-
CVE-2019-11839
•
published on May 9, 2019
njs through 0.3.1, used in NGINX, has a heap-based buffer overflow in Array.prototype.push after a resize, related to njs_array_prototype_push in njs/njs_array.c, because of njs_array_expand size mishandling.
-
CVE-2019-11838
•
published on May 9, 2019
njs through 0.3.1, used in NGINX, has a heap-based buffer overflow in Array.prototype.splice after a resize, related to njs_array_prototype_splice in njs/njs_array.c, because of njs_array_expand size mishandling.
-
CVE-2019-11838
•
published on May 9, 2019
njs through 0.3.1, used in NGINX, has a heap-based buffer overflow in Array.prototype.splice after a resize, related to njs_array_prototype_splice in njs/njs_array.c, because of njs_array_expand size mishandling.
-
CVE-2019-11838
•
published on May 9, 2019
njs through 0.3.1, used in NGINX, has a heap-based buffer overflow in Array.prototype.splice after a resize, related to njs_array_prototype_splice in njs/njs_array.c, because of njs_array_expand size mishandling.
-
CVE-2019-11837
•
published on May 9, 2019
njs through 0.3.1, used in NGINX, has a segmentation fault in String.prototype.toBytes for negative arguments, related to nxt_utf8_next in nxt/nxt_utf8.h and njs_string_offset in njs/njs_string.c.
-
CVE-2019-11837
•
published on May 9, 2019
njs through 0.3.1, used in NGINX, has a segmentation fault in String.prototype.toBytes for negative arguments, related to nxt_utf8_next in nxt/nxt_utf8.h and njs_string_offset in njs/njs_string.c.
-
CVE-2019-11837
•
published on May 9, 2019
njs through 0.3.1, used in NGINX, has a segmentation fault in String.prototype.toBytes for negative arguments, related to nxt_utf8_next in nxt/nxt_utf8.h and njs_string_offset in njs/njs_string.c.
-
CVE-2019-11836
•
published on May 9, 2019
The Rediffmail (aka com.rediff.mail.and) application 2.2.6 for Android has cleartext mail content in file storage, persisting after a logout.
-
CVE-2019-11836
•
published on May 9, 2019
The Rediffmail (aka com.rediff.mail.and) application 2.2.6 for Android has cleartext mail content in file storage, persisting after a logout.
-
CVE-2019-11836
•
published on May 9, 2019
The Rediffmail (aka com.rediff.mail.and) application 2.2.6 for Android has cleartext mail content in file storage, persisting after a logout.
-
CVE-2019-11820
•
published on May 9, 2019
Information exposure through process environment vulnerability in Synology Calendar before 2.3.3-0620 allows local users to obtain credentials via cmdline.
-
CVE-2019-11820
•
published on May 9, 2019
Information exposure through process environment vulnerability in Synology Calendar before 2.3.3-0620 allows local users to obtain credentials via cmdline.
-
CVE-2019-11820
•
published on May 9, 2019
Information exposure through process environment vulnerability in Synology Calendar before 2.3.3-0620 allows local users to obtain credentials via cmdline.
-
CVE-2019-11835
•
published on May 9, 2019
cJSON before 1.7.11 allows out-of-bounds access, related to multiline comments.
-
CVE-2019-11835
•
published on May 9, 2019
cJSON before 1.7.11 allows out-of-bounds access, related to multiline comments.
-
CVE-2019-11835
•
published on May 9, 2019
cJSON before 1.7.11 allows out-of-bounds access, related to multiline comments.
-
CVE-2019-11834
•
published on May 9, 2019
cJSON before 1.7.11 allows out-of-bounds access, related to \x00 in a string literal.
-
CVE-2019-11834
•
published on May 9, 2019
cJSON before 1.7.11 allows out-of-bounds access, related to \x00 in a string literal.
-
CVE-2019-11834
•
published on May 9, 2019
cJSON before 1.7.11 allows out-of-bounds access, related to \x00 in a string literal.
-
CVE-2019-11832
•
published on May 9, 2019
TYPO3 8.x before 8.7.25 and 9.x before 9.5.6 allows remote code execution because it does not properly configure the applications used for image processing, as demonstrated by ImageMagick or GraphicsMagick.