• git://
#Vulnerabilities 3853
Date Id Summary Products Score Patch Annotated
2019-03-11 CVE-2019-9656 An issue was discovered in LibOFX 0.9.14. There is a NULL pointer dereference in the function OFXApplication::startElement in the file lib/ofx_sgml.cpp, as demonstrated by ofxdump. Ubuntu_linux, Debian_linux, Libofx 8.8
2019-03-21 CVE-2018-18898 The email-ingestion feature in Best Practical Request Tracker 4.1.13 through 4.4 allows denial of service by remote attackers via an algorithmic complexity attack on email address parsing. Request_tracker, Ubuntu_linux, Debian_linux, Fedora 7.5
2019-03-21 CVE-2018-20669 An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13. A local attacker can craft a malicious IOCTL function call to overwrite arbitrary kernel memory, resulting in a Denial of Service or privilege escalation. Ubuntu_linux, Linux_kernel, Cn1610_firmware, Hci_management_node, Snapprotect, Solidfire 7.8
2019-07-31 CVE-2019-14464 XMFile::read in XMFile.cpp in milkyplay in MilkyTracker 1.02.00 has a heap-based buffer overflow. Ubuntu_linux, Debian_linux, Fedora, Milkytracker 5.5
2019-08-01 CVE-2019-14496 LoaderXM::load in LoaderXM.cpp in milkyplay in MilkyTracker 1.02.00 has a stack-based buffer overflow. Ubuntu_linux, Debian_linux, Milkytracker 7.8
2019-08-01 CVE-2019-14497 ModuleEditor::convertInstrument in tracker/ModuleEditor.cpp in MilkyTracker 1.02.00 has a heap-based buffer overflow. Ubuntu_linux, Debian_linux, Milkytracker 7.8
2019-10-18 CVE-2019-18198 In the Linux kernel before 5.3.4, a reference count usage error in the fib6_rule_suppress() function in the fib6 suppression feature of net/ipv6/fib6_rules.c, when handling the FIB_LOOKUP_NOREF flag, can be exploited by a local attacker to corrupt memory, aka CID-ca7a03c41753. Ubuntu_linux, Linux_kernel 7.8
2019-10-22 CVE-2019-15587 In the Loofah gem for Ruby through v2.3.0 unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished. Ubuntu_linux, Debian_linux, Fedora, Loofah 5.4
2019-11-07 CVE-2019-18813 A memory leak in the dwc3_pci_probe() function in drivers/usb/dwc3/dwc3-pci.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering platform_device_add_properties() failures, aka CID-9bbfceea12a8. Ubuntu_linux, Linux_kernel 7.5
2019-11-18 CVE-2019-19044 Two memory leaks in the v3d_submit_cl_ioctl() function in drivers/gpu/drm/v3d/v3d_gem.c in the Linux kernel before 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering kcalloc() or v3d_job_init() failures, aka CID-29cd13cfd762. Brocade_fabric_operating_system_firmware, Ubuntu_linux, Linux_kernel, Active_iq_unified_manager, Aff_baseboard_management_controller, Cloud_backup, Data_availability_services, E\-Series_santricity_os_controller, Fas\/aff_baseboard_management_controller, Hci_baseboard_management_controller, Hci_compute_node_firmware, Solidfire\,_enterprise_sds_\&_hci_storage_node, Solidfire_\&_hci_management_node, Solidfire_baseboard_management_controller_firmware, Steelstore_cloud_integrated_storage 7.5