The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of MWG

systemd: memory corruption via alloca
An attacker can trigger a memory corruption via alloca() of systemd, in order to trigger a denial of service, and possibly to run code...
cpuapr2019, CVE-2018-16864, CVE-2018-16865, DLA-1639-1, DSA-4367-1, DSA-4367-2, openSUSE-SU-2019:0097-1, openSUSE-SU-2019:0098-1, RHSA-2019:0049-01, RHSA-2019:0204-01, RHSA-2019:2402-01, SB10276, SUSE-SU-2019:0053-1, SUSE-SU-2019:0054-1, SUSE-SU-2019:0054-2, SUSE-SU-2019:0135-1, SUSE-SU-2019:0137-1, USN-3855-1, VIGILANCE-VUL-28232
systemd: out-of-bounds memory reading via Colon Log Messages
An attacker can force a read at an invalid address via Colon Log Messages of systemd, in order to trigger a denial of service, or to obtain sensitive information...
CVE-2018-16866, DSA-4367-1, DSA-4367-2, openSUSE-SU-2019:0097-1, openSUSE-SU-2019:0098-1, RHSA-2019:2091-01, RHSA-2019:3222-01, RHSA-2020:0593-01, RHSA-2020:1264-01, SUSE-SU-2019:0135-1, SUSE-SU-2019:0137-1, USN-3855-1, VIGILANCE-VUL-28257
glibc: out-of-bounds memory reading via proceed_next_node
An attacker can force a read at an invalid address via proceed_next_node() of glibc, in order to trigger a denial of service, or to obtain sensitive information...
CVE-2019-9169, DSA-2019-148, DSA-2019-149, K54823184, SB10278, SSB-439005, SUSE-SU-2019:1102-1, SUSE-SU-2019:14084-1, SUSE-SU-2019:1877-1, SUSE-SU-2019:1958-1, SUSE-SU-2019:1958-2, USN-4416-1, VIGILANCE-VUL-28995
Python urllib: file reading via Blacklist Bypass
A local attacker can read a file via Blacklist Bypass of Python urllib, in order to obtain sensitive information...
1102875, 35907, bulletinjul2019, CVE-2019-9948, DLA-1834-1, DLA-1852-1, DLA-2280-1, DLA-2337-1, DSA-2019-131, openSUSE-SU-2019:1273-1, openSUSE-SU-2019:1282-1, openSUSE-SU-2019:1580-1, RHSA-2019:1700-01, RHSA-2019:2030-01, RHSA-2019:3335-01, RHSA-2019:3520-01, RHSA-2020:1268-01, RHSA-2020:1346-01, RHSA-2020:1462-01, SSA:2019-293-01, SUSE-SU-2019:0972-1, SUSE-SU-2019:14018-1, SUSE-SU-2019:1439-1, SUSE-SU-2020:0234-1, USN-4127-1, USN-4127-2, VIGILANCE-VUL-28848
Python urllib2: information disclosure via CRLF Injection HTTP/Redis
An attacker can bypass access restrictions to data via CRLF Injection HTTP/Redis of Python urllib2, in order to obtain sensitive information...
1102875, 35906, bulletinjul2019, CVE-2019-9947, DLA-1834-1, DLA-1835-1, DLA-1835-2, DLA-2280-1, DLA-2337-1, FEDORA-2019-1ffd6b6064, openSUSE-SU-2019:2389-1, openSUSE-SU-2019:2393-1, openSUSE-SU-2020:0086-1, RHSA-2019:2030-01, RHSA-2019:3335-01, RHSA-2019:3520-01, RHSA-2019:3725-01, RHSA-2020:1268-01, RHSA-2020:1346-01, RHSA-2020:1462-01, SUSE-SU-2019:1352-1, SUSE-SU-2019:1352-2, SUSE-SU-2020:0114-1, SUSE-SU-2020:0234-1, SUSE-SU-2020:0302-1, SUSE-SU-2020:2699-1, USN-4127-1, USN-4127-2, VIGILANCE-VUL-28847
Python urllib2: information disclosure via CRLF Injection
An attacker can bypass access restrictions to data via CRLF Injection of Python urllib2, in order to obtain sensitive information...
