Total
11736 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-4289 | 1 Gmer | 1 Gmer | 2019-11-01 | 2.1 LOW | 5.5 MEDIUM |
| A stack based buffer overflow vulnerability exists in the method receiving data from SysTreeView32 control of the GMER 2.1.19357 application. A specially created long path can lead to a buffer overflow on the stack resulting in code execution. An attacker needs to create path longer than 99 characters to trigger this vulnerability. | |||||
| CVE-2019-17139 | 2 Foxitsoftware, Microsoft | 3 Foxit Reader, Phantompdf, Windows | 2019-10-28 | 6.8 MEDIUM | 8.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of Javascript in the HTML2PDF plugin. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8692. | |||||
| CVE-2019-17144 | 1 Foxitsoftware | 1 Phantompdf | 2019-10-28 | 6.8 MEDIUM | 8.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the conversion of DWG files to PDF. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9274. | |||||
| CVE-2019-17145 | 1 Foxitsoftware | 1 Phantompdf | 2019-10-28 | 6.8 MEDIUM | 8.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the conversion of DXF files to PDF. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9276. | |||||
| CVE-2019-16265 | 1 Codesys | 2 Codesys, Eni Server | 2019-10-28 | 7.5 HIGH | 9.8 CRITICAL |
| CODESYS V2.3 ENI server up to V3.2.2.24 has a Buffer Overflow. | |||||
| CVE-2019-13545 | 1 Hornerautomation | 1 Cscape | 2019-10-21 | 6.8 MEDIUM | 7.8 HIGH |
| In Horner Automation Cscape 9.90 and prior, improper validation of data may cause the system to write outside the intended buffer area, which may allow arbitrary code execution. | |||||
| CVE-2019-2184 | 1 Google | 1 Android | 2019-10-16 | 9.3 HIGH | 8.8 HIGH |
| In PV_DecodePredictedIntraDC of dec_pred_intra_dc.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9Android ID: A-134578122 | |||||
| CVE-2019-2185 | 1 Google | 1 Android | 2019-10-16 | 9.3 HIGH | 8.8 HIGH |
| In VlcDequantH263IntraBlock_SH of vlc_dequant.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-136173699 | |||||
| CVE-2019-2186 | 1 Google | 1 Android | 2019-10-16 | 9.3 HIGH | 8.8 HIGH |
| In GetMBheader of combined_decode.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-136175447 | |||||
| CVE-2019-17256 | 1 Irfanview | 1 Irfanview | 2019-10-10 | 6.8 MEDIUM | 7.8 HIGH |
| IrfanView 4.53 allows a User Mode Write AV starting at DPX!ReadDPX_W+0x0000000000001203. | |||||
| CVE-2019-17242 | 1 Irfanview | 1 Irfanview | 2019-10-10 | 4.6 MEDIUM | 7.8 HIGH |
| IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x000000000000966f. | |||||
| CVE-2019-17245 | 1 Irfanview | 1 Irfanview | 2019-10-10 | 4.6 MEDIUM | 7.8 HIGH |
| IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x0000000000004359. | |||||
| CVE-2019-17241 | 1 Irfanview | 1 Irfanview | 2019-10-10 | 4.6 MEDIUM | 7.8 HIGH |
| IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x000000000000d563. | |||||
| CVE-2019-17259 | 1 Kmplayer | 1 Kmplayer | 2019-10-10 | 4.6 MEDIUM | 7.8 HIGH |
| KMPlayer 4.2.2.31 allows a User Mode Write AV starting at utils!src_new+0x000000000014d6ee. | |||||
| CVE-2019-17258 | 1 Irfanview | 1 Irfanview | 2019-10-10 | 6.8 MEDIUM | 7.8 HIGH |
| IrfanView 4.53 allows Data from a Faulting Address to control a subsequent Write Address starting at JPEG_LS+0x000000000000839c. | |||||
| CVE-2019-17261 | 1 Xnview | 1 Xnview | 2019-10-10 | 4.6 MEDIUM | 7.8 HIGH |
| XnView Classic 2.49.1 allows a User Mode Write AV starting at Xwsq+0x0000000000001e51. | |||||
| CVE-2019-17262 | 1 Xnview | 1 Xnview | 2019-10-10 | 4.6 MEDIUM | 7.8 HIGH |
| XnView Classic 2.49.1 allows a User Mode Write AV starting at Xwsq+0x0000000000001fc0. | |||||
| CVE-2019-17248 | 1 Irfanview | 1 Irfanview | 2019-10-10 | 6.8 MEDIUM | 7.8 HIGH |
| IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x00000000000025b6. | |||||
| CVE-2019-17255 | 1 Irfanview | 1 Irfanview | 2019-10-10 | 6.8 MEDIUM | 7.8 HIGH |
| IrfanView 4.53 allows a User Mode Write AV starting at EXR!ReadEXR+0x0000000000010836. | |||||
| CVE-2019-17250 | 1 Irfanview | 1 Irfanview | 2019-10-10 | 6.8 MEDIUM | 7.8 HIGH |
| IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x00000000000042f5. | |||||