| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-18277 | Hig | 0.43 | 7.5 | 0.10 | Oct 23, 2019 | A flaw was found in HAProxy before 2.0.6. In legacy mode, messages featuring a transfer-encoding header missing the "chunked" value were not being correctly rejected. The impact was limited but if combined with the "http-reuse always" setting, it could be used to help construct… | ||
| CVE-2019-18220 | Hig | 0.57 | 8.8 | 0.01 | Oct 23, 2019 | Sitemagic CMS 4.4.1 is affected by a Cross-Site-Request-Forgery (CSRF) issue as it doesn't implement any method to validate incoming requests, allowing the execution of critical functionalities via spoofed requests. This behavior could be abused by a remote unauthenticated… | ||
| CVE-2019-10476 | Hig | 0.44 | 7.8 | 0.00 | Oct 23, 2019 | Jenkins Zulip Plugin 1.1.0 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system. | ||
| CVE-2019-10471 | Hig | 0.50 | 8.8 | 0.01 | Oct 23, 2019 | A cross-site request forgery vulnerability in Jenkins Libvirt Slaves Plugin allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | ||
| CVE-2019-10468 | Hig | 0.57 | 8.8 | 0.01 | Oct 23, 2019 | A cross-site request forgery vulnerability in Jenkins ElasticBox Jenkins Kubernetes CI/CD Plugin allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | ||
| CVE-2019-10466 | Hig | 0.53 | 8.1 | 0.01 | Oct 23, 2019 | An XML external entities (XXE) vulnerability in Jenkins 360 FireLine Plugin allows attackers with Overall/Read access to have Jenkins resolve external entities, resulting in the extraction of secrets from the Jenkins agent, server-side request forgery, or denial-of-service… | ||
| CVE-2019-10464 | Hig | 0.57 | 8.8 | 0.01 | Oct 23, 2019 | A cross-site request forgery vulnerability in Jenkins Deploy WebLogic Plugin allows attackers to connect to an attacker-specified URL using attacker-specified credentials, or determine whether a file or directory with an attacker-specified path exists on the Jenkins master file… | ||
| CVE-2019-10462 | Hig | 0.46 | 8.1 | 0.01 | Oct 23, 2019 | A cross-site request forgery vulnerability in Jenkins Dynatrace Application Monitoring Plugin 2.1.3 and earlier allowed attackers to connect to an attacker-specified URL using attacker-specified credentials. | ||
| CVE-2019-10461 | Hig | 0.51 | 7.8 | 0.00 | Oct 23, 2019 | Jenkins Dynatrace Application Monitoring Plugin 2.1.3 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system. | ||
| CVE-2019-10460 | Hig | 0.44 | 7.8 | 0.00 | Oct 23, 2019 | Jenkins Bitbucket OAuth Plugin 0.9 and earlier stored credentials unencrypted in the global config.xml configuration file on the Jenkins master where they could be viewed by users with access to the master file system. | ||
| CVE-2015-9498 | Hig | 0.57 | 8.8 | 0.01 | Oct 22, 2019 | The wps-hide-login plugin before 1.1 for WordPress has CSRF that affects saving an option value. | ||
| CVE-2015-9497 | Hig | 0.57 | 8.8 | 0.01 | Oct 22, 2019 | The ad-inserter plugin before 1.5.3 for WordPress has CSRF with resultant XSS via wp-admin/options-general.php?page=ad-inserter.php. | ||
| CVE-2015-9496 | Hig | 0.57 | 8.8 | 0.02 | Oct 22, 2019 | The freshmail-newsletter plugin before 1.6 for WordPress has shortcode.php SQL Injection via the 'FM_form id=' substring. | ||
| CVE-2019-12290 | Hig | 0.49 | 7.5 | 0.03 | Oct 22, 2019 | GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels to U-labels. This makes it possible in some circumstances for one domain to impersonate another. By creating a malicious domain that matches a target domain… | ||
| CVE-2019-10079 | Hig | 0.42 | 7.5 | 0.05 | Oct 22, 2019 | Apache Traffic Server is vulnerable to HTTP/2 setting flood attacks. Earlier versions of Apache Traffic Server didn't limit the number of setting frames sent from the client using the HTTP/2 protocol. Users should upgrade to Apache Traffic Server 7.1.7, 8.0.4, or later versions. | ||
| CVE-2019-4523 | Hig | 0.51 | 7.8 | 0.00 | Oct 22, 2019 | IBM DB2 High Performance Unload load for LUW 6.1 and 6.5 is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privileges. IBM X-Force ID: 165481. | ||
