| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-3980 | Hig | 0.51 | 7.8 | 0.01 | Feb 6, 2019 | An exploitable out-of-bounds write exists in the TIFF-parsing functionality of Canvas Draw version 5.0.0. A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger… | ||
| CVE-2018-3976 | Hig | 0.51 | 7.8 | 0.02 | Feb 6, 2019 | An exploitable out-of-bounds write exists in the CALS Raster file format-parsing functionality of Canvas Draw version 5.0.0.28. A specially crafted CAL image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a… | ||
| CVE-2018-3973 | Hig | 0.51 | 7.8 | 0.02 | Feb 6, 2019 | An exploitable out of bounds write exists in the CAL parsing functionality of Canvas Draw version 5.0.0. A specially crafted CAL image processed via the application can lead to an out of bounds write overwriting arbitrary data. An attacker can deliver a PCX image to trigger this… | ||
| CVE-2018-16890 | Hig | 0.49 | 7.5 | 0.05 | Feb 6, 2019 | libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages (`lib/vauth/ntlm.c:ntlm_decode_type2_target`) does not validate incoming data correctly and is subject to an integer overflow… | ||
| CVE-2019-1003016 | Hig | 0.57 | 8.8 | 0.01 | Feb 6, 2019 | An exposure of sensitive information vulnerability exists in Jenkins Job Import Plugin 2.1 and earlier in src/main/java/org/jenkins/ci/plugins/jobimport/JobImportAction.java, src/main/java/org/jenkins/ci/plugins/jobimport/JobImportGlobalConfig.java,… | ||
| CVE-2019-1003011 | Hig | 0.46 | 8.1 | 0.02 | Feb 6, 2019 | An information exposure and denial of service vulnerability exists in Jenkins Token Macro Plugin 2.5 and earlier in src/main/java/org/jenkinsci/plugins/tokenmacro/Parser.java, src/main/java/org/jenkinsci/plugins/tokenmacro/TokenMacro.java, src/main/java/org/jenkinsci/plugins/toke… | ||
| CVE-2019-1003009 | Hig | 0.41 | 7.4 | 0.01 | Feb 6, 2019 | An improper certificate validation vulnerability exists in Jenkins Active Directory Plugin 2.10 and earlier in src/main/java/hudson/plugins/active_directory/ActiveDirectoryDomain.java, src/main/java/hudson/plugins/active_directory/ActiveDirectorySecurityRealm.java,… | ||
| CVE-2019-1003008 | Hig | 0.57 | 8.8 | 0.01 | Feb 6, 2019 | A cross-site request forgery vulnerability exists in Jenkins Warnings Next Generation Plugin 2.1.1 and earlier in src/main/java/io/jenkins/plugins/analysis/warnings/groovy/GroovyParser.java that allows attackers to execute arbitrary code via a form validation HTTP endpoint. | ||
| CVE-2019-1003007 | Hig | 0.00 | 8.8 | 0.01 | Feb 6, 2019 | A cross-site request forgery vulnerability exists in Jenkins Warnings Plugin 5.0.0 and earlier in src/main/java/hudson/plugins/warnings/GroovyParser.java that allows attackers to execute arbitrary code via a form validation HTTP endpoint. | ||
| CVE-2019-1003006 | Hig | 0.50 | 8.8 | 0.02 | Feb 6, 2019 | A sandbox bypass vulnerability exists in Jenkins Groovy Plugin 2.0 and earlier in src/main/java/hudson/plugins/groovy/StringScriptSource.java that allows attackers with Overall/Read permission to provide a Groovy script to an HTTP endpoint that can result in arbitrary code… | ||
| CVE-2019-1003005 | Hig | 0.55 | 8.8 | 0.19 | Feb 6, 2019 | A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.50 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript.java that allows attackers with Overall/Read permission to provide a Groovy script to an HTTP endpoint… | ||
| CVE-2018-18334 | Hig | 0.49 | 7.5 | 0.03 | Feb 5, 2019 | A vulnerability in the Private Browser of Trend Micro Dr. Safety for Android (Consumer) versions below 3.0.1478 could allow an remote attacker to bypass the Same Origin Policy (SOP) and obtain sensitive information via crafted JavaScript code on vulnerable installations. | ||
| CVE-2018-18333 | Hig | 0.51 | 7.8 | 0.02 | Feb 5, 2019 | A DLL hijacking vulnerability in Trend Micro Security 2019 (Consumer) versions below 15.0.0.1163 and below could allow an attacker to manipulate a specific DLL and escalate privileges on vulnerable installations. | ||
| CVE-2019-6521 | Hig | 0.56 | 8.6 | 0.02 | Feb 5, 2019 | WebAccess/SCADA, Version 8.3. Specially crafted requests could allow a possible authentication bypass that could allow an attacker to obtain and manipulate sensitive information. | ||
| CVE-2018-18503 | Hig | 0.57 | 8.8 | 0.01 | Feb 5, 2019 | When JavaScript is used to create and manipulate an audio buffer, a potentially exploitable crash may occur because of a compartment mismatch in some situations. This vulnerability affects Firefox < 65. | ||
| CVE-2018-8799 | Hig | 0.00 | 7.5 | 0.04 | Feb 5, 2019 | rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function process_secondary_order() that results in a Denial of Service (segfault). | ||
| CVE-2018-8798 | Hig | 0.00 | 7.5 | 0.04 | Feb 5, 2019 | rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function rdpsnd_process_ping() that results in an information leak. | ||
| CVE-2018-8796 | Hig | 0.00 | 7.5 | 0.04 | Feb 5, 2019 | rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function process_bitmap_updates() that results in a Denial of Service (segfault). | ||
| CVE-2018-8792 | Hig | 0.00 | 7.5 | 0.04 | Feb 5, 2019 | rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function cssp_read_tsrequest() that results in a Denial of Service (segfault). | ||
| CVE-2018-8791 | Hig | 0.00 | 7.5 | 0.04 | Feb 5, 2019 | rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function rdpdr_process() that results in an information leak. | ||
| CVE-2018-20252 | Hig | 0.51 | 7.8 | 0.04 | Feb 5, 2019 | In WinRAR versions prior to and including 5.60, there is an out-of-bounds write vulnerability during parsing of crafted ACE and RAR archive formats. Successful exploitation could lead to arbitrary code execution in the context of the current user. | ||
| CVE-2018-20250 | Hig | 0.79 | 7.8 | 0.96 | KEV | Feb 5, 2019 | In WinRAR versions prior to and including 5.61, There is path traversal vulnerability when crafting the filename field of the ACE format (in UNACEV2.dll). When the filename field is manipulated with specific patterns, the destination (extraction) folder is ignored, thus treating… | |
| CVE-2019-6535 | Hig | 0.49 | 7.5 | 0.04 | Feb 5, 2019 | Mitsubishi Electric Q03/04/06/13/26UDVCPU: serial number 20081 and prior, Q04/06/13/26UDPVCPU: serial number 20081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 20101 and prior. A remote attacker can send specific bytes over Port 5007 that will result… | ||
| CVE-2018-19029 | Hig | 0.51 | 7.8 | 0.03 | Feb 5, 2019 | LCDS Laquis SCADA prior to version 4.1.0.4150 allows an attacker using a specially crafted project file to supply a pointer for a controlled memory address, which may allow remote code execution, data exfiltration, or cause a system crash. | ||
| CVE-2018-19002 | Hig | 0.51 | 7.8 | 0.03 | Feb 5, 2019 | LCDS Laquis SCADA prior to version 4.1.0.4150 allows improper control of generation of code when opening a specially crafted project file, which may allow remote code execution, data exfiltration, or cause a system crash. | ||
| CVE-2018-18992 | Hig | 0.57 | 8.8 | 0.02 | Feb 5, 2019 | LCDS Laquis SCADA prior to version 4.1.0.4150 allows taking in user input without proper sanitation, which may allow an attacker to execute remote code on the server. | ||
| CVE-2018-18986 | Hig | 0.51 | 7.8 | 0.03 | Feb 5, 2019 | LCDS Laquis SCADA prior to version 4.1.0.4150 allows the opening of a specially crafted report format file that may cause an out of bounds read, which may cause a system crash, allow data exfiltration, or remote code execution. | ||
| CVE-2019-3818 | Hig | 0.49 | 7.5 | 0.01 | Feb 5, 2019 | The kube-rbac-proxy container before version 0.4.1 as used in Red Hat OpenShift Container Platform does not honor TLS configurations, allowing for use of insecure ciphers and TLS 1.0. An attacker could target traffic sent over a TLS connection with a weak configuration and… | ||
| CVE-2018-11803 | Hig | 0.53 | 7.5 | 0.58 | Feb 5, 2019 | Subversion's mod_dav_svn Apache HTTPD module versions 1.11.0 and 1.10.0 to 1.10.3 will crash after dereferencing an uninitialized pointer if the client omits the root path in a recursive directory listing operation. | ||
| CVE-2018-15658 | Hig | 0.49 | 7.5 | 0.02 | Feb 5, 2019 | An issue was discovered in 42Gears SureMDM before 2018-11-27. By visiting the page found at /console/ConsolePage/Master.html, an attacker is able to see the markup that would be presented to an authenticated user. This is caused by the session validation occurring after the… | ||
| CVE-2018-15657 | Hig | 0.51 | 7.3 | 0.02 | Feb 5, 2019 | An SSRF issue was discovered in 42Gears SureMDM before 2018-11-27 via the /api/DownloadUrlResponse.ashx "url" parameter. | ||
| CVE-2018-15656 | Hig | 0.49 | 7.5 | 0.02 | Feb 5, 2019 | An issue was discovered in the registration API endpoint in 42Gears SureMDM before 2018-11-27. An attacker can submit a GET request to /api/register/:email, where :email is a base64 encoded e-mail address, to receive confirmation as to whether a user account exists in the system… | ||
| CVE-2019-7398 | Hig | 0.42 | 7.5 | 0.04 | Feb 5, 2019 | In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c. | ||
| CVE-2019-7397 | Hig | 0.42 | 7.5 | 0.04 | Feb 5, 2019 | In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c. | ||
| CVE-2019-7396 | Hig | 0.42 | 7.5 | 0.03 | Feb 5, 2019 | In ImageMagick before 7.0.8-25, a memory leak exists in ReadSIXELImage in coders/sixel.c. | ||
| CVE-2019-7395 | Hig | 0.42 | 7.5 | 0.03 | Feb 5, 2019 | In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c. | ||
| CVE-2019-7390 | Hig | 0.56 | 8.6 | 0.02 | Feb 5, 2019 | An issue was discovered in /bin/goahead on D-Link DIR-823G devices with firmware 1.02B03. There is incorrect access control allowing remote attackers to hijack the DNS service configuration of all clients in the WLAN, without authentication, via the SetWanSettings HNAP API. | ||
| CVE-2019-7389 | Hig | 0.49 | 7.5 | 0.03 | Feb 5, 2019 | An issue was discovered in /bin/goahead on D-Link DIR-823G devices with the firmware 1.02B03. There is incorrect access control allowing remote attackers to reset the router without authentication via the SetFactoryDefault HNAP API. Consequently, an attacker can achieve a… | ||
| CVE-2019-7388 | Hig | 0.49 | 7.5 | 0.03 | Feb 5, 2019 | An issue was discovered in /bin/goahead on D-Link DIR-823G devices with firmware 1.02B03. There is incorrect access control allowing remote attackers to get sensitive information (such as MAC address) about all clients in the WLAN via the GetClientInfo HNAP API. Consequently, an… | ||
| CVE-2018-15778 | Hig | 0.57 | 8.8 | 0.00 | Feb 4, 2019 | Dell OS10 versions prior to 10.4.2.1 contain a vulnerability caused by lack of proper input validation on the command-line interface (CLI). | ||
| CVE-2019-1000022 | Hig | 0.57 | 8.8 | 0.01 | Feb 4, 2019 | Taoensso Sente version Prior to version 1.14.0 contains a Cross Site Request Forgery (CSRF) vulnerability in WebSocket handshake endpoint that can result in CSRF attack, possible leak of anti-CSRF token. This attack appears to be exploitable via malicious request against… | ||
| CVE-2019-1000021 | Hig | 0.42 | 7.5 | 0.02 | Feb 4, 2019 | slixmpp version before commit 7cd73b594e8122dddf847953fcfc85ab4d316416 contains an incorrect Access Control vulnerability in XEP-0223 plugin (Persistent Storage of Private Data via PubSub) options profile, used for the configuration of default access model that can result in all… | ||
| CVE-2019-1000018 | Hig | 0.51 | 7.8 | 0.02 | Feb 4, 2019 | rssh version 2.3.4 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in allowscp permission that can result in Local command execution. This attack appear to be exploitable via An authorized SSH user with the… | ||
| CVE-2019-1000014 | Hig | 0.00 | 8.8 | 0.02 | Feb 4, 2019 | Erlang/OTP Rebar3 version 3.7.0 through 3.7.5 contains a Signing oracle vulnerability in Package registry verification that can result in Package modifications not detected, allowing code execution. This attack appears to be exploitable via Victim fetches packages from… | ||
| CVE-2019-1000013 | Hig | 0.00 | 8.8 | 0.01 | Feb 4, 2019 | Hex package manager hex_core version 0.3.0 and earlier contains a Signing oracle vulnerability in Package registry verification that can result in Package modifications not detected, allowing code execution. This attack appears to be exploitable via victim fetches packages from… | ||
| CVE-2019-1000012 | Hig | 0.00 | 8.8 | 0.01 | Feb 4, 2019 | Hex package manager version 0.14.0 through 0.18.2 contains a Signing oracle vulnerability in Package registry verification that can result in Package modifications not detected, allowing code execution. This attack appears to be exploitable via victim fetches packages from… | ||
| CVE-2019-1000007 | Hig | 0.41 | 7.4 | 0.01 | Feb 4, 2019 | aioxmpp version 0.10.2 and earlier contains a Improper Handling of Structural Elements vulnerability in Stanza Parser, rollback during error processing, aioxmpp.xso.model.guard function that can result in Denial of Service, Other. This attack appears to be exploitable via… | ||
| CVE-2019-1000005 | Hig | 0.57 | 8.8 | 0.02 | Feb 4, 2019 | mPDF version 7.1.7 and earlier contains a CWE-502: Deserialization of Untrusted Data vulnerability in getImage() method of Image/ImageProcessor class that can result in Arbitry code execution, file write, etc.. This attack appears to be exploitable via attacker must host crafted… | ||
| CVE-2019-1000003 | Hig | 0.57 | 8.8 | 0.01 | Feb 4, 2019 | MapSVG MapSVG Lite version 3.2.3 contains a Cross Site Request Forgery (CSRF) vulnerability in REST endpoint /wp-admin/admin-ajax.php?action=mapsvg_save that can result in an attacker can modify post data, including embedding javascript. This attack appears to be exploitable via… | ||
| CVE-2018-1970 | Hig | 0.46 | 7.1 | 0.02 | Feb 4, 2019 | IBM Security Identity Manager 7.0.1 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 153751. |
- risk 0.51cvss 7.8epss 0.01
An exploitable out-of-bounds write exists in the TIFF-parsing functionality of Canvas Draw version 5.0.0. A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger…
- risk 0.51cvss 7.8epss 0.02
An exploitable out-of-bounds write exists in the CALS Raster file format-parsing functionality of Canvas Draw version 5.0.0.28. A specially crafted CAL image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a…
- risk 0.51cvss 7.8epss 0.02
An exploitable out of bounds write exists in the CAL parsing functionality of Canvas Draw version 5.0.0. A specially crafted CAL image processed via the application can lead to an out of bounds write overwriting arbitrary data. An attacker can deliver a PCX image to trigger this…
- risk 0.49cvss 7.5epss 0.05
libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages (`lib/vauth/ntlm.c:ntlm_decode_type2_target`) does not validate incoming data correctly and is subject to an integer overflow…
- risk 0.57cvss 8.8epss 0.01
An exposure of sensitive information vulnerability exists in Jenkins Job Import Plugin 2.1 and earlier in src/main/java/org/jenkins/ci/plugins/jobimport/JobImportAction.java, src/main/java/org/jenkins/ci/plugins/jobimport/JobImportGlobalConfig.java,…
- risk 0.46cvss 8.1epss 0.02
An information exposure and denial of service vulnerability exists in Jenkins Token Macro Plugin 2.5 and earlier in src/main/java/org/jenkinsci/plugins/tokenmacro/Parser.java, src/main/java/org/jenkinsci/plugins/tokenmacro/TokenMacro.java, src/main/java/org/jenkinsci/plugins/toke…
- risk 0.41cvss 7.4epss 0.01
An improper certificate validation vulnerability exists in Jenkins Active Directory Plugin 2.10 and earlier in src/main/java/hudson/plugins/active_directory/ActiveDirectoryDomain.java, src/main/java/hudson/plugins/active_directory/ActiveDirectorySecurityRealm.java,…
- risk 0.57cvss 8.8epss 0.01
A cross-site request forgery vulnerability exists in Jenkins Warnings Next Generation Plugin 2.1.1 and earlier in src/main/java/io/jenkins/plugins/analysis/warnings/groovy/GroovyParser.java that allows attackers to execute arbitrary code via a form validation HTTP endpoint.
- risk 0.00cvss 8.8epss 0.01
A cross-site request forgery vulnerability exists in Jenkins Warnings Plugin 5.0.0 and earlier in src/main/java/hudson/plugins/warnings/GroovyParser.java that allows attackers to execute arbitrary code via a form validation HTTP endpoint.
- risk 0.50cvss 8.8epss 0.02
A sandbox bypass vulnerability exists in Jenkins Groovy Plugin 2.0 and earlier in src/main/java/hudson/plugins/groovy/StringScriptSource.java that allows attackers with Overall/Read permission to provide a Groovy script to an HTTP endpoint that can result in arbitrary code…
- risk 0.55cvss 8.8epss 0.19
A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.50 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript.java that allows attackers with Overall/Read permission to provide a Groovy script to an HTTP endpoint…
- risk 0.49cvss 7.5epss 0.03
A vulnerability in the Private Browser of Trend Micro Dr. Safety for Android (Consumer) versions below 3.0.1478 could allow an remote attacker to bypass the Same Origin Policy (SOP) and obtain sensitive information via crafted JavaScript code on vulnerable installations.
- risk 0.51cvss 7.8epss 0.02
A DLL hijacking vulnerability in Trend Micro Security 2019 (Consumer) versions below 15.0.0.1163 and below could allow an attacker to manipulate a specific DLL and escalate privileges on vulnerable installations.
- risk 0.56cvss 8.6epss 0.02
WebAccess/SCADA, Version 8.3. Specially crafted requests could allow a possible authentication bypass that could allow an attacker to obtain and manipulate sensitive information.
- risk 0.57cvss 8.8epss 0.01
When JavaScript is used to create and manipulate an audio buffer, a potentially exploitable crash may occur because of a compartment mismatch in some situations. This vulnerability affects Firefox < 65.
- risk 0.00cvss 7.5epss 0.04
rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function process_secondary_order() that results in a Denial of Service (segfault).
- risk 0.00cvss 7.5epss 0.04
rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function rdpsnd_process_ping() that results in an information leak.
- risk 0.00cvss 7.5epss 0.04
rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function process_bitmap_updates() that results in a Denial of Service (segfault).
- risk 0.00cvss 7.5epss 0.04
rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function cssp_read_tsrequest() that results in a Denial of Service (segfault).
- risk 0.00cvss 7.5epss 0.04
rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function rdpdr_process() that results in an information leak.
- risk 0.51cvss 7.8epss 0.04
In WinRAR versions prior to and including 5.60, there is an out-of-bounds write vulnerability during parsing of crafted ACE and RAR archive formats. Successful exploitation could lead to arbitrary code execution in the context of the current user.
- risk 0.79cvss 7.8epss 0.96
In WinRAR versions prior to and including 5.61, There is path traversal vulnerability when crafting the filename field of the ACE format (in UNACEV2.dll). When the filename field is manipulated with specific patterns, the destination (extraction) folder is ignored, thus treating…
- risk 0.49cvss 7.5epss 0.04
Mitsubishi Electric Q03/04/06/13/26UDVCPU: serial number 20081 and prior, Q04/06/13/26UDPVCPU: serial number 20081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 20101 and prior. A remote attacker can send specific bytes over Port 5007 that will result…
- risk 0.51cvss 7.8epss 0.03
LCDS Laquis SCADA prior to version 4.1.0.4150 allows an attacker using a specially crafted project file to supply a pointer for a controlled memory address, which may allow remote code execution, data exfiltration, or cause a system crash.
- risk 0.51cvss 7.8epss 0.03
LCDS Laquis SCADA prior to version 4.1.0.4150 allows improper control of generation of code when opening a specially crafted project file, which may allow remote code execution, data exfiltration, or cause a system crash.
- risk 0.57cvss 8.8epss 0.02
LCDS Laquis SCADA prior to version 4.1.0.4150 allows taking in user input without proper sanitation, which may allow an attacker to execute remote code on the server.
- risk 0.51cvss 7.8epss 0.03
LCDS Laquis SCADA prior to version 4.1.0.4150 allows the opening of a specially crafted report format file that may cause an out of bounds read, which may cause a system crash, allow data exfiltration, or remote code execution.
- risk 0.49cvss 7.5epss 0.01
The kube-rbac-proxy container before version 0.4.1 as used in Red Hat OpenShift Container Platform does not honor TLS configurations, allowing for use of insecure ciphers and TLS 1.0. An attacker could target traffic sent over a TLS connection with a weak configuration and…
- risk 0.53cvss 7.5epss 0.58
Subversion's mod_dav_svn Apache HTTPD module versions 1.11.0 and 1.10.0 to 1.10.3 will crash after dereferencing an uninitialized pointer if the client omits the root path in a recursive directory listing operation.
- risk 0.49cvss 7.5epss 0.02
An issue was discovered in 42Gears SureMDM before 2018-11-27. By visiting the page found at /console/ConsolePage/Master.html, an attacker is able to see the markup that would be presented to an authenticated user. This is caused by the session validation occurring after the…
- risk 0.51cvss 7.3epss 0.02
An SSRF issue was discovered in 42Gears SureMDM before 2018-11-27 via the /api/DownloadUrlResponse.ashx "url" parameter.
- risk 0.49cvss 7.5epss 0.02
An issue was discovered in the registration API endpoint in 42Gears SureMDM before 2018-11-27. An attacker can submit a GET request to /api/register/:email, where :email is a base64 encoded e-mail address, to receive confirmation as to whether a user account exists in the system…
- risk 0.42cvss 7.5epss 0.04
In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c.
- risk 0.42cvss 7.5epss 0.04
In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c.
- risk 0.42cvss 7.5epss 0.03
In ImageMagick before 7.0.8-25, a memory leak exists in ReadSIXELImage in coders/sixel.c.
- risk 0.42cvss 7.5epss 0.03
In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c.
- risk 0.56cvss 8.6epss 0.02
An issue was discovered in /bin/goahead on D-Link DIR-823G devices with firmware 1.02B03. There is incorrect access control allowing remote attackers to hijack the DNS service configuration of all clients in the WLAN, without authentication, via the SetWanSettings HNAP API.
- risk 0.49cvss 7.5epss 0.03
An issue was discovered in /bin/goahead on D-Link DIR-823G devices with the firmware 1.02B03. There is incorrect access control allowing remote attackers to reset the router without authentication via the SetFactoryDefault HNAP API. Consequently, an attacker can achieve a…
- risk 0.49cvss 7.5epss 0.03
An issue was discovered in /bin/goahead on D-Link DIR-823G devices with firmware 1.02B03. There is incorrect access control allowing remote attackers to get sensitive information (such as MAC address) about all clients in the WLAN via the GetClientInfo HNAP API. Consequently, an…
- risk 0.57cvss 8.8epss 0.00
Dell OS10 versions prior to 10.4.2.1 contain a vulnerability caused by lack of proper input validation on the command-line interface (CLI).
- risk 0.57cvss 8.8epss 0.01
Taoensso Sente version Prior to version 1.14.0 contains a Cross Site Request Forgery (CSRF) vulnerability in WebSocket handshake endpoint that can result in CSRF attack, possible leak of anti-CSRF token. This attack appears to be exploitable via malicious request against…
- risk 0.42cvss 7.5epss 0.02
slixmpp version before commit 7cd73b594e8122dddf847953fcfc85ab4d316416 contains an incorrect Access Control vulnerability in XEP-0223 plugin (Persistent Storage of Private Data via PubSub) options profile, used for the configuration of default access model that can result in all…
- risk 0.51cvss 7.8epss 0.02
rssh version 2.3.4 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in allowscp permission that can result in Local command execution. This attack appear to be exploitable via An authorized SSH user with the…
- risk 0.00cvss 8.8epss 0.02
Erlang/OTP Rebar3 version 3.7.0 through 3.7.5 contains a Signing oracle vulnerability in Package registry verification that can result in Package modifications not detected, allowing code execution. This attack appears to be exploitable via Victim fetches packages from…
- risk 0.00cvss 8.8epss 0.01
Hex package manager hex_core version 0.3.0 and earlier contains a Signing oracle vulnerability in Package registry verification that can result in Package modifications not detected, allowing code execution. This attack appears to be exploitable via victim fetches packages from…
- risk 0.00cvss 8.8epss 0.01
Hex package manager version 0.14.0 through 0.18.2 contains a Signing oracle vulnerability in Package registry verification that can result in Package modifications not detected, allowing code execution. This attack appears to be exploitable via victim fetches packages from…
- risk 0.41cvss 7.4epss 0.01
aioxmpp version 0.10.2 and earlier contains a Improper Handling of Structural Elements vulnerability in Stanza Parser, rollback during error processing, aioxmpp.xso.model.guard function that can result in Denial of Service, Other. This attack appears to be exploitable via…
- risk 0.57cvss 8.8epss 0.02
mPDF version 7.1.7 and earlier contains a CWE-502: Deserialization of Untrusted Data vulnerability in getImage() method of Image/ImageProcessor class that can result in Arbitry code execution, file write, etc.. This attack appears to be exploitable via attacker must host crafted…
- risk 0.57cvss 8.8epss 0.01
MapSVG MapSVG Lite version 3.2.3 contains a Cross Site Request Forgery (CSRF) vulnerability in REST endpoint /wp-admin/admin-ajax.php?action=mapsvg_save that can result in an attacker can modify post data, including embedding javascript. This attack appears to be exploitable via…
- risk 0.46cvss 7.1epss 0.02
IBM Security Identity Manager 7.0.1 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 153751.