How severe is CVE-2019-5087?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.8 out of 10.

What type of vulnerability is CVE-2019-5087?

This is classified as CWE-680, which is a common weakness in software security.

CVE-2019-5087

HIGH Year: 2019

CVSS v3 Score

8.8

High

CVSS v2 Score

6.8

Medium

Weakness Type

CWE-680

View all →

Vulnerability Description

An exploitable integer overflow vulnerability exists in the flattenIncrementally function in the xcf2png and xcf2pnm binaries of xcftools 1.0.7. An integer overflow can occur while calculating the row's allocation size, that could be exploited to corrupt memory and eventually execute arbitrary code. In order to trigger this vulnerability, a victim would need to open a specially crafted XCF file.

CVE-2020-10929

HIGH

CVSS:8.8(High)

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers. Authentication is not required to exploit this vuln...

CWE-6802020

CVE-2020-6099

HIGH

CVSS:8.8(High)

An exploitable code execution vulnerability exists in the file format parsing functionality of Graphisoft BIMx Desktop Viewer 2019.2.2328. A specially crafted file can cause a heap buffer overflow res...

CWE-6802020

CVE-2020-6116

HIGH

CVSS:8.8(High)

An arbitrary code execution vulnerability exists in the rendering functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242. When drawing the contents of a page using colors from an indexed colors...

CWE-6802020

CVE-2021-21834

HIGH

CVSS:8.8(High)

An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input when decoding the...

CWE-6802021