CVE-2019-16162
Onigmo through 6.2.0 has an out-of-bounds read in parse_char_class because of missing codepoint validation in regenc.c.
Source: CVE-2019-16162
[월:] 2019년 09월
CVE-2019-16163
CVE-2019-16163
Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of recursion in regparse.c.
Source: CVE-2019-16163
CVE-2019-16164
CVE-2019-16164
MyHTML through 4.0.5 has a NULL pointer dereference in myhtml_tree_node_remove in tree.c.
Source: CVE-2019-16164
CVE-2019-16165
CVE-2019-16165
GNU cflow through 1.6 has a use-after-free in the reference function in parser.c.
Source: CVE-2019-16165
CVE-2019-16166
CVE-2019-16166
GNU cflow through 1.6 has a heap-based buffer over-read in the nexttoken function in parser.c.
Source: CVE-2019-16166
CVE-2019-16167
CVE-2019-16167
sysstat before 12.1.6 has memory corruption due to an Integer Overflow in remap_struct() in sa_common.c.
Source: CVE-2019-16167
CVE-2019-16168
CVE-2019-16168
In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query planner."
Source: CVE-2019-16168
CVE-2019-16161
CVE-2019-16161
Onigmo through 6.2.0 has a NULL pointer dereference in onig_error_code_to_str because of fetch_token in regparse.c.
Source: CVE-2019-16161
CVE-2019-16159
CVE-2019-16159
BIRD Internet Routing Daemon 1.6.x through 1.6.7 and 2.x through 2.0.5 has a stack-based buffer overflow. The BGP daemon’s support for RFC 8203 administrative shutdown communication messages included an incorrect logical expression when checking the validity of an input message. Sending a shutdown communication with a sufficient message length causes a four-byte overflow to occur while processing the message, where two of the overflow bytes are attacker-controlled and two are fixed.
Source: CVE-2019-16159
CVE-2019-12464
CVE-2019-12464
An issue was discovered in LibreNMS 1.50.1. An authenticated user can perform a directory traversal attack against the /pdf.php file with a partial filename in the report parameter, to cause local file inclusion resulting in code execution.
Source: CVE-2019-12464