CVE-2019-15149
core.py in Mitogen before 0.2.8 has a typo that drops the unidirectional-routing protection mechanism in the case of a child that is initiated by another child. The Ansible extension is unaffected.
Source: CVE-2019-15149
[월:] 2019년 08월
CVE-2019-15147
CVE-2019-15147
GoPro GPMF-parser 1.2.2 has an out-of-bounds read and SEGV in GPMF_Next in GPMF_parser.c.
Source: CVE-2019-15147
CVE-2019-15148
CVE-2019-15148
GoPro GPMF-parser 1.2.2 has an out-of-bounds write in OpenMP4Source in demo/GPMF_mp4reader.c.
Source: CVE-2019-15148
CVE-2019-15145
CVE-2019-15145
DjVuLibre 3.5.27 allows attackers to cause a denial-of-service attack (application crash via an out-of-bounds read) by crafting a corrupted JB2 image file that is mishandled in JB2Dict::JB2Codec::get_direct_context in libdjvu/JB2Image.h because of a missing zero-bytes check in libdjvu/GBitmap.h.
Source: CVE-2019-15145
CVE-2019-15146
CVE-2019-15146
GoPro GPMF-parser 1.2.2 has a heap-based buffer over-read (4 bytes) in GPMF_Next in GPMF_parser.c.
Source: CVE-2019-15146
CVE-2019-15139
CVE-2019-15139
The XWD image (X Window System window dumping file) parsing component in ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (application crash resulting from an out-of-bounds Read) in ReadXWDImage in coders/xwd.c by crafting a corrupted XWD image file, a different vulnerability than CVE-2019-11472.
Source: CVE-2019-15139
CVE-2019-15140
CVE-2019-15140
coders/mat.c in ImageMagick 7.0.8-43 Q16 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by crafting a Matlab image file that is mishandled in ReadImage in MagickCore/constitute.c.
Source: CVE-2019-15140
CVE-2019-15144
CVE-2019-15144
In DjVuLibre 3.5.27, the sorting functionality (aka GArrayTemplate<TYPE>::sort) allows attackers to cause a denial-of-service (application crash due to an Uncontrolled Recursion) by crafting a PBM image file that is mishandled in libdjvu/GContainer.h.
Source: CVE-2019-15144
CVE-2019-15143
CVE-2019-15143
In DjVuLibre 3.5.27, the bitmap reader component allows attackers to cause a denial-of-service error (resource exhaustion caused by a GBitmap::read_rle_raw infinite loop) by crafting a corrupted image file, related to libdjvu/DjVmDir.cpp and libdjvu/GBitmap.cpp.
Source: CVE-2019-15143
CVE-2019-15142
CVE-2019-15142
In DjVuLibre 3.5.27, DjVmDir.cpp in the DJVU reader component allows attackers to cause a denial-of-service (application crash in GStringRep::strdup in libdjvu/GString.cpp caused by a heap-based buffer over-read) by crafting a DJVU file.
Source: CVE-2019-15142