CVE-2019-6443

An issue was discovered in NTPsec before 1.1.3. Because of a bug in ctl_getitem, there is a stack-based buffer over-read in read_sysvars in ntp_control.c in ntpd.

Source: CVE-2019-6443

CVE-2019-6445

An issue was discovered in NTPsec before 1.1.3. An authenticated attacker can cause a NULL pointer dereference and ntpd crash in ntp_control.c, related to ctl_getitem.

Source: CVE-2019-6445

CVE-2019-6444

An issue was discovered in NTPsec before 1.1.3. process_control() in ntp_control.c has a stack-based buffer over-read because attacker-controlled data is dereferenced by ntohl() in ntpd.

Source: CVE-2019-6444

CVE-2019-6442

An issue was discovered in NTPsec before 1.1.3. An authenticated attacker can write one byte out of bounds in ntpd via a malformed config request, related to config_remotely in ntp_config.c, yyparse in ntp_parser.tab.c, and yyerror in ntp_parser.y.

Source: CVE-2019-6442

CVE-2019-6440

Zemana AntiMalware before 3.0.658 Beta mishandles update logic.

Source: CVE-2019-6440

CVE-2016-10737

Serendipity 2.0.4 has XSS via the serendipity_admin.php serendipity[body] parameter.

Source: CVE-2016-10737

CVE-2016-10738

Zenbership v107 has CSRF via admin/cp-functions/event-add.php.

Source: CVE-2016-10738

CVE-2019-6439

examples/benchmark/tls_bench.c in a benchmark tool in wolfSSL through 3.15.7 has a heap-based buffer overflow.

Source: CVE-2019-6439

CVE-2018-20720

ABB Relion 630 devices 1.1 before 1.1.0.C0, 1.2 before 1.2.0.B3, and 1.3 before 1.3.0.A6 allow remote attackers to cause a denial of service (reboot) via a reboot command in an SPA message.

Source: CVE-2018-20720

CVE-2019-3554

Wangle’s AcceptRoutingHandler incorrectly casts a socket when accepting a TLS 1.3 connection, leading to a potential denial of service attack against systems accepting such connections. This affects versions of Wangle prior to v2019.01.14.00

Source: CVE-2019-3554