| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-18951 | Hig | 0.53 | 7.5 | 0.20 | Nov 13, 2019 | SibSoft Xfilesharing through 2.5.1 allows op=page&tmpl=../ directory traversal to read arbitrary files. | ||
| CVE-2019-0396 | Hig | 0.46 | 7.1 | 0.01 | Nov 13, 2019 | SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface), corrected in versions 4.1 and 4.2, does not sufficiently validate an XML document accepted from an untrusted source. An attacker can craft a message that contains malicious elements that will… | ||
| CVE-2010-5108 | Hig | 0.49 | 7.5 | 0.01 | Nov 13, 2019 | Trac 0.11.6 does not properly check workflow permissions before modifying a ticket. This can be exploited by an attacker to change the status and resolution of tickets without having proper permissions. | ||
| CVE-2019-0389 | Hig | 0.57 | 8.8 | 0.01 | Nov 13, 2019 | An administrator of SAP NetWeaver Application Server Java (J2EE-Framework), (corrected in versions 7.1, 7.2, 7.3, 7.31, 7.4, 7.5), may change privileges for all or some functions in Java Server, and enable users to execute functions, they are not allowed to execute otherwise. | ||
| CVE-2013-3366 | Hig | 0.57 | 8.8 | 0.01 | Nov 13, 2019 | Undocumented TELNET service in TRENDnet TEW-812DRU when a web page named backdoor contains an HTML parameter of password and a value of j78G¬DFdg_24Mhw3. | ||
| CVE-2010-4664 | Hig | 0.57 | 8.8 | 0.01 | Nov 13, 2019 | In ConsoleKit before 0.4.2, an intended security policy restriction bypass was found. This flaw allows an authenticated system user to escalate their privileges by initiating a remote VNC session. | ||
| CVE-2014-1214 | Hig | 0.61 | 8.8 | 0.04 | Nov 13, 2019 | views/upload.php in the ProJoom Smart Flash Header (NovaSFH) component 3.0.2 and earlier for Joomla! allows remote attackers to upload and execute arbitrary files via a crafted (1) dest parameter and (2) arbitrary extension in the Filename parameter. | ||
| CVE-2011-4972 | Hig | 0.49 | 7.5 | 0.02 | Nov 13, 2019 | hook_file_download in the CKEditor module 7.x-1.4 for Drupal does not properly restrict access to private files, which allows remote attackers to read private files via a direct request. | ||
| CVE-2010-4661 | Hig | 0.51 | 7.8 | 0.00 | Nov 13, 2019 | udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules. | ||
| CVE-2010-4657 | Hig | 0.49 | 7.5 | 0.02 | Nov 13, 2019 | PHP5 before 5.4.4 allows passing invalid utf-8 strings via the xmlTextWriterWriteAttribute, which are then misparsed by libxml2. This results in memory leak into the resulting output. | ||
| CVE-2019-2210 | Hig | 0.51 | 7.8 | 0.00 | Nov 13, 2019 | In load_logging_config of qmi_vs_service.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:… | ||
| CVE-2019-18884 | Hig | 0.57 | 8.8 | 0.01 | Nov 13, 2019 | index.php/team_members/add_team_member in RISE Ultimate Project Manager 2.3 has CSRF for adding authorized users. | ||
| CVE-2019-18844 | Hig | 0.42 | 7.5 | 0.02 | Nov 13, 2019 | The Device Model in ACRN before 2019w25.5-140000p relies on assert calls in devicemodel/hw/pci/core.c and devicemodel/include/pci_core.h (instead of other mechanisms for propagating error information or diagnostic information), which might allow attackers to cause a denial of… | ||
| CVE-2019-18837 | Hig | 0.49 | 8.6 | 0.01 | Nov 13, 2019 | An issue was discovered in crun before 0.10.5. With a crafted image, it doesn't correctly check whether a target is a symlink, resulting in access to files outside of the container. This occurs in libcrun/linux.c and libcrun/chroot_realpath.c. | ||
| CVE-2010-4654 | Hig | 0.51 | 7.8 | 0.01 | Nov 13, 2019 | poppler before 0.16.3 has malformed commands that may cause corruption of the internal stack. | ||
