen through 4.12.x allowing attackers to gain host OS privileges via DMA in a situation where an untrusted domain has access to a physical device. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Privilege Escalation Command Injection Xen Debian Linux Fedora +1
NVD
CVSS 3.1
6.8
EPSS
0.5%
CVE-2019-18421 HIGH PATCH This Week

An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to gain host OS privileges by leveraging race conditions in pagetable promotion and demotion operations. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.

Race Condition Privilege Escalation Xen Debian Linux Fedora +1
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2019-17596 Go HIGH POC PATCH This Week

Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Go Debian Linux Fedora Developer Tools +7
NVD GitHub
CVSS 3.1
7.5
EPSS
4.7%
CVE-2019-17498 HIGH POC PATCH This Week

In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Integer Overflow Libssh2 Fedora Leap +7
NVD GitHub
CVSS 3.1
8.1
EPSS
3.8%
CVE-2019-18218 HIGH POC PATCH This Week

cdf_read_property_info in cdf.c in file through 5.37 does not restrict the number of CDF_VECTOR elements, which allows a heap-based buffer overflow (4-byte out-of-bounds write). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Memory Corruption File Debian Linux Leap +3
NVD GitHub
CVSS 3.1
7.8
EPSS
1.8%
CVE-2019-14287 HIGH POC PATCH THREAT This Week

In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Sudo Fedora Debian Linux Leap +11
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
63.9%
CVE-2019-2999 MEDIUM PATCH This Month

Vulnerability in the Java SE product of Oracle Java SE (component: Javadoc). Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Java Oracle Jdk Jre +17
NVD
CVSS 3.1
4.7
EPSS
2.7%
CVE-2019-2992 LOW PATCH Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Java Denial Of Service Oracle Jdk Jre +17
NVD
CVSS 3.1
3.7
EPSS
3.5%
CVE-2019-2988 LOW PATCH Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Java Denial Of Service Oracle Jdk Jre +17
NVD
CVSS 3.1
3.7
EPSS
3.3%
CVE-2019-2983 LOW PATCH Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Java Denial Of Service Oracle Jdk Jre +17
NVD
CVSS 3.1
3.7
EPSS
3.7%
CVE-2019-2981 LOW PATCH Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JAXP). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Java Denial Of Service Oracle Jdk Jre +17
NVD
CVSS 3.1
3.7
EPSS
3.7%
CVE-2019-2978 LOW PATCH Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Java Denial Of Service Oracle Jdk Jre +18
NVD
CVSS 3.1
3.7
EPSS
3.3%
CVE-2019-2975 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required.

Java Denial Of Service Oracle Jdk Jre +16
NVD
CVSS 3.1
4.8
EPSS
3.3%
CVE-2019-2974 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL MariaDB Ubuntu Linux +2
NVD
CVSS 3.1
6.5
EPSS
3.7%
CVE-2019-2973 LOW PATCH Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JAXP). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Java Denial Of Service Oracle Jdk Jre +18
NVD
CVSS 3.1
3.7
EPSS
3.7%
CVE-2019-2964 LOW PATCH Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Concurrency). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Java Denial Of Service Oracle Jdk Jre +17
NVD
CVSS 3.1
3.7
EPSS
3.5%
CVE-2019-2962 LOW PATCH Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Java Denial Of Service Oracle Jdk Jre +17
NVD
CVSS 3.1
3.7
EPSS
3.5%
CVE-2019-2958 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Java Oracle Jdk Jre +8
NVD
CVSS 3.1
5.9
EPSS
2.6%
CVE-2019-2949 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Kerberos). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Java Oracle Jdk Jre +13
NVD
CVSS 3.1
6.8
EPSS
3.6%
CVE-2019-2945 LOW PATCH Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required.

Java Denial Of Service Oracle Jdk Jre +17
NVD
CVSS 3.1
3.1
EPSS
3.4%
CVE-2019-2938 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable.

Denial Of Service Oracle MySQL MariaDB Fedora +6
NVD
CVSS 3.1
4.4
EPSS
3.0%
CVE-2019-2933 LOW PATCH Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Java Oracle Jdk Jre +3
NVD
CVSS 3.1
3.1
EPSS
2.3%
CVE-2019-2894 LOW PATCH Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Java Oracle Jdk Jre +4
NVD
CVSS 3.1
3.7
EPSS
3.2%
CVE-2019-17595 MEDIUM POC PATCH This Month

There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Information Disclosure Ncurses Leap
NVD
CVSS 3.1
5.4
EPSS
2.0%
CVE-2019-17594 MEDIUM POC PATCH This Month

There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Information Disclosure Ncurses Leap
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2019-17545 PyPI CRITICAL PATCH Act Now

GDAL through 3.0.1 has a poolDestroy double free in OGRExpatRealloc in ogr/ogr_expat.cpp when the 10MB threshold is exceeded. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Gdal Spatial And Graph Debian Linux Fedora +2
NVD GitHub
CVSS 3.1
9.8
EPSS
2.6%
CVE-2019-17455 CRITICAL POC Act Now

Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Libntlm Debian Linux Ubuntu Linux +3
NVD
CVSS 3.1
9.8
EPSS
3.1%
CVE-2019-17451 MEDIUM POC This Month

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Binutils Leap Ubuntu Linux
NVD
CVSS 3.1
6.5
EPSS
2.4%
CVE-2019-17450 MEDIUM POC This Month

find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32, allows remote attackers to cause a denial of service (infinite. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Binutils Leap Ubuntu Linux
NVD
CVSS 3.1
6.5
EPSS
2.8%
CVE-2019-14846 PyPI HIGH PATCH This Week

In Ansible, all Ansible Engine versions up to ansible-engine 2.8.5, ansible-engine 2.7.13, ansible-engine 2.6.19, were logging at the DEBUG level which lead to a disclosure of credentials if a plugin. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Ansible Engine Debian Linux Backports Sle Leap +1
NVD GitHub
CVSS 3.1
7.8
EPSS
0.5%
CVE-2019-17042 CRITICAL PATCH Act Now

An issue was discovered in Rsyslog v8.1908.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Cisco Rsyslog Fedora Debian Linux +1
NVD GitHub
CVSS 3.1
9.8
EPSS
3.1%
CVE-2019-17041 CRITICAL PATCH Act Now

An issue was discovered in Rsyslog v8.1908.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Rsyslog Debian Linux Fedora +1
NVD GitHub
CVSS 3.1
9.8
EPSS
4.6%
CVE-2019-17178 HIGH PATCH This Week

HuffmanTree_makeFromFrequencies in lodepng.c in LodePNG through 2019-09-28, as used in WinPR in FreeRDP and other products, has a memory leak because a supplied realloc pointer (i.e., the first. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Freerdp Lodepng Leap
NVD GitHub
CVSS 3.1
7.5
EPSS
2.6%
CVE-2019-17177 HIGH PATCH This Week

libfreerdp/codec/region.c in FreeRDP through 1.1.x and 2.x through 2.0.0-rc4 has memory leaks because a supplied realloc pointer (i.e., the first argument to realloc) is also used for a realloc. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Freerdp Leap
NVD GitHub
CVSS 3.1
7.5
EPSS
2.7%
CVE-2019-17133 CRITICAL PATCH Act Now

In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Linux Linux Kernel Debian Linux Ubuntu Linux +1
NVD
CVSS 3.1
9.8
EPSS
6.7%
CVE-2019-15165 MEDIUM PATCH This Month

sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Libpcap Debian Linux Leap Communications Operations Monitor +7
NVD GitHub
CVSS 3.1
5.3
EPSS
2.8%
CVE-2019-15166 HIGH PATCH This Week

lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Tcpdump Mac Os X Debian Linux Fedora +6
NVD GitHub
CVSS 3.1
7.5
EPSS
5.0%
CVE-2019-17069 HIGH This Week

PuTTY before 0.73 might allow remote SSH-1 servers to cause a denial of service by accessing freed memory locations via an SSH1_MSG_DISCONNECT message. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Use After Free Memory Corruption Putty Leap +1
NVD
CVSS 3.1
7.5
EPSS
2.2%
CVE-2019-17068 HIGH This Week

PuTTY before 0.73 mishandles the "bracketed paste mode" protection mechanism, which may allow a session to be affected by malicious clipboard content. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Putty Leap
NVD
CVSS 3.1
7.5
EPSS
1.8%
CVE-2019-17055 LOW PATCH Monitor

base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Linux Linux Kernel Debian Linux Fedora +5
NVD
CVSS 3.1
3.3
EPSS
0.5%
CVE-2019-16276 Go HIGH PATCH This Week

Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This HTTP Request/Response Smuggling vulnerability could allow attackers to manipulate HTTP request interpretation between frontend and backend servers.

Request Smuggling Information Disclosure Go Debian Linux Leap +6
NVD GitHub
CVSS 3.1
7.5
EPSS
5.2%
CVE-2019-16995 HIGH POC PATCH This Week

In the Linux kernel before 5.0.3, a memory leak exits in hsr_dev_finalize() in net/hsr/hsr_device.c if hsr_add_port fails to add a port, which may cause denial of service, aka CID-6caabe7f197d. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Linux Linux Kernel Leap Aff A700S Firmware +14
NVD GitHub
CVSS 3.1
7.5
EPSS
3.5%
CVE-2019-16994 MEDIUM POC PATCH This Month

In the Linux kernel before 5.0, a memory leak exists in sit_init_net() in net/ipv6/sit.c when register_netdev() fails to register sitn->fb_tunnel_dev, which may cause denial of service, aka. Rated medium severity (CVSS 4.7). Public exploit code available.

Denial Of Service Linux Linux Kernel Leap Enterprise Linux
NVD GitHub
CVSS 3.1
4.7
EPSS
0.5%
CVE-2019-9433 MEDIUM This Month

In libvpx, there is a possible information disclosure due to improper input validation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Android Leap Fedora +2
NVD
CVSS 3.1
6.5
EPSS
3.1%
CVE-2019-9371 MEDIUM This Month

In libvpx, there is a possible resource exhaustion due to improper input validation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Denial Of Service Android Leap Fedora +2
NVD
CVSS 3.1
6.5
EPSS
3.1%
CVE-2019-9325 MEDIUM This Month

In libvpx, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android Ubuntu Linux +3
NVD
CVSS 3.1
6.5
EPSS
2.6%
CVE-2019-9278 HIGH PATCH This Week

In libexif, there is a possible out of bounds write due to an integer overflow. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Integer Overflow Privilege Escalation Buffer Overflow Android +4
NVD GitHub
CVSS 3.1
8.8
EPSS
4.1%
CVE-2019-9232 HIGH This Week

In libvpx, there is a possible out of bounds read due to a missing bounds check. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android Ubuntu Linux +3
NVD
CVSS 3.1
7.5
EPSS
5.1%
CVE-2019-11740 HIGH This Week

Mozilla developers and community members reported memory safety bugs present in Firefox 68, Firefox ESR 68, and Firefox 60.8. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mozilla RCE Memory Corruption Firefox +4
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2019-11738 MEDIUM POC This Month

If a Content Security Policy (CSP) directive is defined that uses a hash-based source that takes the empty string as input, execution of any javascript: URIs will be allowed. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Mozilla Firefox Firefox Esr Leap
NVD
CVSS 3.1
6.3
EPSS
1.4%
CVE-2019-11735 HIGH This Week

Mozilla developers and community members reported memory safety bugs present in Firefox 68 and Firefox ESR 68. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mozilla RCE Memory Corruption Firefox +2
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2019-10092 MEDIUM POC PATCH THREAT This Month

In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the mod_proxy error page. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Apache Http Server Leap Debian Linux +7
NVD GitHub Exploit-DB
CVSS 3.1
6.1
EPSS
81.5%
CVE-2019-16884 Go HIGH POC PATCH This Week

runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Docker Runc Fedora Leap +6
NVD GitHub
CVSS 3.1
7.5
EPSS
4.4%
CVE-2019-13627 MEDIUM This Month

It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Ubuntu Linux Leap Libgcrypt20
NVD GitHub
CVSS 3.1
6.3
EPSS
0.5%
CVE-2019-12068 LOW PATCH Monitor

In QEMU 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg-8~deb10u1, 1:3.1+dfsg-8+deb10u2, and 1:2.1+dfsg-12+deb8u12 (fixed), when executing script in lsi_execute_script(), the LSI scsi. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity.

Denial Of Service Qemu Ubuntu Linux Leap
NVD
CVSS 3.1
3.8
EPSS
0.5%
CVE-2019-16746 CRITICAL PATCH Act Now

An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Linux Linux Kernel Debian Linux Ubuntu Linux +2
NVD
CVSS 3.1
9.8
EPSS
12.7%
CVE-2019-16713 MEDIUM POC This Month

ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Imagemagick Ubuntu Linux Leap Debian Linux
NVD GitHub
CVSS 3.1
6.5
EPSS
2.5%
CVE-2019-16712 MEDIUM POC This Month

ImageMagick 7.0.8-43 has a memory leak in Huffman2DEncodeImage in coders/ps3.c, as demonstrated by WritePS3Image. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Imagemagick Leap
NVD GitHub
CVSS 3.1
6.5
EPSS
2.6%
CVE-2019-16711 MEDIUM POC This Month

ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Imagemagick Debian Linux Leap Ubuntu Linux
NVD GitHub
CVSS 3.1
6.5
EPSS
2.5%
CVE-2019-16710 MEDIUM POC This Month

ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in MagickCore/memory.c. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Imagemagick Debian Linux Leap Ubuntu Linux
NVD GitHub
CVSS 3.1
6.5
EPSS
2.5%
CVE-2019-16709 MEDIUM POC This Month

ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Imagemagick Backports Leap Ubuntu Linux
NVD GitHub
CVSS 3.1
6.5
EPSS
2.8%
CVE-2019-16708 MEDIUM POC This Month

ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Imagemagick Ubuntu Linux Leap Debian Linux
NVD GitHub
CVSS 3.1
6.5
EPSS
2.5%
CVE-2019-14816 HIGH POC PATCH This Week

There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Buffer Overflow Linux RCE Heap Overflow +39
NVD GitHub
CVSS 3.1
7.8
EPSS
0.9%
CVE-2019-14814 HIGH POC PATCH This Week

There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Buffer Overflow Linux RCE Heap Overflow +34
NVD GitHub
CVSS 3.1
7.8
EPSS
0.9%
CVE-2019-14821 HIGH PATCH This Week

An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Denial Of Service Buffer Overflow Linux Memory Corruption Linux Kernel +27
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2019-11779 MEDIUM This Month

In Eclipse Mosquitto 1.5.0 to 1.6.5 inclusive, if a malicious MQTT client sends a SUBSCRIBE packet containing a topic that consists of approximately 65400 or more '/' characters, i.e. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Mosquitto Ubuntu Linux Backports Sle Leap +2
NVD
CVSS 3.1
6.5
EPSS
2.7%
CVE-2019-14835 HIGH POC PATCH This Week

A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Linux Linux Kernel Ubuntu Linux Debian Linux +31
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2019-16239 CRITICAL Act Now

process_http_response in OpenConnect before 8.05 has a Buffer Overflow when a malicious server uses HTTP chunked encoding with crafted chunk sizes. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Openconnect Fedora Debian Linux Ubuntu Linux +1
NVD
CVSS 3.1
9.8
EPSS
3.4%
CVE-2019-5482 CRITICAL PATCH Act Now

Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow Curl Fedora Leap +14
NVD VulDB
CVSS 3.1
9.8
EPSS
6.9%
CVE-2019-5481 CRITICAL PATCH Act Now

Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Curl Fedora Cloud Backup Steelstore +8
NVD
CVSS 3.1
9.8
EPSS
3.0%
CVE-2019-16319 HIGH This Week

In Wireshark 3.0.0 to 3.0.3 and 2.6.0 to 2.6.10, the Gryphon dissector could go into an infinite loop. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Wireshark Leap Debian Linux
NVD
CVSS 3.1
7.5
EPSS
3.8%
CVE-2019-15031 MEDIUM POC PATCH This Month

In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. Public exploit code available.

Linux Information Disclosure Linux Kernel Ubuntu Linux Leap +1
NVD
CVSS 3.1
4.4
EPSS
0.6%
CVE-2019-15030 MEDIUM POC PATCH This Month

In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. Public exploit code available.

Authentication Bypass Linux Linux Kernel Ubuntu Linux Leap +1
NVD
CVSS 3.1
4.4
EPSS
0.5%
CVE-2019-16234 MEDIUM PATCH This Month

drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. Rated medium severity (CVSS 4.7).

Null Pointer Dereference Denial Of Service Linux Intel Linux Kernel +2
NVD
CVSS 3.1
4.7
EPSS
0.4%
CVE-2019-16233 MEDIUM PATCH This Month

drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. Rated medium severity (CVSS 4.1).

Null Pointer Dereference Denial Of Service Linux Linux Kernel Ubuntu Linux +2
NVD
CVSS 3.1
4.1
EPSS
0.4%
CVE-2019-16232 MEDIUM POC This Month

drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. Rated medium severity (CVSS 4.1). Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Linux Linux Kernel Ubuntu Linux +2
NVD
CVSS 3.1
4.1
EPSS
0.6%
CVE-2019-16231 MEDIUM PATCH This Month

drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. Rated medium severity (CVSS 4.1).

Null Pointer Dereference Denial Of Service Linux Linux Kernel Ubuntu Linux +2
NVD
CVSS 3.1
4.1
EPSS
0.4%
CVE-2019-16167 MEDIUM POC This Month

sysstat before 12.1.6 has memory corruption due to an Integer Overflow in remap_struct() in sa_common.c. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Sysstat Fedora Leap +2
NVD GitHub
CVSS 3.1
5.5
EPSS
1.5%
CVE-2019-9458 HIGH PATCH This Week

In the Android kernel in the video driver there is a use after free due to a race condition. Rated high severity (CVSS 7.0).

Race Condition Denial Of Service Privilege Escalation Google Android +1
NVD
CVSS 3.1
7.0
EPSS
0.2%
EPSS 0% CVSS 4.6
MEDIUM PATCH This Month

A memory leak in the af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Linux Linux Kernel +4
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Linux Linux Kernel +3
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL PATCH Act Now

An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Denial Of Service Integer Overflow Linux +17
NVD
EPSS 4% CVSS 7.5
HIGH POC This Week

DjVuLibre 3.5.27 has a NULL pointer dereference in the function DJVU::filter_fv at IW44EncodeCodec.cpp. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Djvulibre +4
NVD GitHub
EPSS 2% CVSS 4.9
MEDIUM POC This Month

A flaw was found in samba 4.0.0 before samba 4.9.15 and samba 4.10.x before 4.10.10. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Privilege Escalation Denial Of Service +3
NVD
EPSS 2% CVSS 5.4
MEDIUM PATCH This Month

A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user password change or a new password for a samba user. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Samba Fedora +1
NVD
EPSS 0% CVSS 4.4
MEDIUM POC PATCH This Month

An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Mesa Leap +2
NVD
EPSS 1% CVSS 7.0
HIGH POC PATCH This Week

An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. Rated high severity (CVSS 7.0). Public exploit code available.

Race Condition Linux Privilege Escalation +18
NVD
EPSS 9% CVSS 7.5
HIGH POC This Week

There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in DHCPv6 mode. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Dhcpd Enterprise Linux +17
NVD
EPSS 21% CVSS 7.5
HIGH POC THREAT This Week

An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Python +6
NVD
EPSS 3% CVSS 9.8
CRITICAL PATCH Act Now

An issue was discovered in Xen through 4.12.x allowing 32-bit PV guest OS users to gain guest OS privileges by installing and using descriptors. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Xen Debian Linux +2
NVD
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

An issue was discovered in Xen through 4.12.x allowing attackers to gain host OS privileges via DMA in a situation where an untrusted domain has access to a physical device. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Privilege Escalation Command Injection Xen +3
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to gain host OS privileges by leveraging race conditions in pagetable promotion and demotion operations. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.

