Vulnerability & Exploit Database

Displaying entries 11 - 20 of 143662 in total

Alpine Linux: CVE-2019-3871: pdns Insufficient validation in the HTTP remote backend Vulnerability

  • Severity: 4
  • Published: March 21, 2019

A vulnerability was found in PowerDNS Authoritative Server before 4.0.7 and before 4.1.7. An insufficient validation of data coming from the user when building a HTTP request from a DNS query in the HTTP Connector of the Remote backend, allowing a remote user to cause a denial of service by making the server connect to an invalid endpoin...

Alpine Linux: CVE-2019-3862: libssh2 Multiple vulnerabilities Vulnerability

  • Severity: 4
  • Published: March 21, 2019

An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.

Alpine Linux: CVE-2019-3859: libssh2 Multiple vulnerabilities Vulnerability

  • Severity: 4
  • Published: March 21, 2019

An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.

Alpine Linux: CVE-2019-3858: libssh2 Multiple vulnerabilities Vulnerability

  • Severity: 4
  • Published: March 21, 2019

An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.

Alpine Linux: CVE-2019-3855: libssh2 Multiple vulnerabilities Vulnerability

  • Severity: 4
  • Published: March 21, 2019

An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.

SUSE: CVE-2019-3859: SUSE Linux Security Advisory Vulnerability

  • Severity: 4
  • Published: March 20, 2019

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From SUSE_CVE-2019-3859:

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur...