| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-5756 | Hig | 0.57 | 8.8 | 0.03 | Feb 19, 2019 | Inappropriate memory management when caching in PDFium in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. | ||
| CVE-2019-5755 | Hig | 0.53 | 8.1 | 0.02 | Feb 19, 2019 | Incorrect handling of negative zero in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. | ||
| CVE-2019-8933 | Hig | 0.57 | 8.8 | 0.03 | Feb 19, 2019 | In DedeCMS 5.7SP2, attackers can upload a .php file to the uploads/ directory (without being blocked by the Web Application Firewall), and then execute this file, via this sequence of steps: visiting the management page, clicking on the template, clicking on Default Template… | ||
| CVE-2019-8919 | Hig | 0.49 | 7.5 | 0.01 | Feb 18, 2019 | The seadroid (aka Seafile Android Client) application through 2.2.13 for Android always uses the same Initialization Vector (IV) with Cipher Block Chaining (CBC) Mode to encrypt private data, making it easier to conduct chosen-plaintext attacks or dictionary attacks. | ||
| CVE-2019-8912 | Hig | 0.44 | 7.8 | 0.01 | Feb 18, 2019 | In the Linux kernel through 4.20.11, af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr. | ||
| CVE-2019-8910 | Hig | 0.57 | 8.8 | 0.01 | Feb 18, 2019 | An issue was discovered in WTCMS 1.0. It allows index.php?g=admin&m=setting&a=site_post CSRF. | ||
| CVE-2019-8909 | Hig | 0.49 | 7.5 | 0.02 | Feb 18, 2019 | An issue was discovered in WTCMS 1.0. It allows remote attackers to cause a denial of service (resource consumption) via crafted dimensions for the verification code image. | ||
| CVE-2019-8907 | Hig | 0.57 | 8.8 | 0.03 | Feb 18, 2019 | do_core_note in readelf.c in libmagic.a in file 5.35 allows remote attackers to cause a denial of service (stack corruption and application crash) or possibly have unspecified other impact. | ||
| CVE-2019-8904 | Hig | 0.57 | 8.8 | 0.02 | Feb 18, 2019 | do_bid_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printf and file_vprintf. | ||
| CVE-2019-0109 | Hig | 0.51 | 7.8 | 0.00 | Feb 18, 2019 | Improper folder permissions in Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||
| CVE-2019-0105 | Hig | 0.51 | 7.8 | 0.00 | Feb 18, 2019 | Insufficient file permissions checking in install routine for Intel(R) Data Center Manager SDK before version 5.0.2 may allow authenticated user to potentially enable escalation of privilege via local access. | ||
| CVE-2019-0102 | Hig | 0.57 | 8.8 | 0.01 | Feb 18, 2019 | Insufficient session authentication in web server for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access. | ||
| CVE-2019-8903 | Hig | 0.02 | 7.5 | 0.72 | Feb 18, 2019 | index.js in Total.js Platform before 3.2.3 allows path traversal. | ||
| CVE-2019-8372 | Hig | 0.46 | 7.0 | 0.01 | Feb 18, 2019 | The LHA.sys driver before 1.1.1811.2101 in LG Device Manager exposes functionality that allows low-privileged users to read and write arbitrary physical memory via specially crafted IOCTL requests and elevate system privileges. This occurs because the device object has an… | ||
| CVE-2019-6453 | Hig | 0.61 | 8.1 | 0.72 | Feb 18, 2019 | mIRC before 7.55 allows remote command execution by using argument injection through custom URI protocol handlers. The attacker can specify an irc:// URI that loads an arbitrary .ini file from a UNC share pathname. Exploitation depends on browser-specific URI handling (Chrome is… | ||
| CVE-2019-8433 | Hig | 0.49 | 7.5 | 0.01 | Feb 18, 2019 | JTBC(PHP) 3.0.1.8 allows Arbitrary File Upload via the console/#/console/file/manage.php?type=list URI, as demonstrated by a .php file. | ||
| CVE-2019-8422 | Hig | 0.47 | 7.2 | 0.01 | Feb 17, 2019 | A SQL Injection vulnerability exists in PbootCMS v1.3.2 via the description parameter in apps\admin\controller\content\ContentController.php. | ||
| CVE-2019-8421 | Hig | 0.47 | 7.2 | 0.01 | Feb 17, 2019 | upload/protected/modules/admini/views/post/index.php in BageCMS through 3.1.4 allows SQL Injection via the title or titleAlias parameter. | ||
| CVE-2019-8418 | Hig | 0.57 | 8.8 | 0.01 | Feb 17, 2019 | SeaCMS 7.2 mishandles member.php?mod=repsw4 requests. | ||
| CVE-2019-7649 | Hig | 0.49 | 7.5 | 0.01 | Feb 17, 2019 | global.encryptPassword in bootstrap/global.js in CMSWing 1.3.7 relies on multiple MD5 operations for password hashing. | ||
| CVE-2019-8412 | Hig | 0.57 | 8.8 | 0.03 | Feb 17, 2019 | FeiFeiCms 4.0.181010 on Windows allows remote attackers to read or delete arbitrary files via index.php?s=Admin-Data-Down-id-..\ or index.php?s=Admin-Data-Del-id-..\ directory traversal. | ||
| CVE-2019-8411 | Hig | 0.49 | 7.5 | 0.03 | Feb 17, 2019 | admin/dl_data.php in zzcms 2018 (2018-10-19) allows remote attackers to delete arbitrary files via action=del&filename=../ directory traversal. | ||
| CVE-2018-20782 | Hig | 0.04 | 7.5 | 0.10 | Feb 17, 2019 | The GloBee plugin before 1.1.2 for WooCommerce mishandles IPN messages. | ||
| CVE-2019-8392 | Hig | 0.49 | 7.5 | 0.02 | Feb 17, 2019 | An issue was discovered on D-Link DIR-823G devices with firmware 1.02B03. There is incorrect access control allowing remote attackers to enable Guest Wi-Fi via the SetWLanRadioSettings HNAP API to the web service provided by /bin/goahead. | ||
| CVE-2019-7399 | Hig | 0.48 | 7.4 | 0.01 | Feb 17, 2019 | Amazon Fire OS before 5.3.6.4 allows a man-in-the-middle attack against HTTP requests for "Terms of Use" and Privacy pages. | ||
| CVE-2019-8389 | Hig | 0.53 | 8.1 | 0.01 | Feb 17, 2019 | A file-read vulnerability was identified in the Wi-Fi transfer feature of Musicloud 1.6. By default, the application runs a transfer service on port 8080, accessible by everyone on the same Wi-Fi network. An attacker can send the POST parameters downfiles and cur-folder (with a… | ||
| CVE-2019-8383 | Hig | 0.51 | 7.8 | 0.01 | Feb 17, 2019 | An issue was discovered in AdvanceCOMP through 2.1. An invalid memory address occurs in the function adv_png_unfilter_8 in lib/png.c. It can be triggered by sending a crafted file to a binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly… | ||
| CVE-2019-8382 | Hig | 0.57 | 8.8 | 0.02 | Feb 17, 2019 | An issue was discovered in Bento4 1.5.1-628. A NULL pointer dereference occurs in the function AP4_List:Find located in Core/Ap4List.h when called from Core/Ap4Movie.cpp. It can be triggered by sending a crafted file to the mp4dump binary. It allows an attacker to cause a Denial… | ||
| CVE-2019-8381 | Hig | 0.51 | 7.8 | 0.01 | Feb 17, 2019 | An issue was discovered in Tcpreplay 4.3.1. An invalid memory access occurs in do_checksum in checksum.c. It can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have… | ||
| CVE-2019-8380 | Hig | 0.57 | 8.8 | 0.02 | Feb 17, 2019 | An issue was discovered in Bento4 1.5.1-628. A NULL pointer dereference occurs in AP4_Track::GetSampleIndexForTimeStampMs() located in Core/Ap4Track.cpp. It can triggered by sending a crafted file to the mp4audioclip binary. It allows an attacker to cause a Denial of Service… | ||
| CVE-2019-8379 | Hig | 0.44 | 7.8 | 0.01 | Feb 17, 2019 | An issue was discovered in AdvanceCOMP through 2.1. A NULL pointer dereference exists in the function be_uint32_read() located in endianrw.h. It can be triggered by sending a crafted file to a binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or… | ||
| CVE-2019-8378 | Hig | 0.57 | 8.8 | 0.02 | Feb 17, 2019 | An issue was discovered in Bento4 1.5.1-628. A heap-based buffer over-read exists in AP4_BitStream::ReadBytes() in Codecs/Ap4BitStream.cpp, a similar issue to CVE-2017-14645. It can be triggered by sending a crafted file to the aac2mp4 binary. It allows an attacker to cause a… | ||
| CVE-2019-8377 | Hig | 0.51 | 7.8 | 0.01 | Feb 17, 2019 | An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_ipv6_l4proto() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service… | ||
| CVE-2019-8376 | Hig | 0.51 | 7.8 | 0.01 | Feb 17, 2019 | An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_layer4_v6() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation… | ||
| CVE-2019-8362 | Hig | 0.49 | 7.5 | 0.01 | Feb 16, 2019 | DedeCMS through V5.7SP2 allows arbitrary file upload in dede/album_edit.php or dede/album_add.php, as demonstrated by a dede/album_edit.php?dopost=save&formzip=1 request with a ZIP archive that contains a file such as "1.jpg.php" (because input validation only checks that .jpg,… | ||
| CVE-2019-8358 | Hig | 0.53 | 8.1 | 0.01 | Feb 16, 2019 | In Hiawatha before 10.8.4, a remote attacker is able to do directory traversal if AllowDotFiles is enabled. | ||
| CVE-2015-4617 | Hig | 0.49 | 7.5 | 0.02 | Feb 15, 2019 | Vulnerability in Easy2map-photos WordPress Plugin v1.09 MapPinImageUpload.php and MapPinIconSave.php allows path traversal when specifying file names creating files outside of the upload directory. | ||
| CVE-2013-2516 | — | Hig | 0.50 | 8.8 | 0.03 | Feb 15, 2019 | Vulnerability in FileUtils v0.7, Ruby Gem Fileutils <= v0.7 Command Injection vulnerability in user supplied url variable that is passed to the shell. | |
| CVE-2018-1727 | Hig | 0.46 | 7.1 | 0.02 | Feb 15, 2019 | IBM InfoSphere Information Server 9.1, 11.3, 11.5, and 11.7 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID:… | ||
| CVE-2018-1701 | Hig | 0.55 | 8.5 | 0.01 | Feb 15, 2019 | IBM InfoSphere Information Server 11.7 could allow an authenciated user under specialized conditions to inject commands into the installation process that would execute on the WebSphere Application Server. IBM X-Force ID: 145970. | ||
| CVE-2019-0267 | Hig | 0.57 | 8.8 | 0.01 | Feb 15, 2019 | SAP Manufacturing Integration and Intelligence, versions 15.0, 15.1 and 15.2, (Illuminator Servlet) currently does not provide Anti-XSRF tokens. This might lead to XSRF attacks in case the data is being posted to the Servlet from an external application. | ||
| CVE-2019-0266 | Hig | 0.49 | 7.5 | 0.02 | Feb 15, 2019 | Under certain conditions SAP HANA Extended Application Services, version 1.0, advanced model (XS advanced) writes credentials of platform users to a trace file of the SAP HANA system. Even though this trace file is protected from unauthorized access, the risk of leaking… | ||
| CVE-2019-0258 | Hig | 0.57 | 8.8 | 0.01 | Feb 15, 2019 | SAP Disclosure Management, version 10.01, does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. | ||
| CVE-2019-0257 | Hig | 0.57 | 8.8 | 0.01 | Feb 15, 2019 | Customizing functionality of SAP NetWeaver AS ABAP Platform (fixed in versions from 7.0 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.53, from 7.74 to 7.75) does not perform necessary authorization checks for an authenticated user, resulting in escalation of… | ||
| CVE-2019-0255 | Hig | 0.53 | 8.1 | 0.02 | Feb 15, 2019 | SAP NetWeaver AS ABAP Platform, Krnl64nuc 7.74, krnl64UC 7.73, 7.74, Kernel 7.73, 7.74, 7.75, fails to validate type of installation for an ABAP Server system correctly. That behavior may lead to situation, where business user achieves access to the full SAP Menu, that is 'Easy… | ||
| CVE-2019-8347 | Hig | 0.57 | 8.8 | 0.01 | Feb 15, 2019 | BEESCMS 4.0 has a CSRF vulnerability to add arbitrary VIP accounts via the admin/admin_member.php?action=add&nav=add_web_user&admin_p_nav=user URI. | ||
| CVE-2019-6974 | Hig | 0.50 | 8.1 | 0.17 | Feb 15, 2019 | In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free. | ||
| CVE-2019-8343 | Hig | 0.51 | 7.8 | 0.01 | Feb 15, 2019 | In Netwide Assembler (NASM) 2.14.02, there is a use-after-free in paste_tokens in asm/preproc.c. | ||
| CVE-2018-6271 | Hig | 0.51 | 7.8 | 0.01 | Feb 13, 2019 | NVIDIA Tegra OpenMax driver (libnvomx) contains a vulnerability in which the software delivers extra data with the buffer and does not properly validated the extra data, which may lead to denial of service or escalation of privileges. Android ID: A-80198474. | ||
| CVE-2018-6268 | Hig | 0.51 | 7.8 | 0.01 | Feb 13, 2019 | NVIDIA Tegra library contains a vulnerability in libnvmmlite_video.so, where referencing memory after it has been freed may lead to denial of service or possible escalation of privileges. Android ID: A-80433161. |
- risk 0.57cvss 8.8epss 0.03
Inappropriate memory management when caching in PDFium in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file.
- risk 0.53cvss 8.1epss 0.02
Incorrect handling of negative zero in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page.
- risk 0.57cvss 8.8epss 0.03
In DedeCMS 5.7SP2, attackers can upload a .php file to the uploads/ directory (without being blocked by the Web Application Firewall), and then execute this file, via this sequence of steps: visiting the management page, clicking on the template, clicking on Default Template…
- risk 0.49cvss 7.5epss 0.01
The seadroid (aka Seafile Android Client) application through 2.2.13 for Android always uses the same Initialization Vector (IV) with Cipher Block Chaining (CBC) Mode to encrypt private data, making it easier to conduct chosen-plaintext attacks or dictionary attacks.
- risk 0.44cvss 7.8epss 0.01
In the Linux kernel through 4.20.11, af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr.
- risk 0.57cvss 8.8epss 0.01
An issue was discovered in WTCMS 1.0. It allows index.php?g=admin&m=setting&a=site_post CSRF.
- risk 0.49cvss 7.5epss 0.02
An issue was discovered in WTCMS 1.0. It allows remote attackers to cause a denial of service (resource consumption) via crafted dimensions for the verification code image.
- risk 0.57cvss 8.8epss 0.03
do_core_note in readelf.c in libmagic.a in file 5.35 allows remote attackers to cause a denial of service (stack corruption and application crash) or possibly have unspecified other impact.
- risk 0.57cvss 8.8epss 0.02
do_bid_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printf and file_vprintf.
- risk 0.51cvss 7.8epss 0.00
Improper folder permissions in Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable escalation of privilege via local access.
- risk 0.51cvss 7.8epss 0.00
Insufficient file permissions checking in install routine for Intel(R) Data Center Manager SDK before version 5.0.2 may allow authenticated user to potentially enable escalation of privilege via local access.
- risk 0.57cvss 8.8epss 0.01
Insufficient session authentication in web server for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
- risk 0.02cvss 7.5epss 0.72
index.js in Total.js Platform before 3.2.3 allows path traversal.
- risk 0.46cvss 7.0epss 0.01
The LHA.sys driver before 1.1.1811.2101 in LG Device Manager exposes functionality that allows low-privileged users to read and write arbitrary physical memory via specially crafted IOCTL requests and elevate system privileges. This occurs because the device object has an…
- risk 0.61cvss 8.1epss 0.72
mIRC before 7.55 allows remote command execution by using argument injection through custom URI protocol handlers. The attacker can specify an irc:// URI that loads an arbitrary .ini file from a UNC share pathname. Exploitation depends on browser-specific URI handling (Chrome is…
- risk 0.49cvss 7.5epss 0.01
JTBC(PHP) 3.0.1.8 allows Arbitrary File Upload via the console/#/console/file/manage.php?type=list URI, as demonstrated by a .php file.
- risk 0.47cvss 7.2epss 0.01
A SQL Injection vulnerability exists in PbootCMS v1.3.2 via the description parameter in apps\admin\controller\content\ContentController.php.
- risk 0.47cvss 7.2epss 0.01
upload/protected/modules/admini/views/post/index.php in BageCMS through 3.1.4 allows SQL Injection via the title or titleAlias parameter.
- risk 0.57cvss 8.8epss 0.01
SeaCMS 7.2 mishandles member.php?mod=repsw4 requests.
- risk 0.49cvss 7.5epss 0.01
global.encryptPassword in bootstrap/global.js in CMSWing 1.3.7 relies on multiple MD5 operations for password hashing.
- risk 0.57cvss 8.8epss 0.03
FeiFeiCms 4.0.181010 on Windows allows remote attackers to read or delete arbitrary files via index.php?s=Admin-Data-Down-id-..\ or index.php?s=Admin-Data-Del-id-..\ directory traversal.
- risk 0.49cvss 7.5epss 0.03
admin/dl_data.php in zzcms 2018 (2018-10-19) allows remote attackers to delete arbitrary files via action=del&filename=../ directory traversal.
- risk 0.04cvss 7.5epss 0.10
The GloBee plugin before 1.1.2 for WooCommerce mishandles IPN messages.
- risk 0.49cvss 7.5epss 0.02
An issue was discovered on D-Link DIR-823G devices with firmware 1.02B03. There is incorrect access control allowing remote attackers to enable Guest Wi-Fi via the SetWLanRadioSettings HNAP API to the web service provided by /bin/goahead.
- risk 0.48cvss 7.4epss 0.01
Amazon Fire OS before 5.3.6.4 allows a man-in-the-middle attack against HTTP requests for "Terms of Use" and Privacy pages.
- risk 0.53cvss 8.1epss 0.01
A file-read vulnerability was identified in the Wi-Fi transfer feature of Musicloud 1.6. By default, the application runs a transfer service on port 8080, accessible by everyone on the same Wi-Fi network. An attacker can send the POST parameters downfiles and cur-folder (with a…
- risk 0.51cvss 7.8epss 0.01
An issue was discovered in AdvanceCOMP through 2.1. An invalid memory address occurs in the function adv_png_unfilter_8 in lib/png.c. It can be triggered by sending a crafted file to a binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly…
- risk 0.57cvss 8.8epss 0.02
An issue was discovered in Bento4 1.5.1-628. A NULL pointer dereference occurs in the function AP4_List:Find located in Core/Ap4List.h when called from Core/Ap4Movie.cpp. It can be triggered by sending a crafted file to the mp4dump binary. It allows an attacker to cause a Denial…
- risk 0.51cvss 7.8epss 0.01
An issue was discovered in Tcpreplay 4.3.1. An invalid memory access occurs in do_checksum in checksum.c. It can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have…
- risk 0.57cvss 8.8epss 0.02
An issue was discovered in Bento4 1.5.1-628. A NULL pointer dereference occurs in AP4_Track::GetSampleIndexForTimeStampMs() located in Core/Ap4Track.cpp. It can triggered by sending a crafted file to the mp4audioclip binary. It allows an attacker to cause a Denial of Service…
- risk 0.44cvss 7.8epss 0.01
An issue was discovered in AdvanceCOMP through 2.1. A NULL pointer dereference exists in the function be_uint32_read() located in endianrw.h. It can be triggered by sending a crafted file to a binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or…
- risk 0.57cvss 8.8epss 0.02
An issue was discovered in Bento4 1.5.1-628. A heap-based buffer over-read exists in AP4_BitStream::ReadBytes() in Codecs/Ap4BitStream.cpp, a similar issue to CVE-2017-14645. It can be triggered by sending a crafted file to the aac2mp4 binary. It allows an attacker to cause a…
- risk 0.51cvss 7.8epss 0.01
An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_ipv6_l4proto() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service…
- risk 0.51cvss 7.8epss 0.01
An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_layer4_v6() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation…
- risk 0.49cvss 7.5epss 0.01
DedeCMS through V5.7SP2 allows arbitrary file upload in dede/album_edit.php or dede/album_add.php, as demonstrated by a dede/album_edit.php?dopost=save&formzip=1 request with a ZIP archive that contains a file such as "1.jpg.php" (because input validation only checks that .jpg,…
- risk 0.53cvss 8.1epss 0.01
In Hiawatha before 10.8.4, a remote attacker is able to do directory traversal if AllowDotFiles is enabled.
