The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date | Fixed Release |
---|---|---|---|---|
CVE-2018-20126 | hw/rdma/vmw/pvrdma_cmd.c in QEMU allows create_cq and create_qp memory leaks because errors are mishandled. | LOW | Dec 25, 2018 | 10.19.45.1 (Wind River Linux LTS 19) |
CVE-2018-20216 | QEMU can have an infinite loop in hw/rdma/vmw/pvrdma_dev_ring.c because return values are not checked (and -1 is mishandled). | MEDIUM | Dec 25, 2018 | 10.19.45.1 (Wind River Linux LTS 19) |
CVE-2018-20699 | Docker Engine before 18.09 allows attackers to cause a denial of service (dockerd memory consumption) via a large integer in a --cpuset-mems or --cpuset-cpus value, related to daemon/daemon_unix.go, pkg/parsers/parsers.go, and pkg/sysinfo/sysinfo.go. | MEDIUM | Jan 11, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |
CVE-2019-6128 | The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak, as demonstrated by pal2rgb. | MEDIUM | Jan 11, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |
CVE-2019-6133 | In PolicyKit (aka polkit) 0.115, the start time protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c. | MEDIUM | Jan 11, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |
CVE-2019-6461 | An issue was discovered in cairo 1.16.0. There is an assertion problem in the function _cairo_arc_in_direction in the file cairo-arc.c. | Medium | Jan 18, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |
CVE-2019-6462 | An issue was discovered in cairo 1.16.0. There is an infinite loop in the function _arc_error_normalized in the file cairo-arc.c, related to _arc_max_angle_for_tolerance_normalized. | Medium | Jan 18, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |
CVE-2019-6706 | Lua 5.3.5 has a use-after-free in lua_upvaluejoin in lapi.c. For example, a crash outcome might be achieved by an attacker who is able to trigger a debug.upvaluejoin call in which the arguments have certain relationships. | Medium | Jan 26, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |
CVE-2019-7282 | In NetKit through 0.17, rcp.c in the rcp client allows remote rsh servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side. This is similar to CVE-2018-20685. | MEDIUM | Jan 31, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |
CVE-2019-7283 | An issue was discovered in rcp in NetKit through 0.17. For an rcp operation, the server chooses which files/directories are sent to the client. However, the rcp client only performs cursory validation of the object name returned. A malicious rsh server (or Man-in-The-Middle attacker) can overwrite arbitrary files in a directory on the rcp client machine. This is similar to CVE-2019-6111. | MEDIUM | Jan 31, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |
CVE-2019-7314 | liblivemedia in Live555 before 2019.02.03 mishandles the termination of an RTSP stream after RTP/RTCP-over-RTSP has been set up, which could lead to a Use-After-Free error that causes the RTSP server to crash (Segmentation fault) or possibly have unspecified other impact. | High | Feb 4, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |
CVE-2019-3813 | Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read due to an off-by-one error in memslot_get_virt. This may lead to a denial of service, or, in the worst case, code-execution by unauthenticated attackers. | Medium | Feb 5, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |
CVE-2019-3832 | It was discovered the fix for CVE-2018-19758 (libsndfile) was not complete and still allows a read beyond the limits of a buffer in wav_write_header() function in wav.c. A local attacker may use this flaw to make the application crash. | LOW | Feb 5, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |
CVE-2019-6116 | In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution. | MEDIUM | Feb 5, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |
CVE-2019-6978 | The GD Graphics Library (aka LibGD) 2.2.5 has a double free in the gdImage*Ptr() functions in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c. NOTE: PHP is unaffected. | High | Feb 5, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |
CVE-2019-7309 | In the GNU C Library (aka glibc or libc6) through 2.29, the memcmp function for the x32 architecture can incorrectly return zero (indicating that the inputs are equal) because the RDX most significant bit is mishandled. | Low | Feb 6, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |
CVE-2019-7663 | An Invalid Address dereference was discovered in TIFFWriteDirectoryTagTransferfunction in libtiff/tif_dirwrite.c in LibTIFF 4.0.10, affecting the cpSeparateBufToContigBuf function in tiffcp.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted tiff file. This is different from CVE-2018-12900. | MEDIUM | Feb 9, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |
CVE-2019-5736 | runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe. | HIGH | Feb 13, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |
CVE-2016-10742 | Zabbix before 2.2.21rc1, 3.x before 3.0.13rc1, 3.1.x and 3.2.x before 3.2.10rc1, and 3.3.x and 3.4.x before 3.4.4rc1 allows open redirect via the request parameter. | Medium | Mar 13, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |
CVE-2019-9071 | An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a stack consumption issue in d_count_templates_scopes in cp-demangle.c after many recursive calls. | Medium | Mar 15, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |
CVE-2019-9073 | An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in _bfd_elf_slurp_version_tables in elf.c. | Medium | Mar 15, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |
CVE-2019-9074 | An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an out-of-bounds read leading to a SEGV in bfd_getl32 in libbfd.c, when called from pex64_get_runtime_function in pei-x86_64.c. | Medium | Mar 15, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |
CVE-2019-9075 | An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is a heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap in archive64.c. | Medium | Mar 15, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |
CVE-2019-9077 | An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in process_mips_specific in readelf.c via a malformed MIPS option section. | Medium | Mar 15, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |
CVE-2019-9741 | An issue was discovered in net/http in Go 1.11.5. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the second argument to http.NewRequest with \\r\\n followed by an HTTP header or a Redis command. | Medium | Mar 21, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |
CVE-2018-16838 | A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users to login instead of denying access. | MEDIUM | Mar 25, 2019 | 10.19.45.6 (Wind River Linux LTS 19) |
CVE-2009-5155 | In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match. | Medium | Mar 25, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |
CVE-2019-3835 | It was found that the superexec operator was available in the internal dictionary in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER. | MEDIUM | Mar 26, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |
CVE-2019-3838 | It was found that the forceput operator could be extracted from the DefineResource method in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER. | MEDIUM | Mar 26, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |
CVE-2019-3812 | QEMU, through version 2.10 and through version 3.1.0, is vulnerable to an out-of-bounds read of up to 128 bytes in the hw/i2c/i2c-ddc.c:i2c_ddc() function. A local attacker with permission to execute i2c commands could exploit this to read stack memory of the qemu process on the host. | Low | Mar 27, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |
CVE-2019-3814 | It was discovered that Dovecot before versions 2.2.36.1 and 2.3.4.1 incorrectly handled client certificates. A remote attacker in possession of a valid certificate with an empty username field could possibly use this issue to impersonate other users. | Medium | Mar 28, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |
CVE-2019-3858 | An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory. | Medium | Mar 28, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |
CVE-2019-3859 | An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory. | Medium | Mar 28, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |
CVE-2019-3860 | An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SFTP packets with empty payloads are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory. | Medium | Mar 28, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |
CVE-2019-3861 | An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory. | Medium | Mar 28, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |
CVE-2019-3862 | An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory. | Medium | Mar 28, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |
CVE-2019-12449 | An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c mishandles a file\'s user and group ownership during move (and copy with G_FILE_COPY_ALL_METADATA) operations from admin:// to file:// URIs, because root privileges are unavailable. | High | May 29, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |
CVE-2019-12448 | An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c has race conditions because the admin backend doesn\'t implement query_info_on_read/write. | Medium | May 29, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |
CVE-2019-12447 | An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c mishandles file ownership because setfsuid is not used. | High | May 29, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |
CVE-2019-10143 | It was discovered freeradius up to and including version 3.0.19 does not correctly configure logrotate, allowing a local attacker who already has control of the radiusd user to escalate his privileges to root, by tricking logrotate into writing a radiusd-writable file to a directory normally inaccessible by the radiusd user. NOTE: the upstream software maintainer has stated there is simply no way for anyone to gain privileges through this alleged issue. | Medium | May 29, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |
CVE-2019-12455 | An issue was discovered in sunxi_divs_clk_setup in drivers/clk/sunxi/clk-sunxi.c in the Linux kernel through 5.1.5. There is an unchecked kstrndup of derived_name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: This id is disputed as not being an issue because “The memory allocation that was not checked is part of a code that only runs at boot time, before user processes are started. Therefore, there is no possibility for an unprivileged user to control it, and no denial of service.” | Medium | Jun 9, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |
CVE-2019-12454 | An issue was discovered in wcd9335_codec_enable_dec in sound/soc/codecs/wcd9335.c in the Linux kernel through 5.1.5. It uses kstrndup instead of kmemdup_nul, which allows attackers to have an unspecified impact via unknown vectors. NOTE: The vendor disputes this issues as not being a vulnerability because switching to kmemdup_nul() would only fix a security issue if the source string wasn\'t NUL-terminated, which is not the case | High | Jun 9, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |
CVE-2019-10160 | A security regression of CVE-2019-9636 was discovered in python since commit d537ab0ff9767ef024f26246899728f0116b1ec3 affecting versions 2.7, 3.5, 3.6, 3.7 and from v3.8.0a4 through v3.8.0b1, which still allows an attacker to exploit CVE-2019-9636 by abusing the user and password parts of a URL. When an application parses user-supplied URLs to store cookies, authentication credentials, or other kind of information, it is possible for an attacker to provide specially crafted URLs to make the application locate host-related information (e.g. cookies, authentication data) and send them to a different host than where it should, unlike if the URLs had been correctly parsed. The result of an attack may vary based on the application. | Medium | Jun 11, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |
CVE-2019-12450 | file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress. Instead, default permissions are used. | High | Jun 11, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |
CVE-2019-12456 | An issue was discovered in the MPT3COMMAND case in _ctl_ioctl_main in drivers/scsi/mpt3sas/mpt3sas_ctl.c in the Linux kernel through 5.1.5. It allows local users to cause a denial of service or possibly have unspecified other impact by changing the value of ioc_number between two kernel reads of that value, aka a double fetch vulnerability. NOTE: a third party reports that this is unexploitable because the doubly fetched value is not used | High | Jun 13, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |
CVE-2019-10126 | A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c might lead to memory corruption and possibly other consequences. | High | Jun 17, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |
CVE-2019-12900 | BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors. | High | Jun 24, 2019 | 10.19.45.6 (Wind River Linux LTS 19) |
CVE-2019-12972 | An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in _bfd_doprnt in bfd.c because elf_object_p in elfcode.h mishandles an e_shstrndx section of type SHT_GROUP by omitting a trailing \'\\0\' character. | Medium | Jun 27, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |
CVE-2017-12652 | libpng before 1.6.32 does not properly check the length of chunks against the user limit. | HIGH | Jul 10, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |
CVE-2019-13616 | SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c. | Medium | Jul 17, 2019 | 10.19.45.1 (Wind River Linux LTS 19) |