Export limit exceeded: 20571 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (20571 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-6187 | 1 Lenovo | 42 Thinksystem Sr670, Thinkagile 7d1h, Thinkagile 7x82 and 39 more | 2024-11-21 | 6.5 Medium |
| A stored CSV Injection vulnerability was reported in Lenovo XClarity Controller (XCC) that could allow an administrative or other appropriately permissioned user to store malformed data in certain XCC server informational fields, that could result in crafted formulas being stored in an exported CSV file. The crafted formula is not executed on XCC itself and has no effect on the server. | ||||
| CVE-2019-6182 | 1 Lenovo | 1 Xclarity Administrator | 2024-11-21 | 4.9 Medium |
| A stored CSV Injection vulnerability was reported in Lenovo XClarity Administrator (LXCA) versions prior to 2.5.0 that could allow an administrative user to store malformed data in LXCA Jobs and Event Log data, that could result in crafted formulas stored in an exported CSV file. The crafted formula is not executed on LXCA itself. | ||||
| CVE-2019-5881 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-11-21 | 8.1 High |
| Out of bounds read in SwiftShader in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | ||||
| CVE-2019-5867 | 1 Google | 1 Chrome | 2024-11-21 | 6.5 Medium |
| Out of bounds read in JavaScript in Google Chrome prior to 76.0.3809.100 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2019-5849 | 1 Google | 1 Chrome | 2024-11-21 | 8.1 High |
| Out of bounds read in Skia in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | ||||
| CVE-2019-5835 | 4 Fedoraproject, Google, Opensuse and 1 more | 5 Fedora, Chrome, Backports and 2 more | 2024-11-21 | 6.5 Medium |
| Object lifecycle issue in SwiftShader in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. | ||||
| CVE-2019-5827 | 6 Canonical, Debian, Fedoraproject and 3 more | 8 Ubuntu Linux, Debian Linux, Fedora and 5 more | 2024-11-21 | 8.8 High |
| Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2019-5798 | 6 Canonical, Debian, Google and 3 more | 8 Ubuntu Linux, Debian Linux, Chrome and 5 more | 2024-11-21 | 6.5 Medium |
| Lack of correct bounds checking in Skia in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | ||||
| CVE-2019-5791 | 3 Google, Opensuse, Redhat | 4 Chrome, Backports, Leap and 1 more | 2024-11-21 | 8.8 High |
| Inappropriate optimization in V8 in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | ||||
| CVE-2019-5782 | 4 Debian, Fedoraproject, Google and 1 more | 7 Debian Linux, Fedora, Chrome and 4 more | 2024-11-21 | N/A |
| Incorrect optimization assumptions in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. | ||||
| CVE-2019-5770 | 4 Debian, Fedoraproject, Google and 1 more | 7 Debian Linux, Fedora, Chrome and 4 more | 2024-11-21 | N/A |
| Insufficient input validation in WebGL in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | ||||
| CVE-2019-5718 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2024-11-21 | N/A |
| In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the RTSE dissector and other ASN.1 dissectors could crash. This was addressed in epan/charsets.c by adding a get_t61_string length check. | ||||
| CVE-2019-5698 | 1 Nvidia | 1 Virtual Gpu Manager | 2024-11-21 | 4.4 Medium |
| NVIDIA Virtual GPU Manager, all versions, contains a vulnerability in the vGPU plugin, in which an input index value is incorrectly validated, which may lead to denial of service. | ||||
| CVE-2019-5692 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2024-11-21 | 7.8 High |
| NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the product uses untrusted input when calculating or using an array index, which may lead to escalation of privileges or denial of service. | ||||
| CVE-2019-5677 | 1 Nvidia | 1 Gpu Driver | 2024-11-21 | N/A |
| NVIDIA Windows GPU Display driver software for Windows (all versions) contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DeviceIoControl where the software reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer, which may lead to denial of service. | ||||
| CVE-2019-5666 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2024-11-21 | N/A |
| NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) create context command DDI DxgkDdiCreateContext in which the product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array, which may lead to denial of service or escalation of privileges. | ||||
| CVE-2019-5621 | 1 Abbs Software Audio Media Player Project | 1 Abbs Software Audio Media Player | 2024-11-21 | 7.8 High |
| ABBS Software Audio Media Player version 3.1 suffers from an instance of CWE-121: Stack-based Buffer Overflow. | ||||
| CVE-2019-5619 | 1 Aasync | 1 Aasync | 2024-11-21 | 9.8 Critical |
| AASync.com AASync version 2.2.1.0 suffers from an instance of CWE-121: Stack-based Buffer Overflow. | ||||
| CVE-2019-5618 | 2 A-pdf, Microsoft | 2 Wav To Mp3, Windows | 2024-11-21 | 7.8 High |
| A-PDF WAV to MP3 version 1.0.0 suffers from an instance of CWE-121: Stack-based Buffer Overflow. | ||||
| CVE-2019-5610 | 2 Freebsd, Netapp | 2 Freebsd, Clustered Data Ontap | 2024-11-21 | 7.5 High |
| In FreeBSD 12.0-STABLE before r350637, 12.0-RELEASE before 12.0-RELEASE-p9, 11.3-STABLE before r350638, 11.3-RELEASE before 11.3-RELEASE-p2, and 11.2-RELEASE before 11.2-RELEASE-p13, the bsnmp library is not properly validating the submitted length from a type-length-value encoding. A remote user could cause an out-of-bounds read or trigger a crash of the software such as bsnmpd resulting in a denial of service. | ||||