xqx12

57 exploits Active since Jul 2018
CVE-2018-20098 WRITEUP MEDIUM WRITEUP
Exiv2 <0.27-RC3 - Buffer Overflow
There is a heap-based buffer over-read in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.
CVSS 6.5
CVE-2018-20099 WRITEUP MEDIUM WRITEUP
Exiv2 <0.27-RC3 - DoS
There is an infinite loop in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.
CVSS 6.5
CVE-2019-11638 WRITEUP MEDIUM WRITEUP
GNU recutils <1.8 - Memory Corruption
An issue was discovered in GNU recutils 1.8. There is a NULL pointer dereference in the function rec_field_name_equal_p at rec-field-name.c in librec.a, leading to a crash.
CVSS 6.5
CVE-2019-11639 WRITEUP HIGH WRITEUP
GNU recutils <1.8 - Buffer Overflow
An issue was discovered in GNU recutils 1.8. There is a stack-based buffer overflow in the function rec_type_check_enum at rec-types.c in librec.a.
CVSS 8.8
CVE-2019-14288 WRITEUP HIGH WRITEUP
Xpdf 4.01.01 - Memory Corruption
An issue was discovered in Xpdf 4.01.01. There is an Integer overflow in the function JBIG2Bitmap::combine at JBIG2Stream.cc for the "one byte per line" case.
CVSS 7.8
CVE-2019-14289 WRITEUP MEDIUM WRITEUP
Xpdf 4.01.01 - Buffer Overflow
An issue was discovered in Xpdf 4.01.01. There is an integer overflow in the function JBIG2Bitmap::combine at JBIG2Stream.cc for the "multiple bytes per line" case.
CVSS 5.5
CVE-2019-14290 WRITEUP MEDIUM WRITEUP
Xpdf <4.01.01 - Info Disclosure
An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA==6 case 2.
CVSS 5.5
CVE-2019-14291 WRITEUP MEDIUM WRITEUP
Xpdf <4.01.01 - Info Disclosure
An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA==6 case 3.
CVSS 5.5
CVE-2019-14293 WRITEUP MEDIUM WRITEUP
Xpdf <4.01.01 - Info Disclosure
An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA!=6 case 2.
CVSS 5.5
CVE-2019-14294 WRITEUP MEDIUM WRITEUP
Xpdf 4.01.01 - Use After Free
An issue was discovered in Xpdf 4.01.01. There is a use-after-free in the function JPXStream::fillReadBuf at JPXStream.cc, due to an out of bounds read.
CVSS 5.5
CVE-2019-16224 WRITEUP CRITICAL WRITEUP
py-lmdb <0.97 - Memory Corruption
An issue was discovered in py-lmdb 0.97. For certain values of md_flags, mdb_node_add does not properly set up a memcpy destination, leading to an invalid write operation. NOTE: this outcome occurs when accessing a data.mdb file supplied by an attacker.
CVSS 9.8
CVE-2019-16225 WRITEUP CRITICAL WRITEUP
py-lmdb <0.97 - Memory Corruption
An issue was discovered in py-lmdb 0.97. For certain values of mp_flags, mdb_page_touch does not properly set up mc->mc_pg[mc->top], leading to an invalid write operation. NOTE: this outcome occurs when accessing a data.mdb file supplied by an attacker.
CVSS 9.8
CVE-2019-16226 WRITEUP HIGH WRITEUP
py-lmdb <0.97 - Memory Corruption
An issue was discovered in py-lmdb 0.97. mdb_node_del does not validate a memmove in the case of an unexpected node->mn_hi, leading to an invalid write operation. NOTE: this outcome occurs when accessing a data.mdb file supplied by an attacker.
CVSS 7.5
CVE-2019-16227 WRITEUP CRITICAL WRITEUP
py-lmdb <0.97 - Memory Corruption
An issue was discovered in py-lmdb 0.97. For certain values of mn_flags, mdb_cursor_set triggers a memcpy with an invalid write operation within mdb_xcursor_init1. NOTE: this outcome occurs when accessing a data.mdb file supplied by an attacker.
CVSS 9.8
CVE-2019-17530 WRITEUP HIGH WRITEUP
Axiosys Bento4 - Out-of-Bounds Read
An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in AP4_PrintInspector::AddField in Core/Ap4Atom.cpp when called from AP4_CencSampleEncryption::DoInspectFields in Core/Ap4CommonEncryption.cpp, when called from AP4_Atom::Inspect in Core/Ap4Atom.cpp.
CVSS 7.8
CVE-2019-3573 WRITEUP MEDIUM WRITEUP
Libsixel - Infinite Loop
In libsixel v1.8.2, there is an infinite loop in the function sixel_decode_raw_impl() in the file fromsixel.c, as demonstrated by sixel2png.
CVSS 5.5
CVE-2019-3574 WRITEUP HIGH WRITEUP
Libsixel - Out-of-Bounds Read
In libsixel v1.8.2, there is a heap-based buffer over-read in the function load_jpeg() in the file loader.c, as demonstrated by img2sixel.
CVSS 7.8
CVE-2019-6455 WRITEUP MEDIUM WRITEUP
GNU Recutils - Double Free
An issue was discovered in GNU Recutils 1.8. There is a double-free problem in the function rec_mset_elem_destroy() in the file rec-mset.c.
CVSS 6.5
CVE-2019-6456 WRITEUP MEDIUM WRITEUP
GNU Recutils - NULL Pointer Dereference
An issue was discovered in GNU Recutils 1.8. There is a NULL pointer dereference in the function rec_fex_size() in the file rec-fex.c of librec.a.
CVSS 6.5
CVE-2019-6457 WRITEUP MEDIUM WRITEUP
GNU Recutils - Memory Leak
An issue was discovered in GNU Recutils 1.8. There is a memory leak in rec_aggregate_reg_new in rec-aggregate.c in librec.a.
CVSS 6.5
CVE-2019-6458 WRITEUP MEDIUM WRITEUP
GNU Recutils - Memory Leak
An issue was discovered in GNU Recutils 1.8. There is a memory leak in rec_buf_new in rec-buf.c when called from rec_parse_rset in rec-parser.c in librec.a.
CVSS 6.5
CVE-2019-6460 WRITEUP MEDIUM WRITEUP
GNU Recutils - NULL Pointer Dereference
An issue was discovered in GNU Recutils 1.8. There is a NULL pointer dereference in the function rec_field_set_name() in the file rec-field.c in librec.a.
CVSS 6.5
CVE-2019-6461 WRITEUP MEDIUM WRITEUP
Cairo - Reachable Assertion
An issue was discovered in cairo 1.16.0. There is an assertion problem in the function _cairo_arc_in_direction in the file cairo-arc.c.
CVSS 6.5
CVE-2019-9027 WRITEUP HIGH WRITEUP
Matio - Out-of-Bounds Write
An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a heap-based buffer overflow problem in the function ReadNextCell() in mat5.c.
CVSS 7.5
CVE-2019-9028 WRITEUP CRITICAL WRITEUP
Matio - Out-of-Bounds Read
An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a stack-based buffer over-read in the function InflateDimensions() in inflate.c when called from ReadNextCell in mat5.c.
CVSS 9.1