| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-7722 | Hig | 0.53 | 8.1 | 0.01 | Feb 11, 2019 | PMD 5.8.1 and earlier processes XML external entities in ruleset files it parses as part of the analysis process, allowing attackers tampering it (either by direct modification or MITM attacks when using remote rulesets) to perform information disclosure, denial of service, or… | ||
| CVE-2019-6975 | Hig | 0.42 | 7.5 | 0.05 | Feb 11, 2019 | Django 1.11.x before 1.11.19, 2.0.x before 2.0.11, and 2.1.x before 2.1.6 allows Uncontrolled Memory Consumption via a malicious attacker-supplied value to the django.utils.numberformat.format() function. | ||
| CVE-2019-7721 | Hig | 0.49 | 7.5 | 0.01 | Feb 11, 2019 | lib/NCCms.class.php in nc-cms 3.5 allows upload of .php files via the index.php?action=save name and editordata parameters. | ||
| CVE-2019-7718 | Hig | 0.53 | 8.1 | 0.01 | Feb 11, 2019 | An issue was discovered in Metinfo 6.x. An attacker can leverage a race condition in the backend database backup function to execute arbitrary PHP code via admin/index.php?n=databack&c=index&a=dogetsql&tables=<?php and admin/databack/bakup_tables.php?2=file_put_contents URIs… | ||
| CVE-2018-20780 | Hig | 0.57 | 8.8 | 0.01 | Feb 11, 2019 | Traq 3.7.1 allows admin/users/new CSRF to create an admin account (aka group_id=1). | ||
| CVE-2018-20776 | Hig | 0.49 | 7.5 | 0.02 | Feb 11, 2019 | Frog CMS 0.9.5 provides a directory listing for a /public request. | ||
| CVE-2018-20775 | Hig | 0.47 | 7.2 | 0.02 | Feb 11, 2019 | admin/?/plugin/file_manager in Frog CMS 0.9.5 allows PHP code execution by creating a new .php file containing PHP code, and then visiting this file under the public/ URI. | ||
| CVE-2018-20773 | Hig | 0.47 | 7.2 | 0.02 | Feb 11, 2019 | Frog CMS 0.9.5 allows PHP code execution by visiting admin/?/page/edit/1 and inserting additional <?php lines. | ||
| CVE-2018-20772 | Hig | 0.47 | 7.2 | 0.02 | Feb 11, 2019 | Frog CMS 0.9.5 allows PHP code execution via <?php to the admin/?/layout/edit/1 URI. | ||
| CVE-2018-20769 | Hig | 0.49 | 7.5 | 0.01 | Feb 10, 2019 | An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is a Local File Inclusion vulnerability. | ||
| CVE-2018-20767 | Hig | 0.57 | 8.8 | 0.02 | Feb 10, 2019 | An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is authenticated remote command execution. | ||
| CVE-2019-7676 | Hig | 0.47 | 7.2 | 0.02 | Feb 9, 2019 | A weak password vulnerability was discovered in Enphase Envoy R3.*.*. One can login via TCP port 8888 with the admin password for the admin account. | ||
| CVE-2019-7675 | Hig | 0.49 | 7.5 | 0.01 | Feb 9, 2019 | An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. The default management application is delivered over cleartext HTTP with Basic Authentication, as demonstrated by the /admin/index.html URI. | ||
| CVE-2019-7673 | Hig | 0.49 | 7.5 | 0.01 | Feb 9, 2019 | An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. Administrator Credentials are stored in the 13-character DES hash format. | ||
| CVE-2019-7659 | Hig | 0.53 | 8.1 | 0.02 | Feb 9, 2019 | Genivia gSOAP 2.7.x and 2.8.x before 2.8.75 allows attackers to cause a denial of service (application abort) or possibly have unspecified other impact if a server application is built with the -DWITH_COOKIES flag. This affects the C/C++ libgsoapck/libgsoapck++ and… | ||