Race Condition Privilege Escalation Xen +3
NVD
EPSS 5% CVSS 7.5
HIGH POC PATCH This Week

Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Go Debian Linux +9
NVD GitHub
EPSS 4% CVSS 8.1
HIGH POC PATCH This Week

In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Integer Overflow Libssh2 +9
NVD GitHub
EPSS 2% CVSS 7.8
HIGH POC PATCH This Week

cdf_read_property_info in cdf.c in file through 5.37 does not restrict the number of CDF_VECTOR elements, which allows a heap-based buffer overflow (4-byte out-of-bounds write). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Memory Corruption File +5
NVD GitHub
EPSS 64% CVSS 8.8
HIGH POC PATCH THREAT This Week

In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Sudo Fedora +13
NVD Exploit-DB
EPSS 3% CVSS 4.7
MEDIUM PATCH This Month

Vulnerability in the Java SE product of Oracle Java SE (component: Javadoc). Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Java Oracle +19
NVD
EPSS 3% CVSS 3.7
LOW PATCH Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Java Denial Of Service Oracle +19
NVD
EPSS 3% CVSS 3.7
LOW PATCH Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Java Denial Of Service Oracle +19
NVD
EPSS 4% CVSS 3.7
LOW PATCH Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Java Denial Of Service Oracle +19
NVD
EPSS 4% CVSS 3.7
LOW PATCH Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JAXP). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Java Denial Of Service Oracle +19
NVD
EPSS 3% CVSS 3.7
LOW PATCH Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Java Denial Of Service Oracle +20
NVD
EPSS 3% CVSS 4.8
MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required.

Java Denial Of Service Oracle +18
NVD
EPSS 4% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL +4
NVD
EPSS 4% CVSS 3.7
LOW PATCH Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JAXP). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Java Denial Of Service Oracle +20
NVD
EPSS 4% CVSS 3.7
LOW PATCH Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Concurrency). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Java Denial Of Service Oracle +19
NVD
EPSS 4% CVSS 3.7
LOW PATCH Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Java Denial Of Service Oracle +19
NVD
EPSS 3% CVSS 5.9
MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Java Oracle +10
NVD
EPSS 4% CVSS 6.8
MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Kerberos). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Java Oracle +15
NVD
EPSS 3% CVSS 3.1
LOW PATCH Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required.

Java Denial Of Service Oracle +19
NVD
EPSS 3% CVSS 4.4
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable.

Denial Of Service Oracle MySQL +8
NVD
EPSS 2% CVSS 3.1
LOW PATCH Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Java Oracle +5
NVD
EPSS 3% CVSS 3.7
LOW PATCH Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Java Oracle +6
NVD
EPSS 2% CVSS 5.4
MEDIUM POC PATCH This Month

There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Information Disclosure Ncurses +1
NVD
EPSS 1% CVSS 5.3
MEDIUM POC PATCH This Month

There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Information Disclosure Ncurses +1
NVD
EPSS 3% CVSS 9.8
CRITICAL PATCH Act Now

GDAL through 3.0.1 has a poolDestroy double free in OGRExpatRealloc in ogr/ogr_expat.cpp when the 10MB threshold is exceeded. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Gdal Spatial And Graph +4
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Libntlm +5
NVD
EPSS 2% CVSS 6.5
MEDIUM POC This Month

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Binutils +2
NVD
EPSS 3% CVSS 6.5
MEDIUM POC This Month

find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32, allows remote attackers to cause a denial of service (infinite. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Binutils Leap +1
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

In Ansible, all Ansible Engine versions up to ansible-engine 2.8.5, ansible-engine 2.7.13, ansible-engine 2.6.19, were logging at the DEBUG level which lead to a disclosure of credentials if a plugin. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Ansible Engine Debian Linux +3
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL PATCH Act Now

An issue was discovered in Rsyslog v8.1908.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Cisco Rsyslog +3
NVD GitHub
EPSS 5% CVSS 9.8
CRITICAL PATCH Act Now

An issue was discovered in Rsyslog v8.1908.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Rsyslog +3
NVD GitHub
EPSS 3% CVSS 7.5
HIGH PATCH This Week

HuffmanTree_makeFromFrequencies in lodepng.c in LodePNG through 2019-09-28, as used in WinPR in FreeRDP and other products, has a memory leak because a supplied realloc pointer (i.e., the first. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Freerdp Lodepng +1
NVD GitHub
EPSS 3% CVSS 7.5
HIGH PATCH This Week

libfreerdp/codec/region.c in FreeRDP through 1.1.x and 2.x through 2.0.0-rc4 has memory leaks because a supplied realloc pointer (i.e., the first argument to realloc) is also used for a realloc. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Freerdp Leap
NVD GitHub
EPSS 7% CVSS 9.8
CRITICAL PATCH Act Now

In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Linux Linux Kernel +3
NVD
EPSS 3% CVSS 5.3
MEDIUM PATCH This Month

sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Libpcap Debian Linux +9
NVD GitHub
EPSS 5% CVSS 7.5
HIGH PATCH This Week

lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Tcpdump Mac Os X +8
NVD GitHub
EPSS 2% CVSS 7.5
HIGH This Week

PuTTY before 0.73 might allow remote SSH-1 servers to cause a denial of service by accessing freed memory locations via an SSH1_MSG_DISCONNECT message. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Use After Free Memory Corruption +3
NVD
EPSS 2% CVSS 7.5
HIGH This Week

PuTTY before 0.73 mishandles the "bracketed paste mode" protection mechanism, which may allow a session to be affected by malicious clipboard content. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Putty Leap
NVD
EPSS 1% CVSS 3.3
LOW PATCH Monitor

base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Linux Linux Kernel +7
NVD
EPSS 5% CVSS 7.5
HIGH PATCH This Week

Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This HTTP Request/Response Smuggling vulnerability could allow attackers to manipulate HTTP request interpretation between frontend and backend servers.

Request Smuggling Information Disclosure Go +8
NVD GitHub
EPSS 4% CVSS 7.5
HIGH POC PATCH This Week

In the Linux kernel before 5.0.3, a memory leak exits in hsr_dev_finalize() in net/hsr/hsr_device.c if hsr_add_port fails to add a port, which may cause denial of service, aka CID-6caabe7f197d. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Linux Linux Kernel +16
NVD GitHub
EPSS 0% CVSS 4.7
MEDIUM POC PATCH This Month

In the Linux kernel before 5.0, a memory leak exists in sit_init_net() in net/ipv6/sit.c when register_netdev() fails to register sitn->fb_tunnel_dev, which may cause denial of service, aka. Rated medium severity (CVSS 4.7). Public exploit code available.

Denial Of Service Linux Linux Kernel +2
NVD GitHub
EPSS 3% CVSS 6.5
MEDIUM This Month

In libvpx, there is a possible information disclosure due to improper input validation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Android +4
NVD
EPSS 3% CVSS 6.5
MEDIUM This Month

In libvpx, there is a possible resource exhaustion due to improper input validation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Denial Of Service Android +4
NVD
EPSS 3% CVSS 6.5
MEDIUM This Month

In libvpx, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure +5
NVD
EPSS 4% CVSS 8.8
HIGH PATCH This Week

In libexif, there is a possible out of bounds write due to an integer overflow. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Integer Overflow Privilege Escalation +6
NVD GitHub
EPSS 5% CVSS 7.5
HIGH This Week

In libvpx, there is a possible out of bounds read due to a missing bounds check. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure +5
NVD
EPSS 2% CVSS 8.8
HIGH This Week

Mozilla developers and community members reported memory safety bugs present in Firefox 68, Firefox ESR 68, and Firefox 60.8. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mozilla RCE +6
NVD
EPSS 1% CVSS 6.3
MEDIUM POC This Month

If a Content Security Policy (CSP) directive is defined that uses a hash-based source that takes the empty string as input, execution of any javascript: URIs will be allowed. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Mozilla Firefox +2
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Mozilla developers and community members reported memory safety bugs present in Firefox 68 and Firefox ESR 68. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mozilla RCE +4
NVD
EPSS 81% CVSS 6.1
MEDIUM POC PATCH THREAT This Month

In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the mod_proxy error page. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Apache Http Server +9
NVD GitHub Exploit-DB
EPSS 4% CVSS 7.5
HIGH POC PATCH This Week

runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Docker Runc +8
NVD GitHub
EPSS 1% CVSS 6.3
MEDIUM This Month

It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Ubuntu Linux Leap +1
NVD GitHub
EPSS 1% CVSS 3.8
LOW PATCH Monitor

In QEMU 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg-8~deb10u1, 1:3.1+dfsg-8+deb10u2, and 1:2.1+dfsg-12+deb8u12 (fixed), when executing script in lsi_execute_script(), the LSI scsi. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity.

