| 2019-07-17 | CVE-2019-13619 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
In Wireshark 3.0.0 to 3.0.2, 2.6.0 to 2.6.9, and 2.4.0 to 2.4.15, the ASN.1 BER dissector and related dissectors could crash. | 7.5 |
| 2019-07-17 | CVE-2019-13272 | In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). | 7.8 |
| 2019-07-16 | CVE-2019-13115 | Integer Overflow or Wraparound vulnerability in multiple products
In libssh2 before 1.9.0, kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c has an integer overflow that could lead to an out-of-bounds read in the way packets are read from the server. | 8.1 |
| 2019-07-16 | CVE-2019-10191 | A vulnerability was discovered in DNS resolver of knot resolver before version 4.1.0 which allows remote attackers to downgrade DNSSEC-secure domains to DNSSEC-insecure state, opening possibility of domain hijack using attacks against insecure DNS protocol. | 7.5 |
| 2019-07-16 | CVE-2019-10190 | A vulnerability was discovered in DNS resolver component of knot resolver through version 3.2.0 before 4.1.0 which allows remote attackers to bypass DNSSEC validation for non-existence answer. | 7.5 |
| 2019-07-16 | CVE-2019-13616 | Out-of-bounds Read vulnerability in multiple products
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c. | 8.1 |
| 2019-07-16 | CVE-2019-1010057 | Out-of-bounds Write vulnerability in multiple products
nfdump 1.6.16 and earlier is affected by: Buffer Overflow. | 7.8 |
| 2019-07-11 | CVE-2019-12527 | Out-of-bounds Write vulnerability in multiple products
An issue was discovered in Squid 4.0.23 through 4.7. | 8.8 |
| 2019-07-05 | CVE-2019-13313 | Information Exposure vulnerability in multiple products
libosinfo 1.5.0 allows local users to discover credentials by listing a process, because credentials are passed to osinfo-install-script via the command line. | 7.8 |
| 2019-07-04 | CVE-2019-13283 | Out-of-bounds Read vulnerability in multiple products
In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in strncpy from FoFiType1::parse in fofi/FoFiType1.cc because it does not ensure the source string has a valid length before making a fixed-length copy. | 7.8 |