| CVE-2019-7651 | Hig | 0.49 | 7.5 | 0.05 | Feb 8, 2019 | EPP.sys in Emsisoft Anti-Malware prior to version 2018.12 allows an attacker to bypass ACLs because Interpreted Device Characteristics lacks FILE_DEVICE_SECURE_OPEN and therefore files and directories "inside" the \\.\EPP device are not properly protected, leading to unintended… | ||
| CVE-2019-7648 | Hig | 0.49 | 7.5 | 0.01 | Feb 8, 2019 | controller/fetchpwd.php and controller/doAction.php in Hotels_Server through 2018-11-05 rely on base64 in an attempt to protect password storage. | ||
| CVE-2018-18364 | Hig | 0.48 | 7.3 | 0.01 | Feb 8, 2019 | Symantec Ghost Solution Suite (GSS) versions prior to 3.3 RU1 may be susceptible to a DLL hijacking vulnerability, which is a type of issue whereby a potential attacker attempts to execute unexpected code on your machine. This occurs via placement of a potentially foreign file… | ||
| CVE-2019-7639 | Hig | 0.53 | 8.1 | 0.01 | Feb 8, 2019 | An issue was discovered in gsi-openssh-server 7.9p1 on Fedora 29. If PermitPAMUserChange is set to yes in the /etc/gsissh/sshd_config file, logins succeed with a valid username and an incorrect password, even though a failure entry is recorded in the /var/log/messages file. | ||
| CVE-2019-7638 | Hig | 0.57 | 8.8 | 0.03 | Feb 8, 2019 | SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Map1toN in video/SDL_pixels.c. | ||
| CVE-2019-7637 | Hig | 0.57 | 8.8 | 0.03 | Feb 8, 2019 | SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in SDL_FillRect in video/SDL_surface.c. | ||
| CVE-2019-7636 | Hig | 0.53 | 8.1 | 0.03 | Feb 8, 2019 | SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in SDL_GetRGB in video/SDL_pixels.c. | ||
| CVE-2019-7635 | Hig | 0.53 | 8.1 | 0.03 | Feb 8, 2019 | SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Blit1to4 in video/SDL_blit_1.c. | ||
| CVE-2019-7632 | Hig | 0.58 | 8.8 | 0.06 | Feb 8, 2019 | LifeSize Team, Room, Passport, and Networker 220 devices allow Authenticated Remote OS Command Injection, as demonstrated by shell metacharacters in the support/mtusize.php mtu_size parameter. The lifesize default password for the cli account may sometimes be used for… | ||
| CVE-2019-6242 | Hig | 0.47 | 7.2 | 0.01 | Feb 8, 2019 | Kentico v10.0.42 allows Global Administrators to read the cleartext SMTP Password by navigating to the SMTP configuration page. NOTE: the vendor considers this a best-practice violation but not a vulnerability. The vendor plans to fix it at a future time | ||
| CVE-2018-1340 | Hig | 0.49 | 7.5 | 0.02 | Feb 7, 2019 | Prior to 1.0.0, Apache Guacamole used a cookie for client-side storage of the user's session token. This cookie lacked the "secure" flag, which could allow an attacker eavesdropping on the network to intercept the user's session token if unencrypted HTTP requests are made to the… | ||
| CVE-2018-1296 | — | Hig | 0.49 | 7.5 | 0.03 | Feb 7, 2019 | In Apache Hadoop 3.0.0-alpha1 to 3.0.0, 2.9.0, 2.8.0 to 2.8.3, and 2.5.0 to 2.7.5, HDFS exposes extended attribute key/value pairs during listXAttrs, verifying only path-level search access to the directory rather than path-level read permission to the referent. | |
| CVE-2019-1675 | Hig | 0.49 | 7.5 | 0.03 | Feb 7, 2019 | A vulnerability in the default configuration of the Cisco Aironet Active Sensor could allow an unauthenticated, remote attacker to restart the sensor. The vulnerability is due to a default local account with a static password. The account has privileges only to reboot the… | ||
| CVE-2019-3704 | Hig | 0.51 | 7.8 | 0.01 | Feb 7, 2019 | VNX Control Station in Dell EMC VNX2 OE for File versions prior to 8.1.9.236 contains OS command injection vulnerability. Due to inadequate restriction configured in sudores, a local authenticated malicious user could potentially execute arbitrary OS commands as root by… | ||
| CVE-2019-7582 | Hig | 0.57 | 8.8 | 0.02 | Feb 7, 2019 | The readBytes function in util/read.c in libming through 0.4.8 allows remote attackers to have unspecified impact via a crafted swf file that triggers a memory allocation failure. | ||
| CVE-2019-7581 | Hig | 0.57 | 8.8 | 0.02 | Feb 7, 2019 | The parseSWF_ACTIONRECORD function in util/parser.c in libming through 0.4.8 allows remote attackers to have unspecified impact via a crafted swf file that triggers a memory allocation failure, a different vulnerability than CVE-2018-7876. | ||
| CVE-2019-7580 | Hig | 0.58 | 8.8 | 0.10 | Feb 7, 2019 | ThinkCMF 5.0.190111 allows remote attackers to execute arbitrary PHP code via the portal/admin_category/addpost.html alias parameter because the mishandling of a single quote character allows data/conf/route.php injection. | ||
| CVE-2019-7578 | Hig | 0.53 | 8.1 | 0.03 | Feb 7, 2019 | SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitIMA_ADPCM in audio/SDL_wave.c. | ||
| CVE-2019-7577 | Hig | 0.57 | 8.8 | 0.03 | Feb 7, 2019 | SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in SDL_LoadWAV_RW in audio/SDL_wave.c. | ||
| CVE-2019-7576 | Hig | 0.57 | 8.8 | 0.03 | Feb 7, 2019 | SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (outside the wNumCoef loop). | ||
| CVE-2019-7575 | Hig | 0.57 | 8.8 | 0.03 | Feb 7, 2019 | SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in MS_ADPCM_decode in audio/SDL_wave.c. | ||
| CVE-2019-7574 | Hig | 0.57 | 8.8 | 0.03 | Feb 7, 2019 | SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in IMA_ADPCM_decode in audio/SDL_wave.c. | ||
| CVE-2019-7573 | Hig | 0.57 | 8.8 | 0.03 | Feb 7, 2019 | SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (inside the wNumCoef loop). | ||
| CVE-2019-7572 | Hig | 0.57 | 8.8 | 0.03 | Feb 7, 2019 | SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c. | ||
| CVE-2019-7569 | Hig | 0.57 | 8.8 | 0.01 | Feb 7, 2019 | An issue was discovered in DOYO (aka doyocms) 2.3(20140425 update). There is a CSRF vulnerability that can add a super administrator account via admin.php?c=a_adminuser&a=add&run=1. | ||
| CVE-2019-7566 | Hig | 0.57 | 8.8 | 0.01 | Feb 7, 2019 | CSZ CMS 1.1.8 has CSRF via admin/users/new/add. | ||
| CVE-2018-7817 | Hig | 0.51 | 7.8 | 0.03 | Feb 6, 2019 | A Use After Free (CWE-416) vulnerability exists in Zelio Soft 2 v5.1 and prior versions which could cause remote code execution when opening a specially crafted Zelio Soft project file. | ||
| CVE-2018-7815 | Hig | 0.51 | 7.8 | 0.01 | Feb 6, 2019 | A Type Confusion (CWE-843) vulnerability exists in Eurotherm by Schneider Electric GUIcon V2.0 (Gold Build 683.0) on c3core.dll which could cause remote code to be executed when parsing a GD1 file | ||
| CVE-2018-7814 | Hig | 0.51 | 7.8 | 0.01 | Feb 6, 2019 | A Stack-based Buffer Overflow (CWE-121) vulnerability exists in Eurotherm by Schneider Electric GUIcon V2.0 (Gold Build 683.0) which could cause remote code to be executed when parsing a GD1 file | ||
