CWE:
 

Sorry. No results for Bugtraq WLB2


CVEMAP Search Results

CVE
Details
Description
2019-07-16
Medium
CVE-2019-13616

Vendor: Libsdl
Software: Libsdl
 

 
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c.

 
Medium
CVE-2019-13618

Vendor: GPAC
Software: GPAC
 

 
In GPAC before 0.8.0, isomedia/isom_read.c in libgpac.a has a heap-based buffer over-read, as demonstrated by a crash in gf_m2ts_sync in media_tools/mpegts.c.

 
2019-07-14
Low
CVE-2019-1010004

Vendor: Soundexchange
Software: Sound exchange
 

 
SoX - Sound eXchange 14.4.2 and earlier is affected by: Out-of-bounds Read. The impact is: Denial of Service. The component is: read_samples function at xa.c:219. The attack vector is: Victim must open specially crafted .xa file. NOTE: this may overlap CVE-2017-18189.

 
2019-07-10
Medium
CVE-2019-13503

Vendor: Cesanta
Software: Mongoose
 

 
mq_parse_http in mongoose.c in Mongoose 6.15 has a heap-based buffer over-read.

 
Low
CVE-2019-13504

Vendor: Exiv2
Software: Exiv2
 

 
There is an out-of-bounds read in Exiv2::MrwImage::readMetadata in mrwimage.cpp in Exiv2 through 0.27.2.

 
2019-07-09
Medium
CVE-2019-13470

Vendor: Matrixssl
Software: Matrixssl
 

 
MatrixSSL before 4.2.1 has an out-of-bounds read during ASN.1 handling.

 
2019-07-08
Medium
CVE-2019-2116

Vendor: Google
Software: Android
 

 
In save_attr_seq of sdp_discovery.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-117105007.

 
2019-07-07
Medium
CVE-2019-13391

Vendor: Imagemagick
Software: Imagemagick
 

 
In ImageMagick 7.0.8-50 Q16, ComplexImages in MagickCore/fourier.c has a heap-based buffer over-read because of incorrect calls to GetCacheViewVirtualPixels.

 
2019-07-04
Medium
CVE-2019-13282

Vendor: Glyphandcog
Software: Xpdfreader
 

 
In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in SampledFunction::transform in Function.cc when using a large index for samples. It can, for example, be triggered by sending a crafted PDF document to the pdftotext tool. It allows an attacker to use a crafted pdf file to cause Denial of Service or an information leak, or possibly have unspecified other impact.

 
Low
CVE-2019-13286

Vendor: Glyphandcog
Software: Xpdfreader
 

 
In Xpdf 4.01.01, there is a heap-based buffer over-read in the function JBIG2Stream::readTextRegionSeg() located at JBIG2Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an attacker to cause Information Disclosure.

 

 


Copyright 2019, cxsecurity.com

 

Back to Top