| CVE-2019-2214 | Hig | 0.51 | 7.8 | 0.00 | Nov 13, 2019 | In binder_transaction of binder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:… | ||
| CVE-2019-2213 | Hig | 0.48 | 7.4 | 0.00 | Nov 13, 2019 | In binder_free_transaction of binder.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android… | ||
| CVE-2019-2211 | Hig | 0.49 | 7.5 | 0.01 | Nov 13, 2019 | In createProjectionMapForQuery of TvProvider.java, there is possible SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1… | ||
| CVE-2019-2208 | Hig | 0.49 | 7.5 | 0.01 | Nov 13, 2019 | In PromiseBuiltinsAssembler::NewPromiseCapability of builtins-promise.cc, there is a possible out of bounds read in v8 JIT code due to a bug in code generation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is… | ||
| CVE-2019-2207 | Hig | 0.51 | 7.8 | 0.00 | Nov 13, 2019 | In nfa_hci_handle_admin_gate_rsp of nfa_hci_act.cc, there is a possible out of bound write due to missing bounds checks. This could lead to local escalation of privilege with system execution privileges needed. User interaction is not needed for exploitation.Product:… | ||
| CVE-2019-2206 | Hig | 0.57 | 8.8 | 0.01 | Nov 13, 2019 | In rw_i93_sm_set_read_only of rw_i93.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:… | ||
| CVE-2019-2203 | Hig | 0.51 | 7.8 | 0.00 | Nov 13, 2019 | In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:… | ||
| CVE-2019-2202 | Hig | 0.51 | 7.8 | 0.00 | Nov 13, 2019 | In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:… | ||
| CVE-2019-2201 | Hig | 0.51 | 7.8 | 0.02 | Nov 13, 2019 | In generate_jsimd_ycc_rgb_convert_neon of jsimd_arm64_neon.S, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for… | ||
| CVE-2019-2195 | Hig | 0.51 | 7.8 | 0.00 | Nov 13, 2019 | In tokenize of sqlite3_android.cpp, there is a possible attacker controlled INSERT statement due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for… | ||
| CVE-2019-2193 | Hig | 0.51 | 7.8 | 0.00 | Nov 13, 2019 | In WelcomeActivity.java and related files, there is a possible permissions bypass due to a partially provisioned Device Policy Client. This could lead to local escalation of privilege, leaving an Admin app installed with no indication to the user, with User execution privileges… | ||
| CVE-2019-2192 | Hig | 0.51 | 7.8 | 0.00 | Nov 13, 2019 | In call of SliceProvider.java, there is a possible permissions bypass due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:… | ||
| CVE-2019-18279 | Hig | 0.57 | 8.8 | 0.01 | Nov 13, 2019 | In Phoenix SCT WinFlash 1.1.12.0 through 1.5.74.0, the included drivers could be used by a malicious Windows application to gain elevated privileges. Adverse impacts are limited to the Windows environment and there is no known direct impact to the UEFI firmware. This was fixed… | ||
| CVE-2019-5294 | Hig | 0.49 | 7.5 | 0.01 | Nov 13, 2019 | There is an out of bound read vulnerability in some Huawei products. A remote, unauthenticated attacker may send a corrupt or crafted message to the affected products. Due to a buffer read overflow error when parsing the message, successful exploit may cause some service to be… | ||
| CVE-2019-5289 | Hig | 0.49 | 7.5 | 0.01 | Nov 13, 2019 | Gauss100 OLTP database in ManageOne with versions of 6.5.0 have an out-of-bounds read vulnerability due to the insufficient checks of the specific packet length. Attackers can construct invalid packets to attack the active and standby communication channels. Successful exploit… | ||
| CVE-2019-18931 | Hig | 0.57 | 8.8 | 0.02 | Nov 13, 2019 | Western Digital My Cloud EX2 Ultra firmware 2.31.195 allows a Buffer Overflow with Extended Instruction Pointer (EIP) control via crafted GET/POST parameters. | ||
| CVE-2019-18930 | Hig | 0.57 | 8.8 | 0.03 | Nov 13, 2019 | Western Digital My Cloud EX2 Ultra firmware 2.31.183 allows web users (including guest account) to remotely execute arbitrary code via a stack-based buffer overflow. There is no size verification logic in one of functions in libscheddl.so, and download_mgr.cgi makes it possible… | ||
| CVE-2019-18929 | Hig | 0.57 | 8.8 | 0.03 | Nov 13, 2019 | Western Digital My Cloud EX2 Ultra firmware 2.31.183 allows web users (including guest accounts) to remotely execute arbitrary code via a download_mgr.cgi stack-based buffer overflow. | ||
| CVE-2019-15948 | Hig | 0.57 | 8.8 | 0.03 | Nov 13, 2019 | Texas Instruments CC256x and WL18xx dual-mode Bluetooth controller devices, when LE scan mode is used, allow remote attackers to trigger a buffer overflow via a malformed Bluetooth Low Energy advertising packet, to cause a denial of service or potentially execute arbitrary code.… | ||
| CVE-2013-4655 | Hig | 0.49 | 7.5 | 0.02 | Nov 13, 2019 | Symlink Traversal vulnerability in Belkin N900 due to misconfiguration in the SMB service. | ||
| CVE-2019-5288 | Hig | 0.51 | 7.8 | 0.01 | Nov 13, 2019 | P30 smart phones with versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1) have an integer overflow vulnerability due to insufficient check on specific parameters. An attacker tricks the user into installing a malicious application, obtains the root permission and constructs… | ||
| CVE-2019-5287 | Hig | 0.51 | 7.8 | 0.01 | Nov 13, 2019 | P30 smart phones with versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1) have an integer overflow vulnerability due to insufficient check on specific parameters. An attacker tricks the user into installing a malicious application, obtains the root permission and constructs… | ||
| CVE-2019-5282 | Hig | 0.51 | 7.8 | 0.01 | Nov 13, 2019 | Bastet module of some Huawei smartphones with Versions earlier than Emily-AL00A 9.0.0.182(C00E82R1P21), Versions earlier than Emily-TL00B 9.0.0.182(C01E82R1P21), Versions earlier than Emily-L09C 9.0.0.203(C432E7R1P11), Versions earlier than Emily-L29C 9.0.0.203(C432E7R1P11),… | ||
| CVE-2019-18397 | Hig | 0.44 | 7.8 | 0.02 | Nov 13, 2019 | A buffer overflow in the fribidi_get_par_embedding_levels_ex() function in lib/fribidi-bidi.c of GNU FriBidi through 1.0.7 allows an attacker to cause a denial of service or possibly execute arbitrary code by delivering crafted text content to a user, when this content is then… | ||
| CVE-2019-5233 | Hig | 0.57 | 8.8 | 0.01 | Nov 13, 2019 | Huawei smartphones with versions earlier than Taurus-AL00B 10.0.0.41(SP2C00E41R3P2) have an improper authentication vulnerability. Successful exploitation may cause the attacker to access specific components. | ||
| CVE-2019-5228 | Hig | 0.51 | 7.8 | 0.01 | Nov 12, 2019 | Certain detection module of P30, P30 Pro, Honor V20 smartphone whith Versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), Versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12), Versions earlier than Princeton-AL10B 9.1.0.233(C00E233R4P3) have a race condition… | ||
| CVE-2017-17224 | Hig | 0.57 | 8.8 | 0.00 | Nov 12, 2019 | Some Huawei smart phones with versions earlier than Harry-AL00C 9.1.0.206(C00E205R3P1) have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the… | ||
| CVE-2010-3844 | Hig | 0.50 | 8.8 | 0.01 | Nov 12, 2019 | An unchecked sscanf() call in ettercap before 0.7.5 allows an insecure temporary settings file to overflow a static-sized buffer on the stack. | ||
| CVE-2010-3305 | Hig | 0.57 | 8.8 | 0.01 | Nov 12, 2019 | Cross-site request forgery (CSRF) vulnerability in pixelpost 1.7.3 could allow remote attackers to change the admin password. | ||
| CVE-2019-14367 | Hig | 0.49 | 7.5 | 0.01 | Nov 12, 2019 | Slack-Chat through 1.5.5 leaks a Slack Access Token in source code. An attacker can obtain a lot of information about the victim's Slack (channels, members, etc.). | ||
| CVE-2019-14366 | Hig | 0.49 | 7.5 | 0.02 | Nov 12, 2019 | WP SlackSync plugin through 1.8.5 for WordPress leaks a Slack Access Token in source code. An attacker can obtain a lot of information about the victim's Slack (channels, members, etc.). | ||
| CVE-2019-14365 | Hig | 0.49 | 7.5 | 0.02 | Nov 12, 2019 | The Intercom plugin through 1.2.1 for WordPress leaks a Slack Access Token in source code. An attacker can obtain a lot of information about the victim's Slack (channels, members, etc.). | ||
| CVE-2011-2335 | Hig | 0.49 | 7.5 | 0.01 | Nov 12, 2019 | A double-free vulnerability exists in WebKit in Google Chrome before Blink M12 in the WebCore::CSSSelector function. | ||
| CVE-2010-2488 | Hig | 0.49 | 7.5 | 0.02 | Nov 12, 2019 | NULL pointer dereference vulnerability in ZNC before 0.092 caused by traffic stats when there are unauthenticated connections. | ||
| CVE-2019-1457 | Hig | 0.51 | 7.8 | 0.03 | Nov 12, 2019 | A security feature bypass vulnerability exists in Microsoft Office software by not enforcing macro settings on an Excel document, aka 'Microsoft Office Excel Security Feature Bypass'. |
- risk 0.53cvss 7.5epss 0.20
SibSoft Xfilesharing through 2.5.1 allows op=page&tmpl=../ directory traversal to read arbitrary files.
- risk 0.46cvss 7.1epss 0.01
SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface), corrected in versions 4.1 and 4.2, does not sufficiently validate an XML document accepted from an untrusted source. An attacker can craft a message that contains malicious elements that will…
- risk 0.49cvss 7.5epss 0.01
Trac 0.11.6 does not properly check workflow permissions before modifying a ticket. This can be exploited by an attacker to change the status and resolution of tickets without having proper permissions.
- risk 0.57cvss 8.8epss 0.01
An administrator of SAP NetWeaver Application Server Java (J2EE-Framework), (corrected in versions 7.1, 7.2, 7.3, 7.31, 7.4, 7.5), may change privileges for all or some functions in Java Server, and enable users to execute functions, they are not allowed to execute otherwise.
- risk 0.57cvss 8.8epss 0.01
Undocumented TELNET service in TRENDnet TEW-812DRU when a web page named backdoor contains an HTML parameter of password and a value of j78G¬DFdg_24Mhw3.
- risk 0.57cvss 8.8epss 0.01
In ConsoleKit before 0.4.2, an intended security policy restriction bypass was found. This flaw allows an authenticated system user to escalate their privileges by initiating a remote VNC session.
- risk 0.61cvss 8.8epss 0.04
views/upload.php in the ProJoom Smart Flash Header (NovaSFH) component 3.0.2 and earlier for Joomla! allows remote attackers to upload and execute arbitrary files via a crafted (1) dest parameter and (2) arbitrary extension in the Filename parameter.
- risk 0.49cvss 7.5epss 0.02
hook_file_download in the CKEditor module 7.x-1.4 for Drupal does not properly restrict access to private files, which allows remote attackers to read private files via a direct request.
- risk 0.51cvss 7.8epss 0.00
udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules.
- risk 0.49cvss 7.5epss 0.02
PHP5 before 5.4.4 allows passing invalid utf-8 strings via the xmlTextWriterWriteAttribute, which are then misparsed by libxml2. This results in memory leak into the resulting output.
- risk 0.51cvss 7.8epss 0.00
In load_logging_config of qmi_vs_service.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…
- risk 0.57cvss 8.8epss 0.01
index.php/team_members/add_team_member in RISE Ultimate Project Manager 2.3 has CSRF for adding authorized users.
- risk 0.42cvss 7.5epss 0.02
The Device Model in ACRN before 2019w25.5-140000p relies on assert calls in devicemodel/hw/pci/core.c and devicemodel/include/pci_core.h (instead of other mechanisms for propagating error information or diagnostic information), which might allow attackers to cause a denial of…
- risk 0.49cvss 8.6epss 0.01
An issue was discovered in crun before 0.10.5. With a crafted image, it doesn't correctly check whether a target is a symlink, resulting in access to files outside of the container. This occurs in libcrun/linux.c and libcrun/chroot_realpath.c.
- risk 0.51cvss 7.8epss 0.01
poppler before 0.16.3 has malformed commands that may cause corruption of the internal stack.
- risk 0.51cvss 7.8epss 0.00
In binder_transaction of binder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…
- risk 0.48cvss 7.4epss 0.00
In binder_free_transaction of binder.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…
- risk 0.49cvss 7.5epss 0.01
In createProjectionMapForQuery of TvProvider.java, there is possible SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1…
- risk 0.49cvss 7.5epss 0.01
In PromiseBuiltinsAssembler::NewPromiseCapability of builtins-promise.cc, there is a possible out of bounds read in v8 JIT code due to a bug in code generation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is…
- risk 0.51cvss 7.8epss 0.00
In nfa_hci_handle_admin_gate_rsp of nfa_hci_act.cc, there is a possible out of bound write due to missing bounds checks. This could lead to local escalation of privilege with system execution privileges needed. User interaction is not needed for exploitation.Product:…
- risk 0.57cvss 8.8epss 0.01
In rw_i93_sm_set_read_only of rw_i93.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:…
- risk 0.51cvss 7.8epss 0.00
In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…
- risk 0.51cvss 7.8epss 0.00
In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…
- risk 0.51cvss 7.8epss 0.02
In generate_jsimd_ycc_rgb_convert_neon of jsimd_arm64_neon.S, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for…
- risk 0.51cvss 7.8epss 0.00
In tokenize of sqlite3_android.cpp, there is a possible attacker controlled INSERT statement due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for…
- risk 0.51cvss 7.8epss 0.00
In WelcomeActivity.java and related files, there is a possible permissions bypass due to a partially provisioned Device Policy Client. This could lead to local escalation of privilege, leaving an Admin app installed with no indication to the user, with User execution privileges…
- risk 0.51cvss 7.8epss 0.00
In call of SliceProvider.java, there is a possible permissions bypass due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…
- risk 0.57cvss 8.8epss 0.01
In Phoenix SCT WinFlash 1.1.12.0 through 1.5.74.0, the included drivers could be used by a malicious Windows application to gain elevated privileges. Adverse impacts are limited to the Windows environment and there is no known direct impact to the UEFI firmware. This was fixed…
- risk 0.49cvss 7.5epss 0.01
There is an out of bound read vulnerability in some Huawei products. A remote, unauthenticated attacker may send a corrupt or crafted message to the affected products. Due to a buffer read overflow error when parsing the message, successful exploit may cause some service to be…
- risk 0.49cvss 7.5epss 0.01
Gauss100 OLTP database in ManageOne with versions of 6.5.0 have an out-of-bounds read vulnerability due to the insufficient checks of the specific packet length. Attackers can construct invalid packets to attack the active and standby communication channels. Successful exploit…
- risk 0.57cvss 8.8epss 0.02
Western Digital My Cloud EX2 Ultra firmware 2.31.195 allows a Buffer Overflow with Extended Instruction Pointer (EIP) control via crafted GET/POST parameters.
- risk 0.57cvss 8.8epss 0.03
Western Digital My Cloud EX2 Ultra firmware 2.31.183 allows web users (including guest account) to remotely execute arbitrary code via a stack-based buffer overflow. There is no size verification logic in one of functions in libscheddl.so, and download_mgr.cgi makes it possible…
- risk 0.57cvss 8.8epss 0.03
Western Digital My Cloud EX2 Ultra firmware 2.31.183 allows web users (including guest accounts) to remotely execute arbitrary code via a download_mgr.cgi stack-based buffer overflow.
- risk 0.57cvss 8.8epss 0.03
Texas Instruments CC256x and WL18xx dual-mode Bluetooth controller devices, when LE scan mode is used, allow remote attackers to trigger a buffer overflow via a malformed Bluetooth Low Energy advertising packet, to cause a denial of service or potentially execute arbitrary code.…
- risk 0.49cvss 7.5epss 0.02
Symlink Traversal vulnerability in Belkin N900 due to misconfiguration in the SMB service.
- risk 0.51cvss 7.8epss 0.01
P30 smart phones with versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1) have an integer overflow vulnerability due to insufficient check on specific parameters. An attacker tricks the user into installing a malicious application, obtains the root permission and constructs…
- risk 0.51cvss 7.8epss 0.01
P30 smart phones with versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1) have an integer overflow vulnerability due to insufficient check on specific parameters. An attacker tricks the user into installing a malicious application, obtains the root permission and constructs…
- risk 0.51cvss 7.8epss 0.01
Bastet module of some Huawei smartphones with Versions earlier than Emily-AL00A 9.0.0.182(C00E82R1P21), Versions earlier than Emily-TL00B 9.0.0.182(C01E82R1P21), Versions earlier than Emily-L09C 9.0.0.203(C432E7R1P11), Versions earlier than Emily-L29C 9.0.0.203(C432E7R1P11),…
- risk 0.44cvss 7.8epss 0.02
A buffer overflow in the fribidi_get_par_embedding_levels_ex() function in lib/fribidi-bidi.c of GNU FriBidi through 1.0.7 allows an attacker to cause a denial of service or possibly execute arbitrary code by delivering crafted text content to a user, when this content is then…
- risk 0.57cvss 8.8epss 0.01
Huawei smartphones with versions earlier than Taurus-AL00B 10.0.0.41(SP2C00E41R3P2) have an improper authentication vulnerability. Successful exploitation may cause the attacker to access specific components.
- risk 0.51cvss 7.8epss 0.01
Certain detection module of P30, P30 Pro, Honor V20 smartphone whith Versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), Versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12), Versions earlier than Princeton-AL10B 9.1.0.233(C00E233R4P3) have a race condition…
- risk 0.57cvss 8.8epss 0.00
Some Huawei smart phones with versions earlier than Harry-AL00C 9.1.0.206(C00E205R3P1) have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the…
- risk 0.50cvss 8.8epss 0.01
An unchecked sscanf() call in ettercap before 0.7.5 allows an insecure temporary settings file to overflow a static-sized buffer on the stack.
- risk 0.57cvss 8.8epss 0.01
Cross-site request forgery (CSRF) vulnerability in pixelpost 1.7.3 could allow remote attackers to change the admin password.
- risk 0.49cvss 7.5epss 0.01
Slack-Chat through 1.5.5 leaks a Slack Access Token in source code. An attacker can obtain a lot of information about the victim's Slack (channels, members, etc.).
- risk 0.49cvss 7.5epss 0.02
WP SlackSync plugin through 1.8.5 for WordPress leaks a Slack Access Token in source code. An attacker can obtain a lot of information about the victim's Slack (channels, members, etc.).
- risk 0.49cvss 7.5epss 0.02
The Intercom plugin through 1.2.1 for WordPress leaks a Slack Access Token in source code. An attacker can obtain a lot of information about the victim's Slack (channels, members, etc.).
- risk 0.49cvss 7.5epss 0.01
A double-free vulnerability exists in WebKit in Google Chrome before Blink M12 in the WebCore::CSSSelector function.
- risk 0.49cvss 7.5epss 0.02
NULL pointer dereference vulnerability in ZNC before 0.092 caused by traffic stats when there are unauthenticated connections.
- risk 0.51cvss 7.8epss 0.03
A security feature bypass vulnerability exists in Microsoft Office software by not enforcing macro settings on an Excel document, aka 'Microsoft Office Excel Security Feature Bypass'.