| CVE-2018-7813 | Hig | 0.51 | 7.8 | 0.01 | Feb 6, 2019 | A Type Confusion (CWE-843) vulnerability exists in Eurotherm by Schneider Electric GUIcon V2.0 (Gold Build 683.0) on pcwin.dll which could cause remote code to be executed when parsing a GD1 file | ||
| CVE-2018-20763 | Hig | 0.00 | 7.8 | 0.01 | Feb 6, 2019 | In GPAC 0.7.1 and earlier, gf_text_get_utf8_line in media_tools/text_import.c in libgpac_static.a allows an out-of-bounds write because of missing szLineConv bounds checking. | ||
| CVE-2018-20762 | Hig | 0.00 | 7.8 | 0.01 | Feb 6, 2019 | GPAC version 0.7.1 and earlier has a buffer overflow vulnerability in the cat_multiple_files function in applications/mp4box/fileimport.c when MP4Box is used for a local directory containing crafted filenames. | ||
| CVE-2018-20761 | Hig | 0.00 | 7.8 | 0.01 | Feb 6, 2019 | GPAC version 0.7.1 and earlier has a Buffer Overflow vulnerability in the gf_sm_load_init function in scene_manager.c in libgpac_static.a. | ||
| CVE-2018-20760 | Hig | 0.00 | 7.8 | 0.01 | Feb 6, 2019 | In GPAC 0.7.1 and earlier, gf_text_get_utf8_line in media_tools/text_import.c in libgpac_static.a allows an out-of-bounds write because a certain -1 return value is mishandled. | ||
| CVE-2019-7548 | Hig | 0.51 | 7.8 | 0.02 | Feb 6, 2019 | SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be controlled. |
- risk 0.53cvss 8.1epss 0.01
PMD 5.8.1 and earlier processes XML external entities in ruleset files it parses as part of the analysis process, allowing attackers tampering it (either by direct modification or MITM attacks when using remote rulesets) to perform information disclosure, denial of service, or…
- risk 0.42cvss 7.5epss 0.05
Django 1.11.x before 1.11.19, 2.0.x before 2.0.11, and 2.1.x before 2.1.6 allows Uncontrolled Memory Consumption via a malicious attacker-supplied value to the django.utils.numberformat.format() function.
- risk 0.49cvss 7.5epss 0.01
lib/NCCms.class.php in nc-cms 3.5 allows upload of .php files via the index.php?action=save name and editordata parameters.
- risk 0.53cvss 8.1epss 0.01
An issue was discovered in Metinfo 6.x. An attacker can leverage a race condition in the backend database backup function to execute arbitrary PHP code via admin/index.php?n=databack&c=index&a=dogetsql&tables=<?php and admin/databack/bakup_tables.php?2=file_put_contents URIs…
- risk 0.57cvss 8.8epss 0.01
Traq 3.7.1 allows admin/users/new CSRF to create an admin account (aka group_id=1).
- risk 0.49cvss 7.5epss 0.02
Frog CMS 0.9.5 provides a directory listing for a /public request.
- risk 0.47cvss 7.2epss 0.02
admin/?/plugin/file_manager in Frog CMS 0.9.5 allows PHP code execution by creating a new .php file containing PHP code, and then visiting this file under the public/ URI.
- risk 0.47cvss 7.2epss 0.02
Frog CMS 0.9.5 allows PHP code execution by visiting admin/?/page/edit/1 and inserting additional <?php lines.
- risk 0.47cvss 7.2epss 0.02
Frog CMS 0.9.5 allows PHP code execution via <?php to the admin/?/layout/edit/1 URI.
- risk 0.49cvss 7.5epss 0.01
An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is a Local File Inclusion vulnerability.
- risk 0.57cvss 8.8epss 0.02
An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is authenticated remote command execution.
- risk 0.47cvss 7.2epss 0.02
A weak password vulnerability was discovered in Enphase Envoy R3.*.*. One can login via TCP port 8888 with the admin password for the admin account.
- risk 0.49cvss 7.5epss 0.01
An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. The default management application is delivered over cleartext HTTP with Basic Authentication, as demonstrated by the /admin/index.html URI.
- risk 0.49cvss 7.5epss 0.01
An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. Administrator Credentials are stored in the 13-character DES hash format.
- risk 0.53cvss 8.1epss 0.02
Genivia gSOAP 2.7.x and 2.8.x before 2.8.75 allows attackers to cause a denial of service (application abort) or possibly have unspecified other impact if a server application is built with the -DWITH_COOKIES flag. This affects the C/C++ libgsoapck/libgsoapck++ and…
- risk 0.49cvss 7.5epss 0.05
EPP.sys in Emsisoft Anti-Malware prior to version 2018.12 allows an attacker to bypass ACLs because Interpreted Device Characteristics lacks FILE_DEVICE_SECURE_OPEN and therefore files and directories "inside" the \\.\EPP device are not properly protected, leading to unintended…
- risk 0.49cvss 7.5epss 0.01
controller/fetchpwd.php and controller/doAction.php in Hotels_Server through 2018-11-05 rely on base64 in an attempt to protect password storage.
- risk 0.48cvss 7.3epss 0.01
Symantec Ghost Solution Suite (GSS) versions prior to 3.3 RU1 may be susceptible to a DLL hijacking vulnerability, which is a type of issue whereby a potential attacker attempts to execute unexpected code on your machine. This occurs via placement of a potentially foreign file…
- risk 0.53cvss 8.1epss 0.01
An issue was discovered in gsi-openssh-server 7.9p1 on Fedora 29. If PermitPAMUserChange is set to yes in the /etc/gsissh/sshd_config file, logins succeed with a valid username and an incorrect password, even though a failure entry is recorded in the /var/log/messages file.
- risk 0.57cvss 8.8epss 0.03
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Map1toN in video/SDL_pixels.c.
- risk 0.57cvss 8.8epss 0.03
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in SDL_FillRect in video/SDL_surface.c.
- risk 0.53cvss 8.1epss 0.03
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in SDL_GetRGB in video/SDL_pixels.c.
- risk 0.53cvss 8.1epss 0.03
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Blit1to4 in video/SDL_blit_1.c.
- risk 0.58cvss 8.8epss 0.06
LifeSize Team, Room, Passport, and Networker 220 devices allow Authenticated Remote OS Command Injection, as demonstrated by shell metacharacters in the support/mtusize.php mtu_size parameter. The lifesize default password for the cli account may sometimes be used for…
- risk 0.47cvss 7.2epss 0.01
Kentico v10.0.42 allows Global Administrators to read the cleartext SMTP Password by navigating to the SMTP configuration page. NOTE: the vendor considers this a best-practice violation but not a vulnerability. The vendor plans to fix it at a future time
- risk 0.49cvss 7.5epss 0.02
Prior to 1.0.0, Apache Guacamole used a cookie for client-side storage of the user's session token. This cookie lacked the "secure" flag, which could allow an attacker eavesdropping on the network to intercept the user's session token if unencrypted HTTP requests are made to the…
- risk 0.49cvss 7.5epss 0.03
In Apache Hadoop 3.0.0-alpha1 to 3.0.0, 2.9.0, 2.8.0 to 2.8.3, and 2.5.0 to 2.7.5, HDFS exposes extended attribute key/value pairs during listXAttrs, verifying only path-level search access to the directory rather than path-level read permission to the referent.
- risk 0.49cvss 7.5epss 0.03
A vulnerability in the default configuration of the Cisco Aironet Active Sensor could allow an unauthenticated, remote attacker to restart the sensor. The vulnerability is due to a default local account with a static password. The account has privileges only to reboot the…
- risk 0.51cvss 7.8epss 0.01
VNX Control Station in Dell EMC VNX2 OE for File versions prior to 8.1.9.236 contains OS command injection vulnerability. Due to inadequate restriction configured in sudores, a local authenticated malicious user could potentially execute arbitrary OS commands as root by…
- risk 0.57cvss 8.8epss 0.02
The readBytes function in util/read.c in libming through 0.4.8 allows remote attackers to have unspecified impact via a crafted swf file that triggers a memory allocation failure.
- risk 0.57cvss 8.8epss 0.02
The parseSWF_ACTIONRECORD function in util/parser.c in libming through 0.4.8 allows remote attackers to have unspecified impact via a crafted swf file that triggers a memory allocation failure, a different vulnerability than CVE-2018-7876.
- risk 0.58cvss 8.8epss 0.10
ThinkCMF 5.0.190111 allows remote attackers to execute arbitrary PHP code via the portal/admin_category/addpost.html alias parameter because the mishandling of a single quote character allows data/conf/route.php injection.
- risk 0.53cvss 8.1epss 0.03
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitIMA_ADPCM in audio/SDL_wave.c.
- risk 0.57cvss 8.8epss 0.03
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in SDL_LoadWAV_RW in audio/SDL_wave.c.
- risk 0.57cvss 8.8epss 0.03
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (outside the wNumCoef loop).
- risk 0.57cvss 8.8epss 0.03
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in MS_ADPCM_decode in audio/SDL_wave.c.
- risk 0.57cvss 8.8epss 0.03
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in IMA_ADPCM_decode in audio/SDL_wave.c.
- risk 0.57cvss 8.8epss 0.03
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (inside the wNumCoef loop).
- risk 0.57cvss 8.8epss 0.03
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c.
- risk 0.57cvss 8.8epss 0.01
An issue was discovered in DOYO (aka doyocms) 2.3(20140425 update). There is a CSRF vulnerability that can add a super administrator account via admin.php?c=a_adminuser&a=add&run=1.
- risk 0.57cvss 8.8epss 0.01
CSZ CMS 1.1.8 has CSRF via admin/users/new/add.
- risk 0.51cvss 7.8epss 0.03
A Use After Free (CWE-416) vulnerability exists in Zelio Soft 2 v5.1 and prior versions which could cause remote code execution when opening a specially crafted Zelio Soft project file.
- risk 0.51cvss 7.8epss 0.01
A Type Confusion (CWE-843) vulnerability exists in Eurotherm by Schneider Electric GUIcon V2.0 (Gold Build 683.0) on c3core.dll which could cause remote code to be executed when parsing a GD1 file
- risk 0.51cvss 7.8epss 0.01
A Stack-based Buffer Overflow (CWE-121) vulnerability exists in Eurotherm by Schneider Electric GUIcon V2.0 (Gold Build 683.0) which could cause remote code to be executed when parsing a GD1 file
- risk 0.51cvss 7.8epss 0.01
A Type Confusion (CWE-843) vulnerability exists in Eurotherm by Schneider Electric GUIcon V2.0 (Gold Build 683.0) on pcwin.dll which could cause remote code to be executed when parsing a GD1 file
- risk 0.00cvss 7.8epss 0.01
In GPAC 0.7.1 and earlier, gf_text_get_utf8_line in media_tools/text_import.c in libgpac_static.a allows an out-of-bounds write because of missing szLineConv bounds checking.
- risk 0.00cvss 7.8epss 0.01
GPAC version 0.7.1 and earlier has a buffer overflow vulnerability in the cat_multiple_files function in applications/mp4box/fileimport.c when MP4Box is used for a local directory containing crafted filenames.
- risk 0.00cvss 7.8epss 0.01
GPAC version 0.7.1 and earlier has a Buffer Overflow vulnerability in the gf_sm_load_init function in scene_manager.c in libgpac_static.a.
- risk 0.00cvss 7.8epss 0.01
In GPAC 0.7.1 and earlier, gf_text_get_utf8_line in media_tools/text_import.c in libgpac_static.a allows an out-of-bounds write because a certain -1 return value is mishandled.
- risk 0.51cvss 7.8epss 0.02
SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be controlled.