Denial Of Service Qemu Ubuntu Linux +1
NVD
EPSS 13% CVSS 9.8
CRITICAL PATCH Act Now

An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Linux Linux Kernel +4
NVD
EPSS 2% CVSS 6.5
MEDIUM POC This Month

ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Imagemagick Ubuntu Linux +2
NVD GitHub
EPSS 3% CVSS 6.5
MEDIUM POC This Month

ImageMagick 7.0.8-43 has a memory leak in Huffman2DEncodeImage in coders/ps3.c, as demonstrated by WritePS3Image. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Imagemagick Leap
NVD GitHub
EPSS 2% CVSS 6.5
MEDIUM POC This Month

ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Imagemagick Debian Linux +2
NVD GitHub
EPSS 2% CVSS 6.5
MEDIUM POC This Month

ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in MagickCore/memory.c. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Imagemagick Debian Linux +2
NVD GitHub
EPSS 3% CVSS 6.5
MEDIUM POC This Month

ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Imagemagick Backports +2
NVD GitHub
EPSS 2% CVSS 6.5
MEDIUM POC This Month

ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Imagemagick Ubuntu Linux +2
NVD GitHub
EPSS 1% CVSS 7.8
HIGH POC PATCH This Week

There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Buffer Overflow Linux +41
NVD GitHub
EPSS 1% CVSS 7.8
HIGH POC PATCH This Week

There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Buffer Overflow Linux +36
NVD GitHub
EPSS 1% CVSS 8.8
HIGH PATCH This Week

An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Denial Of Service Buffer Overflow Linux +29
NVD
EPSS 3% CVSS 6.5
MEDIUM This Month

In Eclipse Mosquitto 1.5.0 to 1.6.5 inclusive, if a malicious MQTT client sends a SUBSCRIBE packet containing a topic that consists of approximately 65400 or more '/' characters, i.e. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Mosquitto Ubuntu Linux +4
NVD
EPSS 1% CVSS 7.8
HIGH POC PATCH This Week

A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Linux Linux Kernel +33
NVD
EPSS 3% CVSS 9.8
CRITICAL Act Now

process_http_response in OpenConnect before 8.05 has a Buffer Overflow when a malicious server uses HTTP chunked encoding with crafted chunk sizes. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Openconnect Fedora +3
NVD
EPSS 7% CVSS 9.8
CRITICAL PATCH Act Now

Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow Curl +16
NVD VulDB
EPSS 3% CVSS 9.8
CRITICAL PATCH Act Now

Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Curl Fedora +10
NVD
EPSS 4% CVSS 7.5
HIGH This Week

In Wireshark 3.0.0 to 3.0.3 and 2.6.0 to 2.6.10, the Gryphon dissector could go into an infinite loop. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Wireshark Leap +1
NVD
EPSS 1% CVSS 4.4
MEDIUM POC PATCH This Month

In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. Public exploit code available.

Linux Information Disclosure Linux Kernel +3
NVD
EPSS 0% CVSS 4.4
MEDIUM POC PATCH This Month

In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. Public exploit code available.

Authentication Bypass Linux Linux Kernel +3
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. Rated medium severity (CVSS 4.7).

Null Pointer Dereference Denial Of Service Linux +4
NVD
EPSS 0% CVSS 4.1
MEDIUM PATCH This Month

drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. Rated medium severity (CVSS 4.1).

Null Pointer Dereference Denial Of Service Linux +4
NVD
EPSS 1% CVSS 4.1
MEDIUM POC This Month

drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. Rated medium severity (CVSS 4.1). Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Linux +4
NVD
EPSS 0% CVSS 4.1
MEDIUM PATCH This Month

drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. Rated medium severity (CVSS 4.1).

Null Pointer Dereference Denial Of Service Linux +4
NVD
EPSS 2% CVSS 5.5
MEDIUM POC This Month

sysstat before 12.1.6 has memory corruption due to an Integer Overflow in remap_struct() in sa_common.c. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Sysstat +4
NVD GitHub
EPSS 0% CVSS 7.0
HIGH PATCH This Week

In the Android kernel in the video driver there is a use after free due to a race condition. Rated high severity (CVSS 7.0).

Race Condition Denial Of Service Privilege Escalation +3
NVD
Prev Page 9 of 20 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy