| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-16891 | — | Cri | 0.67 | 9.8 | 0.46 | Oct 4, 2019 | Liferay Portal CE 6.2.5 allows remote command execution because of deserialization of a JSON payload. | |
| CVE-2019-17133 | Cri | 0.64 | 9.8 | 0.07 | Oct 4, 2019 | In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow. | ||
| CVE-2019-17132 | Cri | 0.68 | 9.8 | 0.12 | Oct 4, 2019 | vBulletin through 5.5.4 mishandles custom avatars. | ||
| CVE-2019-17113 | Cri | 0.00 | 9.8 | 0.03 | Oct 4, 2019 | In libopenmpt before 0.3.19 and 0.4.x before 0.4.9, ModPlug_InstrumentName and ModPlug_SampleName in libopenmpt_modplug.c do not restrict the lengths of libmodplug output-buffer strings in the C API, leading to a buffer overflow. | ||
| CVE-2018-10105 | Cri | 0.64 | 9.8 | 0.04 | Oct 3, 2019 | tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2). | ||
| CVE-2018-10103 | Cri | 0.64 | 9.8 | 0.04 | Oct 3, 2019 | tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2). | ||
| CVE-2019-13957 | Cri | 0.64 | 9.8 | 0.01 | Oct 2, 2019 | In Umbraco 7.3.8, there is SQL Injection in the backoffice/PageWApprove/PageWApproveApi/GetInpectSearch method via the nodeName parameter. | ||
| CVE-2019-12736 | Cri | 0.64 | 9.8 | 0.02 | Oct 2, 2019 | JetBrains Ktor framework before 1.2.0-rc does not sanitize the username provided by the user for the LDAP protocol, leading to command injection. | ||
| CVE-2019-12630 | Cri | 0.69 | 9.8 | 0.66 | Oct 2, 2019 | A vulnerability in the Java deserialization function used by Cisco Security Manager could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. The vulnerability is due to insecure deserialization of user-supplied content by the affected… | ||
| CVE-2019-12157 | Cri | 0.64 | 9.8 | 0.02 | Oct 2, 2019 | In JetBrains UpSource versions before 2018.2 build 1293, there is credential disclosure via RPC commands. | ||
| CVE-2019-11929 | Cri | 0.00 | 9.8 | 0.04 | Oct 2, 2019 | Insufficient boundary checks when formatting numbers in number_format allows read/write access to out-of-bounds memory, potentially leading to remote code execution. This issue affects HHVM versions prior to 3.30.10, all versions between 4.0.0 and 4.8.5, all versions between… | ||
| CVE-2019-10212 | Cri | 0.64 | 9.8 | 0.02 | Oct 2, 2019 | A flaw was found in, all under 2.0.20, in the Undertow DEBUG log for io.undertow.request.security. If enabled, an attacker could abuse this flaw to obtain the user's credentials from the log files. | ||
| CVE-2019-13658 | Cri | 0.64 | 9.8 | 0.03 | Oct 2, 2019 | CA Network Flow Analysis 9.x and 10.0.x have a default credential vulnerability that can allow a remote attacker to execute arbitrary commands and compromise system security. | ||
| CVE-2019-13025 | Cri | 0.64 | 9.8 | 0.03 | Oct 2, 2019 | Compal CH7465LG CH7465LG-NCIP-6.12.18.24-5p8-NOSH devices have Incorrect Access Control because of Improper Input Validation. The attacker can send a maliciously modified POST (HTTP) request containing shell commands, which will be executed on the device, to an backend API… | ||
| CVE-2019-14454 | Cri | 0.64 | 9.8 | 0.02 | Oct 2, 2019 | SuiteCRM 7.11.x and 7.10.x before 7.11.8 and 7.10.20 is vulnerable to vertical privilege escalation. | ||
| CVE-2019-13335 | Cri | 0.64 | 9.8 | 0.01 | Oct 2, 2019 | SalesAgility SuiteCRM 7.10.x 7.10.19 and 7.11.x before and 7.11.7 has SSRF. | ||
| CVE-2019-17067 | Cri | 0.64 | 9.8 | 0.02 | Oct 1, 2019 | PuTTY before 0.73 on Windows improperly opens port-forwarding listening sockets, which allows attackers to listen on the same port to steal an incoming connection. | ||
| CVE-2019-16943 | — | Cri | 0.57 | 9.8 | 0.05 | Oct 1, 2019 | A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an… | |
| CVE-2019-16942 | — | Cri | 0.57 | 9.8 | 0.06 | Oct 1, 2019 | A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and… | |
| CVE-2019-10202 | — | Cri | 0.64 | 9.8 | 0.05 | Oct 1, 2019 | A series of deserialization vulnerabilities have been discovered in Codehaus 1.9.x implemented in EAP 7. This CVE fixes CVE-2017-17485, CVE-2017-7525, CVE-2017-15095, CVE-2018-5968, CVE-2018-7489, CVE-2018-1000873, CVE-2019-12086 reported for FasterXML jackson-databind by… | |
| CVE-2019-15039 | Cri | 0.68 | 9.8 | 0.13 | Oct 1, 2019 | An issue was discovered in JetBrains TeamCity 2018.2.4. It had a possible remote code execution issue. This was fixed in TeamCity 2019.1. | ||
| CVE-2019-10431 | Cri | 0.58 | 9.9 | 0.03 | Oct 1, 2019 | A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.64 and earlier related to the handling of default parameter expressions in constructors allowed attackers to execute arbitrary code in sandboxed scripts. | ||
| CVE-2019-15940 | Cri | 0.64 | 9.8 | 0.02 | Oct 1, 2019 | Victure PC530 devices allow unauthenticated TELNET access as root. | ||
| CVE-2019-2294 | Cri | 0.64 | 9.8 | 0.01 | Sep 30, 2019 | Usage of hard-coded magic number for calculating heap guard bytes can allow users to corrupt heap blocks without heap algorithm knowledge in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT,… | ||
| CVE-2019-2252 | Cri | 0.64 | 9.8 | 0.01 | Sep 30, 2019 | Classic buffer overflow vulnerability while playing the specific video whose Decode picture buffer size is more than 16 in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &… | ||
| CVE-2019-16932 | Cri | 0.68 | 10.0 | 0.39 | Sep 30, 2019 | A blind SSRF vulnerability exists in the Visualizer plugin before 3.3.1 for WordPress via wp-json/visualizer/v1/upload-data. | ||
| CVE-2019-10540 | Cri | 0.64 | 9.8 | 0.01 | Sep 30, 2019 | Buffer overflow in WLAN NAN function due to lack of check of count value received in NAN availability attribute in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,… | ||
| CVE-2019-10539 | Cri | 0.64 | 9.8 | 0.01 | Sep 30, 2019 | Possible buffer overflow issue due to lack of length check when parsing the extended cap IE header length in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice… | ||
| CVE-2019-10538 | Cri | 0.64 | 9.8 | 0.01 | Sep 30, 2019 | Lack of check of address range received from firmware response allows modem to respond arbitrary pages into its address range which can compromise HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice… | ||
| CVE-2019-10509 | Cri | 0.64 | 9.8 | 0.01 | Sep 30, 2019 | Device record of the pairing device used after free during ACL disconnection in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W,… | ||
| CVE-2019-17040 | Cri | 0.57 | 9.8 | 0.02 | Sep 30, 2019 | contrib/pmdb2diag/pmdb2diag.c in Rsyslog v8.1908.0 allows out-of-bounds access because the level length is mishandled. | ||
| CVE-2019-16999 | Cri | 0.64 | 9.8 | 0.01 | Sep 30, 2019 | CloudBoot through 2019-03-08 allows SQL Injection via a crafted Status field in JSON data to the api/osinstall/v1/device/getNumByStatus URI. | ||
| CVE-2019-16676 | — | Cri | 0.57 | 9.8 | 0.03 | Sep 30, 2019 | Plataformatec Simple Form has Incorrect Access Control in file_method? in lib/simple_form/form_builder.rb, because a user-supplied string is invoked as a method call. | |
| CVE-2019-16941 | Cri | 0.57 | 9.8 | 0.05 | Sep 28, 2019 | NSA Ghidra through 9.0.4, when experimental mode is enabled, allows arbitrary code execution if the Read XML Files feature of Bit Patterns Explorer is used with a modified XML document. This occurs in Features/BytePatterns/src/main/java/ghidra/bitpatterns/info/FileBitPatternInfoR… | ||
| CVE-2019-3766 | Cri | 0.64 | 9.8 | 0.02 | Sep 27, 2019 | Dell EMC ECS versions prior to 3.4.0.0 contain an improper restriction of excessive authentication attempts vulnerability. An unauthenticated remote attacker may potentially perform a password brute-force attack to gain access to the targeted accounts. | ||
| CVE-2019-16928 | Cri | 0.79 | 9.8 | 0.42 | KEV | Sep 27, 2019 | Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command. | |
| CVE-2019-9459 | Cri | 0.64 | 9.8 | 0.01 | Sep 27, 2019 | In libttspico, there is a possible OOB write due to a heap buffer overflow. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID:… | ||
| CVE-2019-9365 | Cri | 0.64 | 9.8 | 0.01 | Sep 27, 2019 | In Bluetooth, there is a possible deserialization error due to missing string validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID:… | ||
| CVE-2019-9301 | Cri | 0.64 | 9.8 | 0.01 | Sep 27, 2019 | In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112663384 | ||
| CVE-2019-11734 | Cri | 0.64 | 9.8 | 0.01 | Sep 27, 2019 | Mozilla developers and community members reported memory safety bugs present in Firefox 68. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects… | ||
| CVE-2019-11733 | Cri | 0.64 | 9.8 | 0.01 | Sep 27, 2019 | When a master password is set, it is required to be entered again before stored passwords can be accessed in the 'Saved Logins' dialog. It was found that locally stored passwords can be copied to the clipboard thorough the 'copy password' context menu item without re-entering… | ||
| CVE-2019-8074 | Cri | 0.65 | 9.8 | 0.19 | Sep 27, 2019 | ColdFusion 2018- update 4 and earlier and ColdFusion 2016- update 11 and earlier have a Path Traversal vulnerability. Successful exploitation could lead to Access Control Bypass in the context of the current user. | ||
| CVE-2019-8073 | Cri | 0.64 | 9.8 | 0.08 | Sep 27, 2019 | ColdFusion 2018- update 4 and earlier and ColdFusion 2016- update 11 and earlier have a Command Injection via Vulnerable component vulnerability. Successful exploitation could lead to Arbitrary code execution in the context of the current user. | ||
| CVE-2019-16920 | Cri | 0.84 | 9.8 | 1.00 | KEV | Sep 27, 2019 | Unauthenticated remote code execution occurs in D-Link products such as DIR-655C, DIR-866L, DIR-652, and DHP-1565. The issue occurs when the attacker sends an arbitrary input to a "PingTest" device common gateway interface that could lead to common injection. An attacker who… | |
| CVE-2019-16915 | Cri | 0.57 | 9.8 | 0.04 | Sep 26, 2019 | An issue was discovered in pfSense through 2.4.4-p3. widgets/widgets/picture.widget.php uses the widgetkey parameter directly without sanitization (e.g., a basename call) for a pathname to file_get_contents or file_put_contents. | ||
| CVE-2019-16894 | Cri | 0.67 | 9.8 | 0.03 | Sep 26, 2019 | download.php in inoERP 4.15 allows SQL injection through insecure deserialization. | ||
| CVE-2019-16755 | Cri | 0.64 | 9.8 | 0.03 | Sep 26, 2019 | BMC Remedy ITSM Suite is prone to unspecified vulnerabilities in both DWP and SmartIT components, which can permit remote attackers to perform pre-authenticated remote commands execution on the Operating System running the targeted application. Affected DWP versions: versions:… | ||
| CVE-2019-10082 | Cri | 0.60 | 9.1 | 0.17 | Sep 26, 2019 | In Apache HTTP Server 2.4.18-2.4.39, using fuzzed network input, the http/2 session handling could be made to read memory after being freed, during connection shutdown. | ||
| CVE-2015-9435 | Cri | 0.64 | 9.8 | 0.02 | Sep 26, 2019 | The oauth2-provider plugin before 3.1.5 for WordPress has incorrect generation of random numbers. | ||
| CVE-2019-15941 | Cri | 0.64 | 9.8 | 0.02 | Sep 25, 2019 | OpenID Connect Issuer in LemonLDAP::NG 2.x through 2.0.5 may allow an attacker to bypass access control rules via a crafted OpenID Connect authorization request. To be vulnerable, there must exist an OIDC Relaying party within the LemonLDAP configuration with weaker access… |
- risk 0.67cvss 9.8epss 0.46
Liferay Portal CE 6.2.5 allows remote command execution because of deserialization of a JSON payload.
- risk 0.64cvss 9.8epss 0.07
In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow.
- risk 0.68cvss 9.8epss 0.12
vBulletin through 5.5.4 mishandles custom avatars.
- risk 0.00cvss 9.8epss 0.03
In libopenmpt before 0.3.19 and 0.4.x before 0.4.9, ModPlug_InstrumentName and ModPlug_SampleName in libopenmpt_modplug.c do not restrict the lengths of libmodplug output-buffer strings in the C API, leading to a buffer overflow.
- risk 0.64cvss 9.8epss 0.04
tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2).
- risk 0.64cvss 9.8epss 0.04
tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2).
- risk 0.64cvss 9.8epss 0.01
In Umbraco 7.3.8, there is SQL Injection in the backoffice/PageWApprove/PageWApproveApi/GetInpectSearch method via the nodeName parameter.
- risk 0.64cvss 9.8epss 0.02
JetBrains Ktor framework before 1.2.0-rc does not sanitize the username provided by the user for the LDAP protocol, leading to command injection.
- risk 0.69cvss 9.8epss 0.66
A vulnerability in the Java deserialization function used by Cisco Security Manager could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. The vulnerability is due to insecure deserialization of user-supplied content by the affected…
- risk 0.64cvss 9.8epss 0.02
In JetBrains UpSource versions before 2018.2 build 1293, there is credential disclosure via RPC commands.
- risk 0.00cvss 9.8epss 0.04
Insufficient boundary checks when formatting numbers in number_format allows read/write access to out-of-bounds memory, potentially leading to remote code execution. This issue affects HHVM versions prior to 3.30.10, all versions between 4.0.0 and 4.8.5, all versions between…
- risk 0.64cvss 9.8epss 0.02
A flaw was found in, all under 2.0.20, in the Undertow DEBUG log for io.undertow.request.security. If enabled, an attacker could abuse this flaw to obtain the user's credentials from the log files.
- risk 0.64cvss 9.8epss 0.03
CA Network Flow Analysis 9.x and 10.0.x have a default credential vulnerability that can allow a remote attacker to execute arbitrary commands and compromise system security.
- risk 0.64cvss 9.8epss 0.03
Compal CH7465LG CH7465LG-NCIP-6.12.18.24-5p8-NOSH devices have Incorrect Access Control because of Improper Input Validation. The attacker can send a maliciously modified POST (HTTP) request containing shell commands, which will be executed on the device, to an backend API…
- risk 0.64cvss 9.8epss 0.02
SuiteCRM 7.11.x and 7.10.x before 7.11.8 and 7.10.20 is vulnerable to vertical privilege escalation.
- risk 0.64cvss 9.8epss 0.01
SalesAgility SuiteCRM 7.10.x 7.10.19 and 7.11.x before and 7.11.7 has SSRF.
- risk 0.64cvss 9.8epss 0.02
PuTTY before 0.73 on Windows improperly opens port-forwarding listening sockets, which allows attackers to listen on the same port to steal an incoming connection.
- risk 0.57cvss 9.8epss 0.05
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an…
- risk 0.57cvss 9.8epss 0.06
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and…
- risk 0.64cvss 9.8epss 0.05
A series of deserialization vulnerabilities have been discovered in Codehaus 1.9.x implemented in EAP 7. This CVE fixes CVE-2017-17485, CVE-2017-7525, CVE-2017-15095, CVE-2018-5968, CVE-2018-7489, CVE-2018-1000873, CVE-2019-12086 reported for FasterXML jackson-databind by…
- risk 0.68cvss 9.8epss 0.13
An issue was discovered in JetBrains TeamCity 2018.2.4. It had a possible remote code execution issue. This was fixed in TeamCity 2019.1.
- risk 0.58cvss 9.9epss 0.03
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.64 and earlier related to the handling of default parameter expressions in constructors allowed attackers to execute arbitrary code in sandboxed scripts.
- risk 0.64cvss 9.8epss 0.02
Victure PC530 devices allow unauthenticated TELNET access as root.
- risk 0.64cvss 9.8epss 0.01
Usage of hard-coded magic number for calculating heap guard bytes can allow users to corrupt heap blocks without heap algorithm knowledge in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT,…
- risk 0.64cvss 9.8epss 0.01
Classic buffer overflow vulnerability while playing the specific video whose Decode picture buffer size is more than 16 in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &…
- risk 0.68cvss 10.0epss 0.39
A blind SSRF vulnerability exists in the Visualizer plugin before 3.3.1 for WordPress via wp-json/visualizer/v1/upload-data.
- risk 0.64cvss 9.8epss 0.01
Buffer overflow in WLAN NAN function due to lack of check of count value received in NAN availability attribute in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,…
- risk 0.64cvss 9.8epss 0.01
Possible buffer overflow issue due to lack of length check when parsing the extended cap IE header length in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice…
- risk 0.64cvss 9.8epss 0.01
Lack of check of address range received from firmware response allows modem to respond arbitrary pages into its address range which can compromise HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice…
- risk 0.64cvss 9.8epss 0.01
Device record of the pairing device used after free during ACL disconnection in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W,…
- risk 0.57cvss 9.8epss 0.02
contrib/pmdb2diag/pmdb2diag.c in Rsyslog v8.1908.0 allows out-of-bounds access because the level length is mishandled.
- risk 0.64cvss 9.8epss 0.01
CloudBoot through 2019-03-08 allows SQL Injection via a crafted Status field in JSON data to the api/osinstall/v1/device/getNumByStatus URI.
- risk 0.57cvss 9.8epss 0.03
Plataformatec Simple Form has Incorrect Access Control in file_method? in lib/simple_form/form_builder.rb, because a user-supplied string is invoked as a method call.
- risk 0.57cvss 9.8epss 0.05
NSA Ghidra through 9.0.4, when experimental mode is enabled, allows arbitrary code execution if the Read XML Files feature of Bit Patterns Explorer is used with a modified XML document. This occurs in Features/BytePatterns/src/main/java/ghidra/bitpatterns/info/FileBitPatternInfoR…
- risk 0.64cvss 9.8epss 0.02
Dell EMC ECS versions prior to 3.4.0.0 contain an improper restriction of excessive authentication attempts vulnerability. An unauthenticated remote attacker may potentially perform a password brute-force attack to gain access to the targeted accounts.
- risk 0.79cvss 9.8epss 0.42
Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command.
- risk 0.64cvss 9.8epss 0.01
In libttspico, there is a possible OOB write due to a heap buffer overflow. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID:…
- risk 0.64cvss 9.8epss 0.01
In Bluetooth, there is a possible deserialization error due to missing string validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID:…
- risk 0.64cvss 9.8epss 0.01
In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112663384
- risk 0.64cvss 9.8epss 0.01
Mozilla developers and community members reported memory safety bugs present in Firefox 68. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects…
- risk 0.64cvss 9.8epss 0.01
When a master password is set, it is required to be entered again before stored passwords can be accessed in the 'Saved Logins' dialog. It was found that locally stored passwords can be copied to the clipboard thorough the 'copy password' context menu item without re-entering…
- risk 0.65cvss 9.8epss 0.19
ColdFusion 2018- update 4 and earlier and ColdFusion 2016- update 11 and earlier have a Path Traversal vulnerability. Successful exploitation could lead to Access Control Bypass in the context of the current user.
- risk 0.64cvss 9.8epss 0.08
ColdFusion 2018- update 4 and earlier and ColdFusion 2016- update 11 and earlier have a Command Injection via Vulnerable component vulnerability. Successful exploitation could lead to Arbitrary code execution in the context of the current user.
- risk 0.84cvss 9.8epss 1.00
Unauthenticated remote code execution occurs in D-Link products such as DIR-655C, DIR-866L, DIR-652, and DHP-1565. The issue occurs when the attacker sends an arbitrary input to a "PingTest" device common gateway interface that could lead to common injection. An attacker who…
- risk 0.57cvss 9.8epss 0.04
An issue was discovered in pfSense through 2.4.4-p3. widgets/widgets/picture.widget.php uses the widgetkey parameter directly without sanitization (e.g., a basename call) for a pathname to file_get_contents or file_put_contents.
- risk 0.67cvss 9.8epss 0.03
download.php in inoERP 4.15 allows SQL injection through insecure deserialization.
- risk 0.64cvss 9.8epss 0.03
BMC Remedy ITSM Suite is prone to unspecified vulnerabilities in both DWP and SmartIT components, which can permit remote attackers to perform pre-authenticated remote commands execution on the Operating System running the targeted application. Affected DWP versions: versions:…
- risk 0.60cvss 9.1epss 0.17
In Apache HTTP Server 2.4.18-2.4.39, using fuzzed network input, the http/2 session handling could be made to read memory after being freed, during connection shutdown.
- risk 0.64cvss 9.8epss 0.02
The oauth2-provider plugin before 3.1.5 for WordPress has incorrect generation of random numbers.
- risk 0.64cvss 9.8epss 0.02
OpenID Connect Issuer in LemonLDAP::NG 2.x through 2.0.5 may allow an attacker to bypass access control rules via a crafted OpenID Connect authorization request. To be vulnerable, there must exist an OIDC Relaying party within the LemonLDAP configuration with weaker access…