CVE-2019-9748
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2019-9748
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
In tinysvcmdns through 2018-01-16, an mDNS server processing a crafted packet can perform arbitrary data read operations up to 16383 bytes from the start of the buffer. This can lead to a segmentation fault in uncompress_nlabel in mdns.c and a crash of the server (depending on the memory protection of the CPU and the operating system), or disclosure of memory content via error messages or a server response. NOTE: the product's web site states "This project is un-maintained, and has been since 2013. ... There are known vulnerabilities ... You are advised to NOT use this library for any new projects / products."
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
tinysvcmdns 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
tinysvcmdns是一个用于服务的组播DNS响应库。 tinysvcmdns 2018-01-16及之前版本中存在安全漏洞。攻击者可借助特制的数据包利用该漏洞造成服务器崩溃或通过错误信息或服务器响应泄露内存内容。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2019-9748
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2019-9748
Please Login to view more intelligence information
Same Patch Batch · n/a · 2019-03-13 · 18 CVEs total
| CVE-2019-9746 | libwebm 安全漏洞 | |
| CVE-2019-9738 | jimmykuu Gopher 跨站脚本漏洞 | |
| CVE-2019-9737 | Editor.md 跨站脚本漏洞 | |
| CVE-2019-9736 | 1024Tools Markdown 跨站脚本漏洞 | |
| CVE-2019-9735 | OpenStack Neutron 安全特征问题漏洞 | |
| CVE-2019-9740 | Python 注入漏洞 | |
| CVE-2019-9741 | Google Go 注入漏洞 | |
| CVE-2018-20621 | Microvirt MEmu 权限许可和访问控制漏洞 | |
| CVE-2019-9742 | G DATA Software Total Security 安全特征问题漏洞 | |
| CVE-2018-20800 | Open Ticket Request System 输入验证漏洞 | |
| CVE-2015-2254 | Huawei OceanStor UDS 信息泄露漏洞 | |
| CVE-2019-9750 | IoTivity 输入验证错误漏洞 | |
| CVE-2019-9749 | Fluent Bit 输入验证错误漏洞 | |
| CVE-2019-9747 | tinysvcmdns 输入验证错误漏洞 | |
| CVE-2019-9754 | Tiny C Compiler 安全漏洞 | |
| CVE-2019-9752 | OTRS Open Ticket Request System 跨站脚本漏洞 | |
| CVE-2019-9751 | Open Ticket Request System 跨站脚本漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8261
Squirrel sqobject.cpp Load heap-based overflow - CVE-2026-8258
Squirrel sqstdstring.cpp validate_format stack-based overflo - CVE-2026-8252
Open5GS SMF smf_nsmf_handle_create_data_in_hsmf null pointer - CVE-2026-8251
Open5GS SMF npcf-handler.c update_authorized_pcc_rule_and_qo - CVE-2026-8250
Open5GS SMF n4-build.c smf_n4_build_qos_flow_to_modify_list
V. Comments for CVE-2019-9748
No comments yet