Total
2860 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-13655 | 1 Imgix | 1 Imgix | 2024-08-04 | N/A |
| Imgix through 2019-06-19 allows remote attackers to cause a denial of service (resource consumption) by manipulating a small JPEG file to specify dimensions of 64250x64250 pixels, which is mishandled during an attempt to load the 'whole image' into memory. | ||||
| CVE-2019-13648 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Rhel Eus | 2024-08-04 | 5.5 Medium |
| In the Linux kernel through 5.2.1 on the powerpc platform, when hardware transactional memory is disabled, a local user can cause a denial of service (TM Bad Thing exception and system crash) via a sigreturn() system call that sends a crafted signal frame. This affects arch/powerpc/kernel/signal_32.c and arch/powerpc/kernel/signal_64.c. | ||||
| CVE-2019-13555 | 1 Mitsubishielectric | 20 L02\/06\/26cpu, L02\/06\/26cpu-cm, L02\/06\/26cpu-cm Firmware and 17 more | 2024-08-04 | 5.9 Medium |
| In Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU: serial number 21081 and prior, Q04/06/13/26UDPVCPU: serial number 21081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 21081 and prior, MELSEC-L Series L02/06/26CPU, L26CPU-BT: serial number 21101 and prior, L02/06/26CPU-P, L26CPU-PBT: serial number 21101 and prior, and L02/06/26CPU-CM, L26CPU-BT-CM: serial number 21101 and prior, a remote attacker can cause the FTP service to enter a denial-of-service condition dependent on the timing at which a remote attacker connects to the FTP server on the above CPU modules. | ||||
| CVE-2019-13301 | 5 Canonical, Debian, Imagemagick and 2 more | 5 Ubuntu Linux, Debian Linux, Imagemagick and 2 more | 2024-08-04 | 6.5 Medium |
| ImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory because of an AnnotateImage error. | ||||
| CVE-2019-13296 | 2 Imagemagick, Opensuse | 2 Imagemagick, Leap | 2024-08-04 | 6.5 Medium |
| ImageMagick 7.0.8-50 Q16 has direct memory leaks in AcquireMagickMemory because of an error in CLIListOperatorImages in MagickWand/operation.c for a NULL value. | ||||
| CVE-2019-13311 | 5 Canonical, Debian, Imagemagick and 2 more | 5 Ubuntu Linux, Debian Linux, Imagemagick and 2 more | 2024-08-04 | 6.5 Medium |
| ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of a wand/mogrify.c error. | ||||
| CVE-2019-13309 | 5 Canonical, Debian, Imagemagick and 2 more | 5 Ubuntu Linux, Debian Linux, Imagemagick and 2 more | 2024-08-04 | 6.5 Medium |
| ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of mishandling the NoSuchImage error in CLIListOperatorImages in MagickWand/operation.c. | ||||
| CVE-2019-13310 | 4 Canonical, Imagemagick, Opensuse and 1 more | 4 Ubuntu Linux, Imagemagick, Leap and 1 more | 2024-08-04 | 6.5 Medium |
| ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c. | ||||
| CVE-2019-13225 | 3 Fedoraproject, Oniguruma Project, Redhat | 3 Fedora, Oniguruma, Enterprise Linux | 2024-08-04 | 6.5 Medium |
| A NULL Pointer Dereference in match_at() in regexec.c in Oniguruma 6.9.2 allows attackers to potentially cause denial of service by providing a crafted regular expression. Oniguruma issues often affect Ruby, as well as common optional libraries for PHP and Rust. | ||||
| CVE-2019-13232 | 3 Debian, Redhat, Unzip Project | 4 Debian Linux, Enterprise Linux, Rhel Eus and 1 more | 2024-08-04 | 3.3 Low |
| Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service (resource consumption), aka a "better zip bomb" issue. | ||||
| CVE-2019-13108 | 2 Exiv2, Fedoraproject | 2 Exiv2, Fedora | 2024-08-04 | 6.5 Medium |
| An integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (SIGSEGV) via a crafted PNG image file, because PngImage::readMetadata mishandles a zero value for iccOffset. | ||||
| CVE-2019-13109 | 3 Exiv2, Fedoraproject, Redhat | 3 Exiv2, Fedora, Enterprise Linux | 2024-08-04 | 6.5 Medium |
| An integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (SIGSEGV) via a crafted PNG image file, because PngImage::readMetadata mishandles a chunkLength - iccOffset subtraction. | ||||
| CVE-2019-13110 | 4 Canonical, Debian, Exiv2 and 1 more | 4 Ubuntu Linux, Debian Linux, Exiv2 and 1 more | 2024-08-04 | 6.5 Medium |
| A CiffDirectory::readDirectory integer overflow and out-of-bounds read in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (SIGSEGV) via a crafted CRW image file. | ||||
| CVE-2019-13111 | 3 Exiv2, Fedoraproject, Redhat | 3 Exiv2, Fedora, Enterprise Linux | 2024-08-04 | 5.5 Medium |
| A WebPImage::decodeChunks integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (large heap allocation followed by a very long running loop) via a crafted WEBP image file. | ||||
| CVE-2019-13112 | 5 Canonical, Debian, Exiv2 and 2 more | 5 Ubuntu Linux, Debian Linux, Exiv2 and 2 more | 2024-08-04 | 6.5 Medium |
| A PngChunk::parseChunkContent uncontrolled memory allocation in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (crash due to an std::bad_alloc exception) via a crafted PNG image file. | ||||
| CVE-2019-13009 | 1 Gitlab | 1 Gitlab | 2024-08-04 | 6.5 Medium |
| An issue was discovered in GitLab Community and Enterprise Edition 9.2 through 12.0.2. Uploaded files associated with unsaved personal snippets were accessible to unauthorized users due to improper permission settings. It has Incorrect Access Control. | ||||
| CVE-2019-13007 | 1 Gitlab | 1 Gitlab | 2024-08-04 | 4.9 Medium |
| An issue was discovered in GitLab Community and Enterprise Edition 11.11 through 12.0.2. When an admin enabled one of the service templates, it was triggering an action that leads to resource depletion. It allows Uncontrolled Resource Consumption. | ||||
| CVE-2019-12984 | 1 Linux | 1 Linux Kernel | 2024-08-04 | N/A |
| A NULL pointer dereference vulnerability in the function nfc_genl_deactivate_target() in net/nfc/netlink.c in the Linux kernel before 5.1.13 can be triggered by a malicious user-mode program that omits certain NFC attributes, leading to denial of service. | ||||
| CVE-2019-12975 | 5 Canonical, Debian, Imagemagick and 2 more | 5 Ubuntu Linux, Debian Linux, Imagemagick and 2 more | 2024-08-04 | 5.5 Medium |
| ImageMagick 7.0.8-34 has a memory leak vulnerability in the WriteDPXImage function in coders/dpx.c. | ||||
| CVE-2019-13003 | 1 Gitlab | 1 Gitlab | 2024-08-04 | 7.5 High |
| An issue was discovered in GitLab Community and Enterprise Edition before 12.0.3. One of the parsers used by Gilab CI was vulnerable to a resource exhaustion attack. It allows Uncontrolled Resource Consumption. | ||||