| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-18374 | Cri | 0.64 | 9.8 | 0.02 | Nov 25, 2019 | Symantec Critical System Protection (CSP), versions 8.0, 8.0 HF1 & 8.0 MP1, may be susceptible to an authentication bypass vulnerability, which is a type of issue that can potentially allow a threat actor to circumvent existing authentication controls. | ||
| CVE-2019-5870 | Cri | 0.63 | 9.6 | 0.01 | Nov 25, 2019 | Use after free in media in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. | ||
| CVE-2019-5866 | Cri | 0.64 | 9.8 | 0.01 | Nov 25, 2019 | Out of bounds memory access in JavaScript in Google Chrome prior to 75.0.3770.142 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2019-5850 | Cri | 0.62 | 9.6 | 0.01 | Nov 25, 2019 | Use after free in offline mode in Google Chrome prior to 76.0.3809.87 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | ||
| CVE-2012-5582 | Cri | 0.57 | 9.8 | 0.02 | Nov 25, 2019 | opendnssec misuses libcurl API | ||
| CVE-2019-18622 | — | Cri | 0.57 | 9.8 | 0.03 | Nov 22, 2019 | An issue was discovered in phpMyAdmin before 4.9.2. A crafted database/table name can be used to trigger a SQL injection attack through the designer feature. | |
| CVE-2019-13566 | Cri | 0.00 | 9.8 | 0.03 | Nov 22, 2019 | An issue was discovered in the ROS communications-related packages (aka ros_comm or ros-melodic-ros-comm) through 1.14.3. A buffer overflow allows attackers to cause a denial of service and possibly execute arbitrary code via an IP address with a long hostname. | ||
| CVE-2014-6311 | Cri | 0.64 | 9.8 | 0.02 | Nov 22, 2019 | generate_doygen.pl in ace before 6.2.7+dfsg-2 creates predictable file names in the /tmp directory which allows attackers to gain elevated privileges. | ||
| CVE-2014-6310 | Cri | 0.64 | 9.8 | 0.05 | Nov 22, 2019 | Buffer overflow in CHICKEN 4.9.0 and 4.9.0.1 may allow remote attackers to execute arbitrary code via the 'select' function. | ||
| CVE-2014-3585 | Cri | 0.64 | 9.8 | 0.01 | Nov 22, 2019 | redhat-upgrade-tool: Does not check GPG signatures when upgrading versions | ||
| CVE-2019-18933 | Cri | 0.57 | 9.8 | 0.01 | Nov 21, 2019 | In Zulip Server versions from 1.7.0 to before 2.0.7, a bug in the new user signup process meant that users who registered their account using social authentication (e.g., GitHub or Google SSO) in an organization that also allows password authentication could have their personal… | ||
| CVE-2019-18889 | — | Cri | 0.59 | 9.8 | 0.33 | Nov 21, 2019 | An issue was discovered in Symfony 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. Serializing certain cache adapter interfaces could result in remote code injection. This is related to symfony/cache. | |
| CVE-2019-11325 | — | Cri | 0.64 | 9.8 | 0.03 | Nov 21, 2019 | An issue was discovered in Symfony before 4.2.12 and 4.3.x before 4.3.8. The VarExport component incorrectly escapes strings, allowing some specially crafted ones to escalate to execution of arbitrary PHP code. This is related to symfony/var-exporter. | |
| CVE-2019-19033 | Cri | 0.64 | 9.8 | 0.03 | Nov 21, 2019 | Jalios JCMS 10 allows attackers to access any part of the website and the WebDAV server with administrative privileges via a backdoor account, by using any username and the hardcoded dev password. | ||
| CVE-2019-19006 | Cri | 0.72 | 9.8 | 0.37 | KEV | Nov 21, 2019 | Sangoma FreePBX 115.0.16.26 and below, 14.0.13.11 and below, 13.0.197.13 and below have Incorrect Access Control. | |
| CVE-2019-18349 | Cri | 0.64 | 9.8 | 0.02 | Nov 21, 2019 | HotkeyP through 4.9 r96 allows privilege escalation in the privilege function in Commands.cpp. | ||
| CVE-2019-5509 | Cri | 0.64 | 9.8 | 0.02 | Nov 21, 2019 | ONTAP Select Deploy administration utility versions 2.11.2 through 2.12.2 are susceptible to a code injection vulnerability which when successfully exploited could allow an unauthenticated remote attacker to enable and use a privileged user account. | ||
| CVE-2018-8879 | Cri | 0.65 | 9.8 | 0.17 | Nov 21, 2019 | Stack-based buffer overflow in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices allows remote attackers to execute arbitrary code by providing a long string to the blocking.asp page via a GET or POST request.… | ||
| CVE-2019-2303 | Cri | 0.64 | 9.8 | 0.01 | Nov 21, 2019 | SNDCP module may access array out side its boundary when it receives malformed XID message. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009,… | ||
| CVE-2019-2289 | Cri | 0.64 | 9.8 | 0.01 | Nov 21, 2019 | Lack of integrity check allows MODEM to accept any NAS messages which can result into authentication bypass of NAS in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon… | ||
| CVE-2019-2271 | Cri | 0.64 | 9.8 | 0.01 | Nov 21, 2019 | Buffer over read can happen while parsing downlink session management OTA messages if network sends un-intended values in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music,… | ||
| CVE-2019-2268 | Cri | 0.64 | 9.8 | 0.01 | Nov 21, 2019 | Possible OOB read issue in P2P action frames while handling WLAN management frame in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8009, APQ8017, APQ8053,… | ||
| CVE-2019-16541 | Cri | 0.57 | 9.9 | 0.02 | Nov 21, 2019 | Jenkins JIRA Plugin 3.0.10 and earlier does not declare the correct (folder) scope for per-folder Jira site definitions, allowing users to select and use credentials with System scope. | ||
| CVE-2019-16340 | Cri | 0.65 | 9.8 | 0.19 | Nov 21, 2019 | Belkin Linksys Velop 1.1.8.192419 devices allows remote attackers to discover the recovery key via a direct request for the /sysinfo_json.cgi URI. | ||
| CVE-2019-10627 | Cri | 0.64 | 9.8 | 0.01 | Nov 21, 2019 | Integer overflow to buffer overflow vulnerability in PostScript image handling code used by the PostScript- and PDF-compatible interpreters due to incorrect buffer size calculation. in PostScript and PDF printers that use IPS versions prior to 2019.2 in PostScript and PDF… | ||
| CVE-2014-3700 | Cri | 0.64 | 9.8 | 0.03 | Nov 21, 2019 | eDeploy through at least 2014-10-14 has remote code execution due to eval() of untrusted data | ||
| CVE-2012-3460 | Cri | 0.64 | 9.8 | 0.01 | Nov 21, 2019 | cumin: At installation postgresql database user created without password | ||
| CVE-2013-7171 | Cri | 0.64 | 9.8 | 0.06 | Nov 21, 2019 | Slackware 14.0 and 14.1, and Slackware LLVM 3.0-i486-2 and 3.3-i486-2, contain world-writable permissions on the /tmp directory which could allow remote attackers to execute arbitrary code with root privileges. | ||
| CVE-2015-3166 | Cri | 0.57 | 9.8 | 0.05 | Nov 20, 2019 | The snprintf implementation in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 does not properly handle system-call errors, which allows attackers to obtain sensitive information or have other unspecified impact via… | ||
| CVE-2013-2093 | Cri | 0.57 | 9.8 | 0.05 | Nov 20, 2019 | Dolibarr ERP/CRM 3.3.1 does not properly validate user input in viewimage.php and barcode.lib.php which allows remote attackers to execute arbitrary commands. | ||
| CVE-2013-2091 | Cri | 0.57 | 9.8 | 0.03 | Nov 20, 2019 | SQL injection vulnerability in Dolibarr ERP/CRM 3.3.1 allows remote attackers to execute arbitrary SQL commands via the 'pays' parameter in fiche.php. | ||
| CVE-2019-18858 | Cri | 0.64 | 9.8 | 0.02 | Nov 20, 2019 | CODESYS 3 web server before 3.5.15.20, as distributed with CODESYS Control runtime systems, has a Buffer Overflow. | ||
| CVE-2019-5541 | Cri | 0.59 | 9.1 | 0.01 | Nov 20, 2019 | VMware Workstation (15.x before 15.5.1) and Fusion (11.x before 11.5.1) contain an out-of-bounds write vulnerability in the e1000e virtual network adapter. Successful exploitation of this issue may lead to code execution on the host from the guest or may allow attackers to… | ||
| CVE-2019-10765 | — | Cri | 0.57 | 9.8 | 0.02 | Nov 20, 2019 | iobroker.admin before 3.6.12 allows attacker to include file contents from outside the `/log/file1/` directory. | |
| CVE-2010-4660 | Cri | 0.64 | 9.8 | 0.01 | Nov 20, 2019 | Unspecified vulnerability in statusnet through 2010 due to the way addslashes are used in SQL string escapes.. | ||
| CVE-2016-9652 | Cri | 0.64 | 9.8 | 0.02 | Nov 20, 2019 | Multiple unspecified vulnerabilities in Google Chrome before 55.0.2883.75. | ||
| CVE-2016-5194 | Cri | 0.64 | 9.8 | 0.01 | Nov 20, 2019 | Unspecified vulnerabilities in Google Chrome before 54.0.2840.59. | ||
| CVE-2011-1028 | — | Cri | 0.57 | 9.8 | 0.02 | Nov 20, 2019 | The $smarty.template variable in Smarty3 allows attackers to possibly execute arbitrary PHP code via the sysplugins/smarty_internal_compile_private_special_variable.php file. | |
| CVE-2011-3350 | Cri | 0.64 | 9.8 | 0.02 | Nov 19, 2019 | masqmail 0.2.21 through 0.2.30 improperly calls seteuid() in src/log.c and src/masqmail.c that results in improper privilege dropping. | ||
| CVE-2019-10766 | — | Cri | 0.57 | 9.8 | 0.01 | Nov 19, 2019 | Pixie versions 1.0.x before 1.0.3, and 2.0.x before 2.0.2 allow SQL Injection in the limit() function due to improper sanitization. | |
| CVE-2011-2921 | Cri | 0.73 | 9.8 | 0.83 | Nov 19, 2019 | ktsuss versions 1.4 and prior has the uid set to root and does not drop privileges prior to executing user specified commands, which can result in command execution with root privileges. | ||
| CVE-2012-0824 | Cri | 0.64 | 9.8 | 0.02 | Nov 19, 2019 | gnusound 0.7.5 has format string issue | ||
| CVE-2016-1000006 | Cri | 0.57 | 9.8 | 0.02 | Nov 19, 2019 | hhvm before 3.12.11 has a use-after-free in the serialize_memoize_param() and ResourceBundle::__construct() functions. | ||
| CVE-2019-12409 | Cri | 0.65 | 9.8 | 0.22 | Nov 18, 2019 | The 8.1.1 and 8.2.0 releases of Apache Solr contain an insecure setting for the ENABLE_REMOTE_JMX_OPTS configuration option in the default solr.in.sh configuration file shipping with Solr. If you use the default solr.in.sh file from the affected releases, then JMX monitoring… | ||
| CVE-2019-12271 | Cri | 0.64 | 9.8 | 0.02 | Nov 18, 2019 | Sandline Centraleyezer (On Premises) allows unrestricted File Upload with a dangerous type, because the feature of adding ".jpg" to any uploaded filename is not enforced on the server side. | ||
| CVE-2018-20687 | Cri | 0.64 | 9.8 | 0.03 | Nov 18, 2019 | An XML external entity (XXE) vulnerability in CommandCenterWebServices/.*?wsdl in Raritan CommandCenter Secure Gateway before 8.0.0 allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML… | ||
| CVE-2011-5331 | Cri | 0.64 | 9.8 | 0.03 | Nov 18, 2019 | Distributed Ruby (aka DRuby) 1.8 mishandles instance_eval. | ||
| CVE-2011-5330 | Cri | 0.64 | 9.8 | 0.02 | Nov 18, 2019 | Distributed Ruby (aka DRuby) 1.8 mishandles the sending of syscalls. | ||
| CVE-2019-19113 | Cri | 0.64 | 9.8 | 0.02 | Nov 18, 2019 | main/resources/mapper/NewBeeMallGoodsMapper.xml in newbee-mall (aka New Bee) before 2019-10-23 allows search?goodsCategoryId=&keyword= SQL Injection. | ||
| CVE-2019-17058 | Cri | 0.59 | 9.1 | 0.02 | Nov 18, 2019 | Footy Tipping Software AFL Web Edition 2019 allows arbitrary file upload and resultant remote code execution because a whitelist can be bypassed by an Administrator who uploads a crafted upload.dat file. |
- risk 0.64cvss 9.8epss 0.02
Symantec Critical System Protection (CSP), versions 8.0, 8.0 HF1 & 8.0 MP1, may be susceptible to an authentication bypass vulnerability, which is a type of issue that can potentially allow a threat actor to circumvent existing authentication controls.
- risk 0.63cvss 9.6epss 0.01
Use after free in media in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
- risk 0.64cvss 9.8epss 0.01
Out of bounds memory access in JavaScript in Google Chrome prior to 75.0.3770.142 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- risk 0.62cvss 9.6epss 0.01
Use after free in offline mode in Google Chrome prior to 76.0.3809.87 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
- risk 0.57cvss 9.8epss 0.02
opendnssec misuses libcurl API
- risk 0.57cvss 9.8epss 0.03
An issue was discovered in phpMyAdmin before 4.9.2. A crafted database/table name can be used to trigger a SQL injection attack through the designer feature.
- risk 0.00cvss 9.8epss 0.03
An issue was discovered in the ROS communications-related packages (aka ros_comm or ros-melodic-ros-comm) through 1.14.3. A buffer overflow allows attackers to cause a denial of service and possibly execute arbitrary code via an IP address with a long hostname.
- risk 0.64cvss 9.8epss 0.02
generate_doygen.pl in ace before 6.2.7+dfsg-2 creates predictable file names in the /tmp directory which allows attackers to gain elevated privileges.
- risk 0.64cvss 9.8epss 0.05
Buffer overflow in CHICKEN 4.9.0 and 4.9.0.1 may allow remote attackers to execute arbitrary code via the 'select' function.
- risk 0.64cvss 9.8epss 0.01
redhat-upgrade-tool: Does not check GPG signatures when upgrading versions
- risk 0.57cvss 9.8epss 0.01
In Zulip Server versions from 1.7.0 to before 2.0.7, a bug in the new user signup process meant that users who registered their account using social authentication (e.g., GitHub or Google SSO) in an organization that also allows password authentication could have their personal…
- risk 0.59cvss 9.8epss 0.33
An issue was discovered in Symfony 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. Serializing certain cache adapter interfaces could result in remote code injection. This is related to symfony/cache.
- risk 0.64cvss 9.8epss 0.03
An issue was discovered in Symfony before 4.2.12 and 4.3.x before 4.3.8. The VarExport component incorrectly escapes strings, allowing some specially crafted ones to escalate to execution of arbitrary PHP code. This is related to symfony/var-exporter.
- risk 0.64cvss 9.8epss 0.03
Jalios JCMS 10 allows attackers to access any part of the website and the WebDAV server with administrative privileges via a backdoor account, by using any username and the hardcoded dev password.
- risk 0.72cvss 9.8epss 0.37
Sangoma FreePBX 115.0.16.26 and below, 14.0.13.11 and below, 13.0.197.13 and below have Incorrect Access Control.
- risk 0.64cvss 9.8epss 0.02
HotkeyP through 4.9 r96 allows privilege escalation in the privilege function in Commands.cpp.
- risk 0.64cvss 9.8epss 0.02
ONTAP Select Deploy administration utility versions 2.11.2 through 2.12.2 are susceptible to a code injection vulnerability which when successfully exploited could allow an unauthenticated remote attacker to enable and use a privileged user account.
- risk 0.65cvss 9.8epss 0.17
Stack-based buffer overflow in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices allows remote attackers to execute arbitrary code by providing a long string to the blocking.asp page via a GET or POST request.…
- risk 0.64cvss 9.8epss 0.01
SNDCP module may access array out side its boundary when it receives malformed XID message. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009,…
- risk 0.64cvss 9.8epss 0.01
Lack of integrity check allows MODEM to accept any NAS messages which can result into authentication bypass of NAS in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon…
- risk 0.64cvss 9.8epss 0.01
Buffer over read can happen while parsing downlink session management OTA messages if network sends un-intended values in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music,…
- risk 0.64cvss 9.8epss 0.01
Possible OOB read issue in P2P action frames while handling WLAN management frame in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8009, APQ8017, APQ8053,…
- risk 0.57cvss 9.9epss 0.02
Jenkins JIRA Plugin 3.0.10 and earlier does not declare the correct (folder) scope for per-folder Jira site definitions, allowing users to select and use credentials with System scope.
- risk 0.65cvss 9.8epss 0.19
Belkin Linksys Velop 1.1.8.192419 devices allows remote attackers to discover the recovery key via a direct request for the /sysinfo_json.cgi URI.
- risk 0.64cvss 9.8epss 0.01
Integer overflow to buffer overflow vulnerability in PostScript image handling code used by the PostScript- and PDF-compatible interpreters due to incorrect buffer size calculation. in PostScript and PDF printers that use IPS versions prior to 2019.2 in PostScript and PDF…
- risk 0.64cvss 9.8epss 0.03
eDeploy through at least 2014-10-14 has remote code execution due to eval() of untrusted data
- risk 0.64cvss 9.8epss 0.01
cumin: At installation postgresql database user created without password
- risk 0.64cvss 9.8epss 0.06
Slackware 14.0 and 14.1, and Slackware LLVM 3.0-i486-2 and 3.3-i486-2, contain world-writable permissions on the /tmp directory which could allow remote attackers to execute arbitrary code with root privileges.
- risk 0.57cvss 9.8epss 0.05
The snprintf implementation in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 does not properly handle system-call errors, which allows attackers to obtain sensitive information or have other unspecified impact via…
- risk 0.57cvss 9.8epss 0.05
Dolibarr ERP/CRM 3.3.1 does not properly validate user input in viewimage.php and barcode.lib.php which allows remote attackers to execute arbitrary commands.
- risk 0.57cvss 9.8epss 0.03
SQL injection vulnerability in Dolibarr ERP/CRM 3.3.1 allows remote attackers to execute arbitrary SQL commands via the 'pays' parameter in fiche.php.
- risk 0.64cvss 9.8epss 0.02
CODESYS 3 web server before 3.5.15.20, as distributed with CODESYS Control runtime systems, has a Buffer Overflow.
- risk 0.59cvss 9.1epss 0.01
VMware Workstation (15.x before 15.5.1) and Fusion (11.x before 11.5.1) contain an out-of-bounds write vulnerability in the e1000e virtual network adapter. Successful exploitation of this issue may lead to code execution on the host from the guest or may allow attackers to…
- risk 0.57cvss 9.8epss 0.02
iobroker.admin before 3.6.12 allows attacker to include file contents from outside the `/log/file1/` directory.
- risk 0.64cvss 9.8epss 0.01
Unspecified vulnerability in statusnet through 2010 due to the way addslashes are used in SQL string escapes..
- risk 0.64cvss 9.8epss 0.02
Multiple unspecified vulnerabilities in Google Chrome before 55.0.2883.75.
- risk 0.64cvss 9.8epss 0.01
Unspecified vulnerabilities in Google Chrome before 54.0.2840.59.
- risk 0.57cvss 9.8epss 0.02
The $smarty.template variable in Smarty3 allows attackers to possibly execute arbitrary PHP code via the sysplugins/smarty_internal_compile_private_special_variable.php file.
- risk 0.64cvss 9.8epss 0.02
masqmail 0.2.21 through 0.2.30 improperly calls seteuid() in src/log.c and src/masqmail.c that results in improper privilege dropping.
- risk 0.57cvss 9.8epss 0.01
Pixie versions 1.0.x before 1.0.3, and 2.0.x before 2.0.2 allow SQL Injection in the limit() function due to improper sanitization.
- risk 0.73cvss 9.8epss 0.83
ktsuss versions 1.4 and prior has the uid set to root and does not drop privileges prior to executing user specified commands, which can result in command execution with root privileges.
- risk 0.64cvss 9.8epss 0.02
gnusound 0.7.5 has format string issue
- risk 0.57cvss 9.8epss 0.02
hhvm before 3.12.11 has a use-after-free in the serialize_memoize_param() and ResourceBundle::__construct() functions.
- risk 0.65cvss 9.8epss 0.22
The 8.1.1 and 8.2.0 releases of Apache Solr contain an insecure setting for the ENABLE_REMOTE_JMX_OPTS configuration option in the default solr.in.sh configuration file shipping with Solr. If you use the default solr.in.sh file from the affected releases, then JMX monitoring…
- risk 0.64cvss 9.8epss 0.02
Sandline Centraleyezer (On Premises) allows unrestricted File Upload with a dangerous type, because the feature of adding ".jpg" to any uploaded filename is not enforced on the server side.
- risk 0.64cvss 9.8epss 0.03
An XML external entity (XXE) vulnerability in CommandCenterWebServices/.*?wsdl in Raritan CommandCenter Secure Gateway before 8.0.0 allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML…
- risk 0.64cvss 9.8epss 0.03
Distributed Ruby (aka DRuby) 1.8 mishandles instance_eval.
- risk 0.64cvss 9.8epss 0.02
Distributed Ruby (aka DRuby) 1.8 mishandles the sending of syscalls.
- risk 0.64cvss 9.8epss 0.02
main/resources/mapper/NewBeeMallGoodsMapper.xml in newbee-mall (aka New Bee) before 2019-10-23 allows search?goodsCategoryId=&keyword= SQL Injection.
- risk 0.59cvss 9.1epss 0.02
Footy Tipping Software AFL Web Edition 2019 allows arbitrary file upload and resultant remote code execution because a whitelist can be bypassed by an Administrator who uploads a crafted upload.dat file.