| CVE-2019-17424 | Hig | 0.55 | 7.8 | 0.13 | Oct 22, 2019 | A stack-based buffer overflow in the processPrivilage() function in IOS/process-general.c in nipper-ng 0.11.10 allows remote attackers (serving firewall configuration files) to achieve Remote Code Execution or Denial Of Service via a crafted file. | ||
| CVE-2019-17400 | — | Hig | 0.42 | 7.5 | 0.02 | Oct 21, 2019 | The unoconv package before 0.9 mishandles untrusted pathnames, leading to SSRF and local file inclusion. | |
| CVE-2019-16404 | Hig | 0.57 | 8.8 | 0.01 | Oct 21, 2019 | Authenticated SQL Injection in interface/forms/eye_mag/js/eye_base.php in OpenEMR through 5.0.2 allows a user to extract arbitrary data from the openemr database via a non-parameterized INSERT INTO statement, as demonstrated by the providerID parameter. | ||
| CVE-2019-17498 | Hig | 0.46 | 8.1 | 0.04 | Oct 21, 2019 | In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive… | ||
| CVE-2019-9491 | Hig | 0.55 | 7.8 | 0.13 | Oct 21, 2019 | Trend Micro Anti-Threat Toolkit (ATTK) versions 1.62.0.1218 and below have a vulnerability that may allow an attacker to place malicious files in the same directory, potentially leading to arbitrary remote code execution (RCE) when executed. | ||
| CVE-2019-16965 | Hig | 0.40 | 7.2 | 0.03 | Oct 21, 2019 | resources/cmd.php in FusionPBX up to 4.5.7 suffers from a command injection vulnerability due to a lack of input validation, which allows authenticated administrative attackers to execute any commands on the host as www-data. | ||
| CVE-2019-16964 | Hig | 0.00 | 8.8 | 0.02 | Oct 21, 2019 | app/call_centers/cmd.php in the Call Center Queue Module in FusionPBX up to 4.5.7 suffers from a command injection vulnerability due to a lack of input validation, which allows authenticated attackers (with at least the permission call_center_queue_add or call_center_queue_edit)… | ||
| CVE-2019-16980 | Hig | 0.50 | 8.8 | 0.01 | Oct 21, 2019 | In FusionPBX up to v4.5.7, the file app\call_broadcast\call_broadcast_edit.php uses an unsanitized "id" variable coming from the URL in an unparameterized SQL query, leading to SQL injection. | ||
| CVE-2019-16530 | — | Hig | 0.47 | 7.2 | 0.03 | Oct 21, 2019 | Sonatype Nexus Repository Manager 2.x before 2.14.15 and 3.x before 3.19, and IQ Server before 72, has remote code execution. | |
| CVE-2019-18218 | Hig | 0.44 | 7.8 | 0.02 | Oct 21, 2019 | cdf_read_property_info in cdf.c in file through 5.37 does not restrict the number of CDF_VECTOR elements, which allows a heap-based buffer overflow (4-byte out-of-bounds write). | ||
| CVE-2019-18217 | Hig | 0.50 | 7.5 | 0.20 | Oct 21, 2019 | ProFTPD before 1.3.6b and 1.3.7rc before 1.3.7rc2 allows remote unauthenticated denial-of-service due to incorrect handling of overly long commands because main.c in a child process enters an infinite loop. | ||
| CVE-2019-10716 | Hig | 0.53 | 7.7 | 0.04 | Oct 21, 2019 | An Information Disclosure issue in Verodin Director 3.5.3.1 and earlier reveals usernames and passwords of integrated security technologies via a /integrations.json JSON REST API request. | ||
| CVE-2019-18214 | Hig | 0.50 | 7.7 | 0.01 | Oct 19, 2019 | The Video_Converter app 0.1.0 for Nextcloud allows denial of service (CPU and memory consumption) via multiple concurrent conversions because many FFmpeg processes may be running at once. (The workload is not queued for serial execution.) | ||
| CVE-2019-18198 | Hig | 0.44 | 7.8 | 0.00 | Oct 18, 2019 | In the Linux kernel before 5.3.4, a reference count usage error in the fib6_rule_suppress() function in the fib6 suppression feature of net/ipv6/fib6_rules.c, when handling the FIB_LOOKUP_NOREF flag, can be exploited by a local attacker to corrupt memory, aka CID-ca7a03c41753. | ||
| CVE-2019-18197 | — | Hig | 0.42 | 7.5 | 0.04 | Oct 18, 2019 | In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitialized… | |
| CVE-2019-13545 | Hig | 0.51 | 7.8 | 0.02 | Oct 18, 2019 | In Horner Automation Cscape 9.90 and prior, improper validation of data may cause the system to write outside the intended buffer area, which may allow arbitrary code execution. | ||