- risk 0.49cvss 7.5epss 0.02
Vulnerability in Easy2map-photos WordPress Plugin v1.09 MapPinImageUpload.php and MapPinIconSave.php allows path traversal when specifying file names creating files outside of the upload directory.
- risk 0.50cvss 8.8epss 0.03
Vulnerability in FileUtils v0.7, Ruby Gem Fileutils <= v0.7 Command Injection vulnerability in user supplied url variable that is passed to the shell.
- risk 0.46cvss 7.1epss 0.02
IBM InfoSphere Information Server 9.1, 11.3, 11.5, and 11.7 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID:…
- risk 0.55cvss 8.5epss 0.01
IBM InfoSphere Information Server 11.7 could allow an authenciated user under specialized conditions to inject commands into the installation process that would execute on the WebSphere Application Server. IBM X-Force ID: 145970.
- risk 0.57cvss 8.8epss 0.01
SAP Manufacturing Integration and Intelligence, versions 15.0, 15.1 and 15.2, (Illuminator Servlet) currently does not provide Anti-XSRF tokens. This might lead to XSRF attacks in case the data is being posted to the Servlet from an external application.
- risk 0.49cvss 7.5epss 0.02
Under certain conditions SAP HANA Extended Application Services, version 1.0, advanced model (XS advanced) writes credentials of platform users to a trace file of the SAP HANA system. Even though this trace file is protected from unauthorized access, the risk of leaking…
- risk 0.57cvss 8.8epss 0.01
SAP Disclosure Management, version 10.01, does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.
- risk 0.57cvss 8.8epss 0.01
Customizing functionality of SAP NetWeaver AS ABAP Platform (fixed in versions from 7.0 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.53, from 7.74 to 7.75) does not perform necessary authorization checks for an authenticated user, resulting in escalation of…
- risk 0.53cvss 8.1epss 0.02
SAP NetWeaver AS ABAP Platform, Krnl64nuc 7.74, krnl64UC 7.73, 7.74, Kernel 7.73, 7.74, 7.75, fails to validate type of installation for an ABAP Server system correctly. That behavior may lead to situation, where business user achieves access to the full SAP Menu, that is 'Easy…
- risk 0.57cvss 8.8epss 0.01
BEESCMS 4.0 has a CSRF vulnerability to add arbitrary VIP accounts via the admin/admin_member.php?action=add&nav=add_web_user&admin_p_nav=user URI.
- risk 0.50cvss 8.1epss 0.17
In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free.
- risk 0.51cvss 7.8epss 0.01
In Netwide Assembler (NASM) 2.14.02, there is a use-after-free in paste_tokens in asm/preproc.c.
- risk 0.51cvss 7.8epss 0.01
NVIDIA Tegra OpenMax driver (libnvomx) contains a vulnerability in which the software delivers extra data with the buffer and does not properly validated the extra data, which may lead to denial of service or escalation of privileges. Android ID: A-80198474.
- risk 0.51cvss 7.8epss 0.01
NVIDIA Tegra library contains a vulnerability in libnvmmlite_video.so, where referencing memory after it has been freed may lead to denial of service or possible escalation of privileges. Android ID: A-80433161.