Security
Headlines
HeadlinesLatestCVEs

Tag

#perl

CVE-2019-15232

Live555 before 2019.08.16 has a Use-After-Free because GenericMediaServer::createNewClientSessionWithId can generate the same client session ID in succession, which is mishandled by the MPEG1or2 and Matroska file demultiplexors.

CVE
#vulnerability#web#ios#android#mac#windows#apple#linux#debian#cisco#dos#intel#c++#perl#buffer_overflow#huawei#auth#ssh#sap#ssl
CVE-2019-15222

An issue was discovered in the Linux kernel before 5.2.8. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/helper.c (motu_microbookii) driver.

CVE-2019-15216

An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c driver.

CVE-2019-15218

An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/siano/smsusb.c driver.

CVE-2019-15221

An issue was discovered in the Linux kernel before 5.1.17. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/pcm.c driver.

CVE-2016-10894: #830726 - xtrlock: CVE-2016-10894: xtrlock does not block multitouch events

xtrlock through 2.10 does not block multitouch events. Consequently, an attacker at a locked screen can send input to (and thus control) various programs such as Chromium via events such as pan scrolling, "pinch and zoom" gestures, or even regular mouse clicks (by depressing the touchpad once and then clicking with a different finger).

CVE-2019-15107: Offensive Security’s Exploit Database Archive

An issue was discovered in Webmin <=1.920. The parameter old in password_change.cgi contains a command injection vulnerability.

CVE-2019-13418: CVE - advisory - Search Guard

Search Guard versions before 24.0 had an issue that values of string arrays in documents are not properly anonymized.