| CVE-2019-13541 | Hig | 0.51 | 7.8 | 0.02 | Oct 18, 2019 | In Horner Automation Cscape 9.90 and prior, an improper input validation vulnerability has been identified that may be exploited by processing files lacking user input validation. This may allow an attacker to access information and remotely execute arbitrary code. | ||
| CVE-2019-17367 | Hig | 0.50 | 8.8 | 0.01 | Oct 18, 2019 | OpenWRT firmware version 18.06.4 is vulnerable to CSRF via wireless/radio0.network1, wireless/radio1.network1, firewall, firewall/zones, firewall/forwards, firewall/rules, network/wan, network/wan6, or network/lan under /cgi-bin/luci/admin/network/. | ||
| CVE-2019-15901 | Hig | 0.00 | 8.8 | 0.03 | Oct 18, 2019 | An issue was discovered in slicer69 doas before 6.2 on certain platforms other than OpenBSD. A setusercontext(3) call with flags to change the UID, primary GID, and secondary GIDs was replaced (on certain platforms: Linux and possibly NetBSD) with a single setuid(2) call. This… | ||
| CVE-2019-16919 | Hig | 0.42 | 7.5 | 0.02 | Oct 18, 2019 | Harbor API has a Broken Access Control vulnerability. The vulnerability allows project administrators to use the Harbor API to create a robot account with unauthorized push and/or pull access permissions to a project they don't have access or control for. The Harbor API did not… | ||
| CVE-2019-17513 | — | Hig | 0.42 | 7.5 | 0.02 | Oct 18, 2019 | An issue was discovered in Ratpack before 1.7.5. Due to a misuse of the Netty library class DefaultHttpHeaders, there is no validation that headers lack HTTP control characters. Thus, if untrusted data is used to construct HTTP headers with Ratpack, HTTP Response Splitting can… | |
| CVE-2019-8226 | Hig | 0.49 | 7.5 | 0.03 | Oct 17, 2019 | Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an incomplete implementation of security mechanism vulnerability. Successful exploitation could… | ||
| CVE-2019-8225 | Hig | 0.57 | 8.8 | 0.04 | Oct 17, 2019 | Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution… | ||
| CVE-2019-8224 | Hig | 0.57 | 8.8 | 0.04 | Oct 17, 2019 | Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution… | ||
| CVE-2019-8223 | Hig | 0.57 | 8.8 | 0.04 | Oct 17, 2019 | Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution… | ||
| CVE-2019-8222 | Hig | 0.49 | 7.5 | 0.03 | Oct 17, 2019 | Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information… | ||
| CVE-2019-8219 | Hig | 0.57 | 8.8 | 0.04 | Oct 17, 2019 | Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution… | ||
| CVE-2019-8218 | Hig | 0.49 | 7.5 | 0.03 | Oct 17, 2019 | Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information… | ||
| CVE-2019-8217 | Hig | 0.57 | 8.8 | 0.04 | Oct 17, 2019 | Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution… | ||
| CVE-2019-8216 | Hig | 0.49 | 7.5 | 0.03 | Oct 17, 2019 | Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information… | ||
| CVE-2019-8210 | Hig | 0.57 | 8.8 | 0.04 | Oct 17, 2019 | Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution… | ||
| CVE-2019-8209 | Hig | 0.57 | 8.8 | 0.04 | Oct 17, 2019 | Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution… | ||
| CVE-2019-8208 | Hig | 0.57 | 8.8 | 0.04 | Oct 17, 2019 | Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution… | ||
| CVE-2019-8207 | Hig | 0.49 | 7.5 | 0.03 | Oct 17, 2019 | Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information… |
- risk 0.43cvss 7.5epss 0.10
A flaw was found in HAProxy before 2.0.6. In legacy mode, messages featuring a transfer-encoding header missing the "chunked" value were not being correctly rejected. The impact was limited but if combined with the "http-reuse always" setting, it could be used to help construct…
- risk 0.57cvss 8.8epss 0.01
Sitemagic CMS 4.4.1 is affected by a Cross-Site-Request-Forgery (CSRF) issue as it doesn't implement any method to validate incoming requests, allowing the execution of critical functionalities via spoofed requests. This behavior could be abused by a remote unauthenticated…
- risk 0.44cvss 7.8epss 0.00
Jenkins Zulip Plugin 1.1.0 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system.
- risk 0.50cvss 8.8epss 0.01
A cross-site request forgery vulnerability in Jenkins Libvirt Slaves Plugin allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
- risk 0.57cvss 8.8epss 0.01
A cross-site request forgery vulnerability in Jenkins ElasticBox Jenkins Kubernetes CI/CD Plugin allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
- risk 0.53cvss 8.1epss 0.01
An XML external entities (XXE) vulnerability in Jenkins 360 FireLine Plugin allows attackers with Overall/Read access to have Jenkins resolve external entities, resulting in the extraction of secrets from the Jenkins agent, server-side request forgery, or denial-of-service…
- risk 0.57cvss 8.8epss 0.01
A cross-site request forgery vulnerability in Jenkins Deploy WebLogic Plugin allows attackers to connect to an attacker-specified URL using attacker-specified credentials, or determine whether a file or directory with an attacker-specified path exists on the Jenkins master file…
- risk 0.46cvss 8.1epss 0.01
A cross-site request forgery vulnerability in Jenkins Dynatrace Application Monitoring Plugin 2.1.3 and earlier allowed attackers to connect to an attacker-specified URL using attacker-specified credentials.
- risk 0.51cvss 7.8epss 0.00
Jenkins Dynatrace Application Monitoring Plugin 2.1.3 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system.
- risk 0.44cvss 7.8epss 0.00
Jenkins Bitbucket OAuth Plugin 0.9 and earlier stored credentials unencrypted in the global config.xml configuration file on the Jenkins master where they could be viewed by users with access to the master file system.
- risk 0.57cvss 8.8epss 0.01
The wps-hide-login plugin before 1.1 for WordPress has CSRF that affects saving an option value.
- risk 0.57cvss 8.8epss 0.01
The ad-inserter plugin before 1.5.3 for WordPress has CSRF with resultant XSS via wp-admin/options-general.php?page=ad-inserter.php.
- risk 0.57cvss 8.8epss 0.02
The freshmail-newsletter plugin before 1.6 for WordPress has shortcode.php SQL Injection via the 'FM_form id=' substring.
- risk 0.49cvss 7.5epss 0.03
GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels to U-labels. This makes it possible in some circumstances for one domain to impersonate another. By creating a malicious domain that matches a target domain…
- risk 0.42cvss 7.5epss 0.05
Apache Traffic Server is vulnerable to HTTP/2 setting flood attacks. Earlier versions of Apache Traffic Server didn't limit the number of setting frames sent from the client using the HTTP/2 protocol. Users should upgrade to Apache Traffic Server 7.1.7, 8.0.4, or later versions.
- risk 0.51cvss 7.8epss 0.00
IBM DB2 High Performance Unload load for LUW 6.1 and 6.5 is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privileges. IBM X-Force ID: 165481.
- risk 0.55cvss 7.8epss 0.13
A stack-based buffer overflow in the processPrivilage() function in IOS/process-general.c in nipper-ng 0.11.10 allows remote attackers (serving firewall configuration files) to achieve Remote Code Execution or Denial Of Service via a crafted file.
- risk 0.42cvss 7.5epss 0.02
The unoconv package before 0.9 mishandles untrusted pathnames, leading to SSRF and local file inclusion.
- risk 0.57cvss 8.8epss 0.01
Authenticated SQL Injection in interface/forms/eye_mag/js/eye_base.php in OpenEMR through 5.0.2 allows a user to extract arbitrary data from the openemr database via a non-parameterized INSERT INTO statement, as demonstrated by the providerID parameter.
- risk 0.46cvss 8.1epss 0.04
In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive…
- risk 0.55cvss 7.8epss 0.13
Trend Micro Anti-Threat Toolkit (ATTK) versions 1.62.0.1218 and below have a vulnerability that may allow an attacker to place malicious files in the same directory, potentially leading to arbitrary remote code execution (RCE) when executed.
- risk 0.40cvss 7.2epss 0.03
resources/cmd.php in FusionPBX up to 4.5.7 suffers from a command injection vulnerability due to a lack of input validation, which allows authenticated administrative attackers to execute any commands on the host as www-data.
- risk 0.00cvss 8.8epss 0.02
app/call_centers/cmd.php in the Call Center Queue Module in FusionPBX up to 4.5.7 suffers from a command injection vulnerability due to a lack of input validation, which allows authenticated attackers (with at least the permission call_center_queue_add or call_center_queue_edit)…
- risk 0.50cvss 8.8epss 0.01
In FusionPBX up to v4.5.7, the file app\call_broadcast\call_broadcast_edit.php uses an unsanitized "id" variable coming from the URL in an unparameterized SQL query, leading to SQL injection.
- risk 0.47cvss 7.2epss 0.03
Sonatype Nexus Repository Manager 2.x before 2.14.15 and 3.x before 3.19, and IQ Server before 72, has remote code execution.
- risk 0.44cvss 7.8epss 0.02
cdf_read_property_info in cdf.c in file through 5.37 does not restrict the number of CDF_VECTOR elements, which allows a heap-based buffer overflow (4-byte out-of-bounds write).
- risk 0.50cvss 7.5epss 0.20
ProFTPD before 1.3.6b and 1.3.7rc before 1.3.7rc2 allows remote unauthenticated denial-of-service due to incorrect handling of overly long commands because main.c in a child process enters an infinite loop.
- risk 0.53cvss 7.7epss 0.04
An Information Disclosure issue in Verodin Director 3.5.3.1 and earlier reveals usernames and passwords of integrated security technologies via a /integrations.json JSON REST API request.
- risk 0.50cvss 7.7epss 0.01
The Video_Converter app 0.1.0 for Nextcloud allows denial of service (CPU and memory consumption) via multiple concurrent conversions because many FFmpeg processes may be running at once. (The workload is not queued for serial execution.)
- risk 0.44cvss 7.8epss 0.00
In the Linux kernel before 5.3.4, a reference count usage error in the fib6_rule_suppress() function in the fib6 suppression feature of net/ipv6/fib6_rules.c, when handling the FIB_LOOKUP_NOREF flag, can be exploited by a local attacker to corrupt memory, aka CID-ca7a03c41753.
- risk 0.42cvss 7.5epss 0.04
In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitialized…
- risk 0.51cvss 7.8epss 0.02
In Horner Automation Cscape 9.90 and prior, improper validation of data may cause the system to write outside the intended buffer area, which may allow arbitrary code execution.
- risk 0.51cvss 7.8epss 0.02
In Horner Automation Cscape 9.90 and prior, an improper input validation vulnerability has been identified that may be exploited by processing files lacking user input validation. This may allow an attacker to access information and remotely execute arbitrary code.
- risk 0.50cvss 8.8epss 0.01
OpenWRT firmware version 18.06.4 is vulnerable to CSRF via wireless/radio0.network1, wireless/radio1.network1, firewall, firewall/zones, firewall/forwards, firewall/rules, network/wan, network/wan6, or network/lan under /cgi-bin/luci/admin/network/.
- risk 0.00cvss 8.8epss 0.03
An issue was discovered in slicer69 doas before 6.2 on certain platforms other than OpenBSD. A setusercontext(3) call with flags to change the UID, primary GID, and secondary GIDs was replaced (on certain platforms: Linux and possibly NetBSD) with a single setuid(2) call. This…
- risk 0.42cvss 7.5epss 0.02
Harbor API has a Broken Access Control vulnerability. The vulnerability allows project administrators to use the Harbor API to create a robot account with unauthorized push and/or pull access permissions to a project they don't have access or control for. The Harbor API did not…
- risk 0.42cvss 7.5epss 0.02
An issue was discovered in Ratpack before 1.7.5. Due to a misuse of the Netty library class DefaultHttpHeaders, there is no validation that headers lack HTTP control characters. Thus, if untrusted data is used to construct HTTP headers with Ratpack, HTTP Response Splitting can…
- risk 0.49cvss 7.5epss 0.03
Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an incomplete implementation of security mechanism vulnerability. Successful exploitation could…
- risk 0.57cvss 8.8epss 0.04
Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution…
- risk 0.57cvss 8.8epss 0.04
Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution…
- risk 0.57cvss 8.8epss 0.04
Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution…
- risk 0.49cvss 7.5epss 0.03
Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information…
- risk 0.57cvss 8.8epss 0.04
Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution…
- risk 0.49cvss 7.5epss 0.03
Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information…
- risk 0.57cvss 8.8epss 0.04
Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution…
- risk 0.49cvss 7.5epss 0.03
Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information…
- risk 0.57cvss 8.8epss 0.04
Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution…
- risk 0.57cvss 8.8epss 0.04
Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution…
- risk 0.57cvss 8.8epss 0.04
Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution…
- risk 0.49cvss 7.5epss 0.03
Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information…