All CVEs — 2019 (Page 123/123)

Browse all CVEs by publication year. Use filters to refine.

CVSS ≥ 0.0

2019-01-08

High

CVE-2019-0550

A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Remote…

CVSS: 8.4 CWE: CWE-20

Critical

CVE-2019-0547

A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client, aka "Windows DHCP Client Remote Code Execution Vulnerability."…

CVSS: 9.8 CWE: CWE-787

High

CVE-2019-0545

An information disclosure vulnerability exists in .NET Framework and .NET Core which allows bypassing Cross-origin Resource Sharing (CORS) configurations, aka ".NET Framework Information Disclosure V…

CVSS: 7.5 CWE: CWE-200

High

CVE-2019-0543

An elevation of privilege vulnerability exists when Windows improperly handles authentication requests, aka "Microsoft Windows Elevation of Privilege Vulnerability." This affects Windows 7, Windows S…

CVSS: 7.8 CWE: CWE-287

High

CVE-2019-0541

A remote code execution vulnerability exists in the way that the MSHTML engine inproperly validates input, aka "MSHTML Engine Remote Code Execution Vulnerability." This affects Microsoft Office, Micr…

CVSS: 8.8 CWE: CWE-77

High

CVE-2019-0539

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." Th…

CVSS: 7.5 CWE: CWE-787

Critical

CVE-2019-0247

SAP Cloud Connector, before version 2.11.3, allows an attacker to inject code that can be executed by the application. An attacker could thereby control the behavior of the application.

CVSS: 9.8 CWE: CWE-94

Critical

CVE-2019-0246

SAP Cloud Connector, before version 2.11.3, does not perform any authentication checks for functionalities that require user identity.

CVSS: 9.8 CWE: CWE-306

Medium

CVE-2019-0245

SAP CRM WebClient UI (fixed in SAPSCORE 1.12; S4FND 1.02; WEBCUIF 7.31, 7.46, 7.47, 7.48, 8.0, 8.01) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulne…

CVSS: 5.4 CWE: CWE-79

Medium

CVE-2019-0244

CVSS: 5.4 CWE: CWE-79

High

CVE-2019-0243

Under some circumstances, masterdata maintenance in SAP BW/4HANA (fixed in DW4CORE version 1.0 (SP08)) does not perform necessary authorization checks for an authenticated user, resulting in escalati…

CVSS: 8.8 CWE: CWE-862

Medium

CVE-2019-0238

SAP Commerce (previously known as SAP Hybris Commerce), before version 6.7, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.

CVSS: 6.1 CWE: CWE-79

High

CVE-2018-2484

SAP Enterprise Financial Services (fixed in SAPSCORE 1.13, 1.14, 1.15; S4CORE 1.01, 1.02, 1.03; EA-FINSERV 1.10, 2.0, 5.0, 6.0, 6.03, 6.04, 6.05, 6.06, 6.16, 6.17, 6.18, 8.0; Bank/CFM 4.63_20) does n…

CVSS: 8.8 CWE: CWE-862

Medium

CVE-2018-1993

IBM Spectrum Scale (GPFS) 4.1.1, 4.2.0, 4.2.1, 4.2.2, 4.2.3, and 5.0.0 where the use of Local Read Only Cache (LROC) is enabled may caused read operation on a file to return data from a different fil…

CVSS: 4.0 CWE: CWE-200

Medium

CVE-2018-1932

IBM API Connect 5.0.0.0 through 5.0.8.4 is affected by a vulnerability in the role-based access control in the management server that could allow an authenticated user to obtain highly sensitive info…

CVSS: 4.9 CWE: CWE-200

Medium

CVE-2018-1918

IBM Jazz Reporting Service (JRS) 6.0.3, 6.0.4, 6.0.5, and 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering t…

CVSS: 5.4 CWE: CWE-79

Critical

CVE-2019-5720

includes/db/class.reflines_db.inc in FrontAccounting 2.4.6 contains a SQL Injection vulnerability in the reference field that can allow the attacker to grab the entire database of the application via…

CVSS: 9.8 CWE: CWE-89

2019-01-07

Medium

CVE-2015-9275

ARC 5.21q allows directory traversal via a full pathname in an archive file.

CVSS: 5.3 CWE: CWE-22

Medium

CVE-2019-5489

The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allow…

CVSS: 5.5 CWE: CWE-319

High

CVE-2019-5488

EARCLINK ESPCMS-P8 has SQL injection in the install_pack/index.php?ac=Member&at=verifyAccount verify_key parameter. install_pack/espcms_public/espcms_db.php may allow retrieving sensitive information…

CVSS: 7.5 CWE: CWE-89

High

CVE-2018-1320

Apache Thrift Java client library versions 0.5.0 through 0.11.0 can bypass SASL negotiation isComplete validation in the org.apache.thrift.transport.TSaslTransport class. An assert used to determine…

CVSS: 7.5 CWE: CWE-295

Medium

CVE-2018-11798

The Apache Thrift Node.js static web server in versions 0.9.2 through 0.11.0 have been determined to contain a security vulnerability in which a remote user has the ability to access files outside th…

CVSS: 6.5 CWE: CWE-538

Critical

CVE-2018-11788

Apache Karaf provides a features deployer, which allows users to "hot deploy" a features XML by dropping the file directly in the deploy folder. The features XML is parsed by XMLInputFactory class. A…

CVSS: 9.8 CWE: CWE-611

High

CVE-2018-5481

OnCommand Unified Manager for 7-Mode (core package) prior to 5.2.4 uses cookies that lack the secure attribute in certain circumstances making it vulnerable to impersonation via man-in-the-middle (MI…

CVSS: 7.4 CWE: CWE-311

High

CVE-2018-5410

Dokan, versions between 1.0.0.5000 and 1.2.0.1000, are vulnerable to a stack-based buffer overflow in the dokan1.sys driver. An attacker can create a device handle to the system driver and send arbit…

CVSS: 7.8 CWE: CWE-121

2019-01-04

Medium

CVE-2018-20673

The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow vulnerability (for "Create an array for saving the template argumen…

CVSS: 5.5 CWE: CWE-190

Critical

CVE-2019-5312

An issue was discovered in weixin-java-tools v3.3.0. There is an XXE vulnerability in the getXmlDoc method of the BaseWxPayResult.java file. NOTE: this issue exists because of an incomplete fix for C…

CVSS: 9.8 CWE: CWE-611

Medium

CVE-2018-20671

load_specific_debug_section in objdump.c in GNU Binutils through 2.31.1 contains an integer overflow vulnerability that can trigger a heap-based buffer overflow via a crafted section size.

CVSS: 5.5 CWE: CWE-190

Medium

CVE-2019-5311

An issue was discovered in YUNUCMS V1.1.8. app/index/controller/Show.php has an XSS vulnerability via the index.php/index/show/index cw parameter.

CVSS: 6.1 CWE: CWE-79

Medium

CVE-2018-1951

IBM Publishing Engine 2.1.2, 6.0.5, and 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functi…

CVSS: 5.4 CWE: CWE-79

Medium

CVE-2018-1888

An untrusted search path vulnerability in IBM i Access for Windows versions 7.1 and earlier on Windows can allow arbitrary code execution via a Trojan horse DLL in the current working directory, rela…

CVSS: 5.3 CWE: CWE-426

Medium

CVE-2018-1657

CVSS: 5.4 CWE: CWE-79

Medium

CVE-2019-5310

YUNUCMS 1.1.8 has XSS in app/admin/controller/System.php because crafted data can be written to the sys.php file, as demonstrated by site_title in an admin/system/basic POST request.

CVSS: 6.1 CWE: CWE-79

High

CVE-2019-5009

Vtiger CRM 7.1.0 before Hotfix2 allows uploading files with the extension "php3" in the logo upload field, if the uploaded file is in PNG format and has a size of 150x40. One can put PHP code into th…

CVSS: 7.2 CWE: CWE-434

2019-01-03

High

CVE-2019-5007

An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on Windows. It is an Out-of-Bounds Read Information Disclosure and crash due to a NULL pointer dereference when reading TIFF data dur…

CVSS: 7.1 CWE: CWE-125

Medium

CVE-2019-5006

An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on Windows. It is a NULL pointer dereference during PDF parsing.

CVSS: 5.5 CWE: CWE-476

Medium

CVE-2019-5005

An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on Windows. They allowed Denial of Service (application crash) via image data, because two bytes are written to the end of the alloca…

CVSS: 5.5 CWE: CWE-787

Medium

CVE-2018-8827

The admin web interface on Technicolor MediaAccess TG789vac v2 HP devices with firmware v16.3.7190-2761005-20161004084353 displays unsanitised user input, which allows an unauthenticated malicious us…

CVSS: 6.1 CWE: CWE-79

Critical

CVE-2018-4012

An exploitable buffer overflow vulnerability exists in the HTTP header-parsing function of the Webroot BrightCloud SDK. The function bc_http_read_header incorrectly handles overlong headers, leading…

CVSS: 9.0 CWE: CWE-119

Medium

CVE-2018-3986

An exploitable information disclosure vulnerability exists in the "Secret Chats" functionality of the Telegram Android messaging application version 4.9.0. The "Secret Chats" functionality allows a u…

CVSS: 5.5 CWE: CWE-200

High

CVE-2018-19249

The Stripe API v1 allows remote attackers to bypass intended access restrictions by replaying api.stripe.com /v1/tokens XMLHttpRequest data, parsing the response under the object card{}, and reading…

CVSS: 7.5 CWE: CWE-287

Medium

CVE-2018-18997

Pluto Safety PLC Gateway Ethernet devices in ABB GATE-E1 and GATE-E2 all versions allows an unauthenticated attacker using the administrative web interface to insert an HTML/Javascript payload into a…

CVSS: 6.1 CWE: CWE-79

Critical

CVE-2018-18995

Pluto Safety PLC Gateway Ethernet devices ABB GATE-E1 and GATE-E2 all versions do not allow authentication to be configured on administrative telnet or web interfaces, which could enable various effe…

CVSS: 9.8 CWE: CWE-306

Critical

CVE-2018-19601

Rhymix CMS 1.9.8.1 allows SSRF via an index.php?module=admin&act=dispModuleAdminFileBox SVG upload.

CVSS: 9.1 CWE: CWE-918

Medium

CVE-2018-19600

Rhymix CMS 1.9.8.1 allows XSS via an index.php?module=admin&act=dispModuleAdminFileBox SVG upload.

CVSS: 4.8 CWE: CWE-79

Medium

CVE-2018-18244

Cross-site scripting in syslog.html in VIVOTEK Network Camera Series products with firmware 0x06x to 0x08x allows remote attackers to execute arbitrary JavaScript code via an HTTP Referer Header.

CVSS: 6.1 CWE: CWE-79

Medium

CVE-2018-18005

Cross-site scripting in event_script.js in VIVOTEK Network Camera Series products with firmware 0x06x to 0x08x allows remote attackers to execute arbitrary JavaScript via a URL query string parameter.

CVSS: 6.1 CWE: CWE-79

Medium

CVE-2018-18004

Incorrect Access Control in mod_inetd.cgi in VIVOTEK Network Camera Series products with firmware before XXXXXX-VVTK-0X09a allows remote attackers to enable arbitrary system services via a URL parame…

CVSS: 5.3 CWE: CWE-862

Critical

CVE-2019-3905

Zoho ManageEngine ADSelfService Plus 5.x before build 5703 has SSRF.

CVSS: 10.0 CWE: CWE-918

High

CVE-2019-3575

Sqla_yaml_fixtures 0.9.1 allows local users to execute arbitrary python code via the fixture_text argument in sqla_yaml_fixtures.load.

CVSS: 7.8 CWE: CWE-94

Critical

CVE-2018-20664

Zoho ManageEngine ADSelfService Plus 5.x before build 5701 has XXE via an uploaded product license.

CVSS: 9.8 CWE: CWE-611

Medium

CVE-2018-20663

The Reporting Addon (aka Reports Addon) through 2019-01-02 for CUBA Platform through 6.10.x has Persistent XSS via the "Reports > Reports" name field.

CVSS: 5.4 CWE: CWE-79

Critical

CVE-2018-20512

EPON CPE-WiFi devices 2.0.4-X000 are vulnerable to escalation of privileges by sending cooLogin=1, cooUser=admin, and timestamp=-1 cookies.

CVSS: 9.8 CWE: CWE-565

High

CVE-2018-19998

SQL injection vulnerability in user/card.php in Dolibarr version 8.0.2 allows remote authenticated users to execute arbitrary SQL commands via the employee parameter.

CVSS: 8.8 CWE: CWE-89

Medium

CVE-2018-19995

A stored cross-site scripting (XSS) vulnerability in Dolibarr 8.0.2 allows remote authenticated users to inject arbitrary web script or HTML via the "address" (POST) or "town" (POST) parameter to use…

CVSS: 5.4 CWE: CWE-79

High

CVE-2018-19994

An error-based SQL injection vulnerability in product/card.php in Dolibarr version 8.0.2 allows remote authenticated users to execute arbitrary SQL commands via the desiredstock parameter.

CVSS: 8.8 CWE: CWE-89

Medium

CVE-2018-19993

A reflected cross-site scripting (XSS) vulnerability in Dolibarr 8.0.2 allows remote attackers to inject arbitrary web script or HTML via the transphrase parameter to public/notice.php.

CVSS: 6.1 CWE: CWE-79

Medium

CVE-2018-19992

CVSS: 5.4 CWE: CWE-79

Critical

CVE-2018-19862

Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP POST request. NOTE: this product is discontinued.

CVSS: 9.8 CWE: CWE-119

Critical

CVE-2018-19861

Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP HEAD request. NOTE: this product is discontinued.

CVSS: 9.8 CWE: CWE-119

Medium

CVE-2018-19523

DriverAgent 2.2015.7.14, which includes DrvAgent64.sys 1.0.0.1, allows a user to send an IOCTL (0x80002068) with a user defined buffer size. If the size of the buffer is less than 512 bytes, then the…

CVSS: 5.5 CWE: CWE-119

Medium

CVE-2018-19505

Remedy AR System Server in BMC Remedy 7.1 may fail to set the correct user context in certain impersonation scenarios, which can allow a user to act with the identity of a different user, because use…

CVSS: 6.5 CWE: CWE-287

Critical

CVE-2018-19415

Multiple SQL injection vulnerabilities in Plikli CMS 4.0.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to join_group.php or (2) comment_id parameter to story.php.

CVSS: 9.8 CWE: CWE-89

Medium

CVE-2018-19414

Multiple cross-site scripting (XSS) vulnerabilities in Plikli CMS 4.0.0 allow remote attackers to inject arbitrary web script or HTML via the (1) keyword parameter to groups.php; (2) username paramet…

CVSS: 6.1 CWE: CWE-79

Medium

CVE-2018-14481

Osclass 3.7.4 has XSS via the query string to index.php, a different vulnerability than CVE-2014-6280.

CVSS: 6.1 CWE: CWE-79

Critical

CVE-2018-17161

In FreeBSD before 11.2-STABLE(r348229), 11.2-RELEASE-p7, 12.0-STABLE(r342228), and 12.0-RELEASE-p1, insufficient validation of network-provided data in bootpd may make it possible for a malicious att…

CVSS: 9.8 CWE: CWE-119

Medium

CVE-2019-3701

An issue was discovered in can_can_gw_rcv in net/can/gw.c in the Linux kernel through 4.19.13. The CAN frame modification rules allow bitwise logical operations that can be also applied to the can_dl…

CVSS: 4.4 CWE: CWE-787

Medium

CVE-2018-16885

A flaw was found in the Linux kernel that allows the userspace to call memcpy_fromiovecend() and similar functions with a zero offset and buffer length which causes the read beyond the buffer boundar…

CVSS: 4.7 CWE: CWE-125

High

CVE-2018-16882

A use-after-free issue was found in the way the Linux kernel's KVM hypervisor processed posted interrupts when nested(=1) virtualization is enabled. In nested_get_vmcs12_pages(), in case of an error…

CVSS: 8.8 CWE: CWE-416

Medium

CVE-2018-16870

It was found that wolfssl before 3.15.7 is vulnerable to a new variant of the Bleichenbacher attack to perform downgrade attacks against TLS. This may lead to leakage of sensible data.

CVSS: 5.9 CWE: CWE-200

Medium

CVE-2018-16876

ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a information disclosure flaw in vvv+ mode with no_log on that can lead to leakage of sensible data.

CVSS: 5.3 CWE: CWE-200

High

CVE-2017-18329

Possible Buffer overflow when transmitting an RTP packet in snapdragon automobile and snapdragon wear in versions MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU,…

CVSS: 7.8 CWE: CWE-119

High

CVE-2017-18328

Use after free in QSH client rule processing in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 42…

CVSS: 7.8 CWE: CWE-416

Medium

CVE-2017-18326

Cryptographic keys are printed in modem debug messages in snapdragon mobile and snapdragon wear in versions MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/S…

CVSS: 5.5 CWE: CWE-200

Medium

CVE-2017-18324

Cryptographic key material leaked in debug messages - GERAN in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9645, MDM9650, MDM9655, MSM8909W, SD…

CVSS: 5.5 CWE: CWE-200

Medium

CVE-2017-18322

Cryptographic key material leaked in WCDMA debug messages in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM890…

CVSS: 5.5 CWE: CWE-200

Medium

CVE-2017-18321

Security keys used by the terminal and NW for a session could be leaked in snapdragon mobile in versions MDM9650, MDM9655, SD 835, SDA660.

CVSS: 5.5 CWE: CWE-200

High

CVE-2017-18320

QSEE unload attempt on a 3rd party TEE without previously loading results in a data abort in snapdragon automobile and snapdragon mobile in versions MSM8996AU, SD 410/12, SD 425, SD 427, SD 430, SD 4…

CVSS: 7.8 CWE: CWE-20

Critical

CVE-2018-16879

Ansible Tower before version 3.3.3 does not set a secure channel as it is using the default insecure configuration channel settings for messaging celery workers from RabbitMQ. This could lead in data…

CVSS: 9.8 CWE: CWE-311

Medium

CVE-2018-20662

In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause a denial-of-service (application crash caused by Object.h SIGABRT, because of a wrong return value from PDFDoc::setup) by craft…

CVSS: 6.5 CWE: CWE-20

Critical

CVE-2018-17172

The web application on Xerox AltaLink B80xx before 100.008.028.05200, C8030/C8035 before 100.001.028.05200, C8045/C8055 before 100.002.028.05200, and C8070 before 100.003.028.05200 allows unauthentic…

CVSS: 9.8 CWE: CWE-77

High

CVE-2019-3580

OpenRefine through 3.1 allows arbitrary file write because Directory Traversal can occur during the import of a crafted project file.

CVSS: 7.5 CWE: CWE-22

High

CVE-2018-20131

The Code42 app before 6.8.4, as used in Code42 for Enterprise, on Linux installs with overly permissive permissions on the /usr/local/crashplan/log directory. This allows a user to manipulate symboli…

CVSS: 7.8 CWE: CWE-732

High

CVE-2018-18264

Kubernetes Dashboard before 1.10.1 allows attackers to bypass authentication and use Dashboard's Service Account for reading secrets within the cluster.

CVSS: 7.5 CWE: CWE-306

2019-01-02

Medium

CVE-2018-20326

ChinaMobile PLC Wireless Router GPN2.4P21-C-CN devices with firmware W2001EN-00 have XSS via the cgi-bin/webproc?getpage=html/index.html var:subpage parameter.

CVSS: 6.1 CWE: CWE-79

High

CVE-2018-20211

ExifTool 8.32 allows local users to gain privileges by creating a %TEMP%\par-%username%\cache-exiftool-8.32 folder with a victim's username, and then copying a Trojan horse ws32_32.dll file into this…

CVSS: 7.8 CWE: CWE-427

High

CVE-2018-20166

A file-upload vulnerability exists in Rukovoditel 2.3.1. index.php?module=configuration/save allows the user to upload a background image, and mishandles extension checking. It accepts uploads of PHP…

CVSS: 8.8 CWE: CWE-434

Critical

CVE-2018-20114

On D-Link DIR-818LW Rev.A 2.05.B03 and DIR-860L Rev.B 2.03.B03 devices, unauthenticated remote OS command execution can occur in the soap.cgi service of the cgibin binary via an "&&" substring in the…

CVSS: 9.8 CWE: CWE-78

Critical

CVE-2018-20100

An issue was discovered on August Connect devices. Insecure data transfer between the August app and August Connect during configuration allows attackers to discover home Wi-Fi credentials. This data…

CVSS: 9.8 CWE: CWE-311

Medium

CVE-2018-19478

In Artifex Ghostscript before 9.26, a carefully crafted PDF file can trigger an extremely long running computation when parsing the file.

CVSS: 5.5 CWE: CWE-20

Medium

CVE-2018-19371

The SaveUserSettings service in Content Manager in SDL Web 8.5.0 has an XXE Vulnerability that allows reading sensitive files from the system.

CVSS: 6.5 CWE: CWE-611

Critical

CVE-2018-19362

FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the jboss-common-core class from polymorphic deserialization.

CVSS: 9.8 CWE: CWE-502

Critical

CVE-2018-19361

FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization.

CVSS: 9.8 CWE: CWE-502

Critical

CVE-2018-19360

FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the axis2-transport-jms class from polymorphic deserialization.

CVSS: 9.8 CWE: CWE-502

High

CVE-2018-15490

An issue was discovered in ExpressVPN on Windows. The Xvpnd.exe process (which runs as a service with SYSTEM privileges) listens on TCP port 2015, which is used as an RPC interface for communication…

CVSS: 7.1 CWE: CWE-22

Critical

CVE-2018-14721

FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic de…

CVSS: 10.0 CWE: CWE-918

Critical

CVE-2018-14720

FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.

CVSS: 9.8 CWE: CWE-502

Critical

CVE-2018-14719

FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deseriali…

CVSS: 9.8 CWE: CWE-502

Critical

CVE-2018-14718

FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the slf4j-ext class from polymorphic deserialization.

CVSS: 9.8 CWE: CWE-502

Critical

CVE-2018-13045

SQL injection vulnerability in the "Bazar" page in Yeswiki Cercopitheque 2018-06-19-1 and earlier allows attackers to execute arbitrary SQL commands via the "id" parameter.

CVSS: 9.8 CWE: CWE-89

Critical

CVE-2019-3577

An issue was discovered in Waimai Super Cms 20150505. web/Lib/Action/ProductAction.class.php allows blind SQL Injection via the id[0] parameter to the /product URI.

CVSS: 9.8 CWE: CWE-89

Critical

CVE-2019-3576

inxedu through 2018-12-24 has a SQL Injection vulnerability that can lead to information disclosure via the deleteFaveorite/ PATH_INFO. The vulnerable code location is com.inxedu.os.edu.controller.us…

CVSS: 9.8 CWE: CWE-89

Medium

CVE-2018-20659

An issue was discovered in Bento4 1.5.1-627. The AP4_StcoAtom class in Core/Ap4StcoAtom.cpp has an attempted excessive memory allocation when called from AP4_AtomFactory::CreateAtomFromStream in Core…

CVSS: 6.5 CWE: CWE-770

Medium

CVE-2018-7900

There is an information leak vulnerability in some Huawei HG products. An attacker may obtain information about the HG device by exploiting this vulnerability.

CVSS: 6.5 CWE: CWE-200

High

CVE-2019-3574

In libsixel v1.8.2, there is a heap-based buffer over-read in the function load_jpeg() in the file loader.c, as demonstrated by img2sixel.

CVSS: 7.8 CWE: CWE-125

Medium

CVE-2019-3573

In libsixel v1.8.2, there is an infinite loop in the function sixel_decode_raw_impl() in the file fromsixel.c, as demonstrated by sixel2png.

CVSS: 5.5 CWE: CWE-835

Medium

CVE-2019-3572

An issue was discovered in libming 0.4.8. There is a heap-based buffer over-read in the function writePNG in the file util/dbl2png.c of the dbl2png command-line program. Because this is associated wi…

CVSS: 6.5 CWE: CWE-125

High

CVE-2018-20658

The server in Core FTP 2.0 build 653 on 32-bit platforms allows remote attackers to cause a denial of service (daemon crash) via a crafted XRMD command.

CVSS: 7.5 CWE: CWE-20

High

CVE-2018-5197

A vulnerability in the ExtCommon.dll user extension module version 9.2, 9.2.1, 9.2.2 of Xplatform ActiveX could allow attacker to perform a command injection attack. The vulnerability is due to insuf…

CVSS: 7.8 CWE: CWE-20

High

CVE-2018-20657

The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, has a memory leak via a crafted string, leading to a denial of service (memory consumption), as…

CVSS: 7.5 CWE: CWE-772

Medium

CVE-2019-3501

The OUGC Awards plugin before 1.8.19 for MyBB allows XSS via a crafted award reason that is mishandled on the awards page or in a user profile.

CVSS: 4.8 CWE: CWE-79

High

CVE-2019-3500

aria2c in aria2 1.33.1, when --log is used, can store an HTTP Basic Authentication username and password in a file, which might allow local users to obtain sensitive information by reading this file.

CVSS: 7.8 CWE: CWE-532

2019-01-01

Medium

CVE-2018-20652

An attempted excessive memory allocation was discovered in the function tinyexr::AllocateImage in tinyexr.h in tinyexr v0.9.5. Remote attackers could leverage this vulnerability to cause a denial-of-…

CVSS: 6.5 CWE: CWE-770

Medium

CVE-2018-20651

A NULL pointer dereference was discovered in elf_link_add_object_symbols in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.1. This occurs for…

CVSS: 5.5 CWE: CWE-476

Medium

CVE-2018-20650

A reachable Object::dictLookup assertion in Poppler 0.72.0 allows attackers to cause a denial of service due to the lack of a check for the dict data type, as demonstrated by use of the FileSpec clas…

CVSS: 6.5 CWE: CWE-20

High

CVE-2019-3494

Simply-Blog through 2019-01-01 has SQL Injection via the admin/deleteCategories.php delete parameter.

CVSS: 7.5 CWE: CWE-89