36276, bulletinjul2019, CVE-2019-9740, DLA-1834-1, DLA-1835-1, DLA-1835-2, DLA-2280-1, DLA-2337-1, FEDORA-2019-1ffd6b6064, openSUSE-SU-2019:2131-1, openSUSE-SU-2019:2133-1, RHSA-2019:2030-01, RHSA-2019:3335-01, RHSA-2019:3520-01, RHSA-2019:3725-01, RHSA-2020:1268-01, RHSA-2020:1346-01, RHSA-2020:1462-01, SSA:2019-293-01, SUSE-SU-2019:2331-1, SUSE-SU-2019:2332-1, SUSE-SU-2019:2370-1, USN-4127-1, USN-4127-2, VIGILANCE-VUL-28846
libjpeg-turbo: out-of-bounds memory reading via get_8bit_row
An attacker can force a read at an invalid address via get_8bit_row() of libjpeg-turbo, in order to trigger a denial of service, or to obtain sensitive information...
CVE-2018-14498, DLA-1719-1, DLA-2302-1, openSUSE-SU-2019:1118-1, openSUSE-SU-2019:1343-1, RHSA-2019:2052-01, RHSA-2019:3705-01, SUSE-SU-2019:0711-1, SUSE-SU-2019:1111-1, SUSE-SU-2019:14069-1, USN-4190-1, VIGILANCE-VUL-28765
OpenSSL 1.0.2: information disclosure via 0-byte Record Padding Oracle
An attacker can bypass access restrictions to data via 0-byte Record Padding Oracle of OpenSSL 1.0.2, in order to obtain sensitive information...
1170328, bulletinapr2019, bulletinjul2019, CERTFR-2019-AVI-080, CERTFR-2019-AVI-132, CERTFR-2019-AVI-214, CERTFR-2019-AVI-325, cpuapr2019, cpujan2020, cpujul2019, cpuoct2019, CVE-2019-1559, DLA-1701-1, DSA-2019-201, DSA-2020-062, DSA-2020-072, DSA-4400-1, FEDORA-2019-00c25b9379, ibm10876638, ibm10886237, ibm10886659, JSA10949, JSA10993, openSUSE-SU-2019:1076-1, openSUSE-SU-2019:1105-1, openSUSE-SU-2019:1173-1, openSUSE-SU-2019:1175-1, openSUSE-SU-2019:1432-1, openSUSE-SU-2019:1637-1, PAN-SA-2019-0039, RHBUG-1683804, RHBUG-1683807, RHSA-2019:2304-01, RHSA-2019:2471-01, SB10282, SSA:2019-057-01, SSB-439005, STORM-2019-001, SUSE-SU-2019:0572-1, SUSE-SU-2019:0600-1, SUSE-SU-2019:0658-1, SUSE-SU-2019:0803-1, SUSE-SU-2019:0818-1, SUSE-SU-2019:1362-1, SUSE-SU-2019:14091-1, SUSE-SU-2019:14092-1, SUSE-SU-2019:1553-1, SUSE-SU-2019:1608-1, SYMSA1490, TNS-2019-02, USN-3899-1, VIGILANCE-VUL-28600
systemd: buffer overflow via D-Bus Message
An attacker can trigger a buffer overflow via D-Bus Message of systemd, in order to trigger a denial of service, and possibly to run code...
CVE-2019-6454, DLA-1684-1, DSA-4393-1, openSUSE-SU-2019:0255-1, openSUSE-SU-2019:0268-1, openSUSE-SU-2019:1450-1, RHSA-2019:0368-01, RHSA-2019:1322-01, RHSA-2019:1502-01, RHSA-2019:2805-01, SB10278, SUSE-SU-2019:0424-1, SUSE-SU-2019:0425-1, SUSE-SU-2019:0426-1, SUSE-SU-2019:0428-1, SUSE-SU-2019:1265-1, SUSE-SU-2019:1364-1, SUSE-SU-2019:1364-2, USN-3891-1, VIGILANCE-VUL-28537
RHEL 7: assertion error via Bind Debug Log Level
An attacker can force an assertion error via Bind Debug Log Level of RHEL 7, in order to trigger a denial of service...
CVE-2018-5742, RHBUG-1655844, RHSA-2019:0194-01, SB10278, VIGILANCE-VUL-28403
Our database contains other pages. You can request a free trial to read them.

Display information about MWG: