Recent vulnerabilities
Recent vulnerabilities from
Select from 70 available sources using the dropdown above.
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2019-1105 | Outlook for Android Spoofing Vulnerability | 2019-06-11T07:00:00.000Z | 2019-06-20T07:00:00.000Z |
| msrc_cve-2015-8100 | The net-snmp package in OpenBSD through 5.8 uses 0644 permissions for snmpd.conf which allows local users to obtain sensitive community information by reading this file. | 2015-11-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2015-8370 | Multiple integer underflows in Grub2 1.98 through 2.02 allow physically proximate attackers to bypass authentication obtain sensitive information or cause a denial of service (disk corruption) via backspace characters in the (1) grub_username_get function in grub-core/normal/auth.c or the (2) grub_password_get function in lib/crypto.c which trigger an "Off-by-two" or "Out of bounds overwrite" memory error. | 2015-12-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2016-10739 | In the GNU C Library (aka glibc or libc6) through 2.28 the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters which could lead applications to incorrectly assume that it had parsed a valid string without the possibility of embedded HTTP headers or other potentially dangerous substrings. | 2019-01-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2016-3189 | Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted bzip2 file related to block ends set to before the start of the block. | 2016-06-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2018-10896 | The default cloud-init configuration in cloud-init 0.6.2 and newer included "ssh_deletekeys: 0" disabling cloud-init's deletion of ssh host keys. In some environments this could lead to instances created by cloning a golden master or template system sharing ssh host keys and being able to impersonate one another or conduct man-in-the-middle attacks. | 2018-08-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2018-15686 | systemd: reexec state injection: fgets() on overlong lines leads to line splitting | 2018-10-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2018-15687 | systemd: chown_one() can dereference symlinks | 2018-10-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2018-15688 | Out-of-Bounds write in systemd-networkd dhcpv6 option handling | 2018-10-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2018-16864 | An allocation of memory without limits that could result in the stack clashing with another memory region was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash systemd-journald or escalate his privileges. Versions through v240 are vulnerable. | 2019-01-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2018-16865 | An allocation of memory without limits that could result in the stack clashing with another memory region was discovered in systemd-journald when many entries are sent to the journal socket. A local attacker or a remote one if systemd-journal-remote is used may use this flaw to crash systemd-journald or execute code with journald privileges. Versions through v240 are vulnerable. | 2019-01-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2018-16866 | An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. A local attacker can use this flaw to disclose process memory data. Versions from v221 to v239 are vulnerable. | 2019-01-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2018-19591 | In the GNU C Library (aka glibc or libc6) through 2.28 attempting to resolve a crafted hostname via getaddrinfo() leads to the allocation of a socket descriptor that is not closed. This is related to the if_nametoindex() function. | 2018-12-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2018-19665 | The Bluetooth subsystem in QEMU mishandles negative values for length variables leading to memory corruption. | 2018-12-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2018-19876 | cairo 1.16.0 in cairo_ft_apply_variations() in cairo-ft-font.c would free memory using a free function incompatible with WebKit's fastMalloc leading to an application crash with a "free(): invalid pointer" error. | 2018-12-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2018-20796 | In the GNU C Library (aka glibc or libc6) through 2.29 check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion as demonstrated by '(\227|)(\\1\\1|t1|\\\2537)+' in grep. | 2019-02-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2018-20843 | In libexpat in Expat before 2.2.7 XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks). | 2019-06-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2019-12439 | bubblewrap.c in Bubblewrap before 0.3.3 misuses temporary directories in /tmp as a mount point. In some particular configurations (related to XDG_RUNTIME_DIR) a local attacker may abuse this flaw to prevent other users from executing bubblewrap or potentially execute code. | 2019-05-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2019-12972 | An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd) as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in _bfd_doprnt in bfd.c because elf_object_p in elfcode.h mishandles an e_shstrndx section of type SHT_GROUP by omitting a trailing '\0' character. | 2019-06-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2019-13012 | The keyfile settings backend in GNOME GLib (aka glib2.0) before 2.60.0 creates directories using g_file_make_directory_with_parents (kfsb->dir NULL NULL) and files using g_file_replace_contents (kfsb->file contents length NULL FALSE G_FILE_CREATE_REPLACE_DESTINATION NULL NULL NULL). Consequently it does not properly restrict directory (and file) permissions. Instead for directories 0777 permissions are used; for files default file permissions are used. This is similar to CVE-2019-12450. | 2019-06-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2019-14250 | An issue was discovered in GNU libiberty as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value leading to an integer overflow and resultant heap-based buffer overflow. | 2019-07-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2019-14444 | apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation (in byte_put_little_endian function in elfcomm.c) via an ELF file as demonstrated by readelf. | 2019-07-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2019-14834 | A vulnerability was found in dnsmasq before version 2.81 where the memory leak allows remote attackers to cause a denial of service (memory consumption) via vectors involving DHCP response creation. | 2020-01-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2019-15847 | The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example within a single execution of a program the output of every __builtin_darn() call may be the same. | 2019-09-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2019-17450 | find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd) as distributed in GNU Binutils 2.32 allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file. | 2019-10-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2019-17451 | An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd) as distributed in GNU Binutils 2.32. It is an integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c as demonstrated by nm. | 2019-10-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2019-18276 | An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. By default if Bash is run with its effective UID not equal to its real UID it will drop privileges by setting its effective UID to its real UID. However it does so incorrectly. On Linux and other systems that support "saved UID" functionality the saved UID is not dropped. An attacker with command execution in the shell can use "enable -f" for runtime loading of a new builtin which can be a shared object that calls setuid() and therefore regains privileges. However binaries running with an effective UID of 0 are unaffected. | 2019-11-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2019-20175 | An issue was discovered in ide_dma_cb() in hw/ide/core.c in QEMU 2.4.0 through 4.2.0. The guest system can crash the QEMU process in the host system via a special SCSI_IOCTL_SEND_COMMAND. It hits an assertion that implies that the size of successful DMA transfers there must be a multiple of 512 (the size of a sector). NOTE: a member of the QEMU security team disputes the significance of this issue because a "privileged guest user has many ways to cause similar DoS effect without triggering this assert. | 2019-12-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2019-20386 | An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command a memory leak may occur. | 2020-01-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2019-20388 | xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak. | 2020-01-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |