| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-14193 | Cri | 0.64 | 9.8 | 0.02 | Jul 31, 2019 | An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with an unvalidated length at nfs_readlink_reply, in the "if" block after calculating the new path length. | ||
| CVE-2019-14192 | Cri | 0.64 | 9.8 | 0.03 | Jul 31, 2019 | An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a net_process_received_packet integer underflow during an nc_input_packet call. | ||
| CVE-2019-5454 | Cri | 0.64 | 9.8 | 0.02 | Jul 30, 2019 | SQL Injection in the Nextcloud Android app prior to version 3.0.0 allows to destroy a local cache when a harmful query is executed requiring to resetup the account. | ||
| CVE-2019-13026 | Cri | 0.64 | 9.8 | 0.01 | Jul 30, 2019 | OXID eShop 6.0.x before 6.0.5 and 6.1.x before 6.1.4 allows SQL Injection via a crafted URL, leading to full access by an attacker. This includes all shopping cart options, customer data, and the database. No interaction between the attacker and the victim is necessary. | ||
| CVE-2018-20871 | Cri | 0.64 | 9.8 | 0.02 | Jul 30, 2019 | In Univa Grid Engine before 8.6.3, when configured for Docker jobs and execd spooling on root_squash, weak file permissions ("other" write access) occur in certain cases (GE-6890). | ||
| CVE-2019-14313 | Cri | 0.64 | 9.8 | 0.04 | Jul 30, 2019 | A SQL injection vulnerability exists in the 10Web Photo Gallery plugin before 1.5.31 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via filemanager/model.php. | ||
| CVE-2019-11202 | — | Cri | 0.64 | 9.8 | 0.02 | Jul 30, 2019 | An issue was discovered that affects the following versions of Rancher: v2.0.0 through v2.0.13, v2.1.0 through v2.1.8, and v2.2.0 through 2.2.1. When Rancher starts for the first time, it creates a default admin user with a well-known password. After initial setup, the Rancher… | |
| CVE-2018-20863 | Cri | 0.64 | 9.8 | 0.02 | Jul 30, 2019 | cPanel before 76.0.8 allows remote attackers to execute arbitrary code via mailing-list attachments (SEC-452). | ||
| CVE-2019-13635 | Cri | 0.63 | 9.1 | 0.45 | Jul 30, 2019 | The WP Fastest Cache plugin through 0.8.9.5 for WordPress allows wpFastestCache.php and inc/cache.php Directory Traversal. | ||
| CVE-2015-9290 | Cri | 0.64 | 9.8 | 0.03 | Jul 30, 2019 | In FreeType before 2.6.1, a buffer over-read occurs in type1/t1parse.c on function T1_Get_Private_Dict where there is no check that the new values of cur and limit are sensible before going to Again. | ||
| CVE-2019-14431 | Cri | 0.64 | 9.8 | 0.04 | Jul 29, 2019 | In MatrixSSL 3.8.3 Open through 4.2.1 Open, the DTLS server mishandles incoming network messages leading to a heap-based buffer overflow of up to 256 bytes and possible Remote Code Execution in parseSSLHandshake in sslDecode.c. During processing of a crafted packet, the server… | ||
| CVE-2018-11773 | Cri | 0.64 | 9.8 | 0.02 | Jul 29, 2019 | Apache VCL versions 2.1 through 2.5 do not properly validate form input when processing a submitted block allocation. The form data is then used as an argument to the php built in function strtotime. This allows for an attack against the underlying implementation of that… | ||
| CVE-2019-14271 | — | Cri | 0.58 | 9.8 | 0.19 | Jul 29, 2019 | In Docker 19.03.x before 19.03.1 linked against the GNU C Library (aka glibc), code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container. | |
| CVE-2019-13571 | Cri | 0.64 | 9.8 | 0.04 | Jul 29, 2019 | A SQL injection vulnerability exists in the Vsourz Digital Advanced CF7 DB plugin through 1.6.1 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system. | ||
| CVE-2019-14379 | — | Cri | 0.57 | 9.8 | 0.08 | Jul 29, 2019 | SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution. | |
| CVE-2019-14363 | Cri | 0.64 | 9.8 | 0.03 | Jul 28, 2019 | A stack-based buffer overflow in the upnpd binary running on NETGEAR WNDR3400v3 routers with firmware version 1.0.1.18_1.0.63 allows an attacker to remotely execute arbitrary code via a crafted UPnP SSDP packet. | ||
| CVE-2017-18379 | Cri | 0.00 | 9.8 | 0.03 | Jul 27, 2019 | In the Linux kernel before 4.14, an out of boundary access happened in drivers/nvme/target/fc.c. | ||
| CVE-2016-10764 | Cri | 0.57 | 9.8 | 0.03 | Jul 27, 2019 | In the Linux kernel before 4.9.6, there is an off by one in the drivers/mtd/spi-nor/cadence-quadspi.c cqspi_setup_flash() function. There are CQSPI_MAX_CHIPSELECT elements in the ->f_pdata array so the ">" should be ">=" instead. | ||
| CVE-2012-6712 | Cri | 0.57 | 9.8 | 0.03 | Jul 27, 2019 | In the Linux kernel before 3.4, a buffer overflow occurs in drivers/net/wireless/iwlwifi/iwl-agn-sta.c, which will cause at least memory corruption. | ||
| CVE-2011-5327 | Cri | 0.57 | 9.8 | 0.04 | Jul 27, 2019 | In the Linux kernel before 3.1, an off by one in the drivers/target/loopback/tcm_loop.c tcm_loop_make_naa_tpg() function could result in at least memory corruption. | ||
| CVE-2007-6762 | Cri | 0.57 | 9.8 | 0.03 | Jul 27, 2019 | In the Linux kernel before 2.6.20, there is an off-by-one bug in net/netlabel/netlabel_cipso_v4.c where it is possible to overflow the doi_def->tags[] array. | ||
| CVE-2019-13990 | — | Cri | 0.58 | 9.8 | 0.16 | Jul 26, 2019 | initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description. | |
| CVE-2019-14282 | — | Cri | 0.64 | 9.8 | 0.03 | Jul 26, 2019 | The simple_captcha2 gem 0.2.3 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. | |
| CVE-2019-14281 | — | Cri | 0.64 | 9.8 | 0.03 | Jul 26, 2019 | The datagrid gem 1.0.6 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. | |
| CVE-2019-14277 | Cri | 0.64 | 9.8 | 0.07 | Jul 26, 2019 | Axway SecureTransport 5.x through 5.3 (or 5.x through 5.5 with certain API configuration) is vulnerable to unauthenticated blind XML injection (and XXE) in the resetPassword functionality via the REST API. This vulnerability can lead to local file disclosure, DoS, or URI… | ||
| CVE-2019-5604 | Cri | 0.63 | 9.6 | 0.03 | Jul 26, 2019 | In FreeBSD 12.0-STABLE before r350246, 12.0-RELEASE before 12.0-RELEASE-p8, 11.3-STABLE before r350247, 11.3-RELEASE before 11.3-RELEASE-p1, and 11.2-RELEASE before 11.2-RELEASE-p12, the emulated XHCI device included with the bhyve hypervisor did not properly validate data… | ||
| CVE-2019-10744 | — | Cri | 0.00 | 9.1 | 0.05 | Jul 26, 2019 | Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload. | |
| CVE-2018-11779 | Cri | 0.64 | 9.8 | 0.03 | Jul 26, 2019 | In Apache Storm versions 1.1.0 to 1.2.2, when the user is using the storm-kafka-client or storm-kafka modules, it is possible to cause the Storm UI daemon to deserialize user provided bytes into a Java class. | ||
| CVE-2019-11921 | Cri | 0.00 | 9.8 | 0.02 | Jul 25, 2019 | An out of bounds write is possible via a specially crafted packet in certain configurations of Proxygen due to improper handling of Base64 when parsing malformed binary content in Structured HTTP Headers. This issue affects versions of proxygen prior to v2019.07.22.00. | ||
| CVE-2019-13917 | Cri | 0.64 | 9.8 | 0.09 | Jul 25, 2019 | Exim 4.85 through 4.92 (fixed in 4.92.1) allows remote code execution as root in some unusual configurations that use the ${sort } expansion for items that can be controlled by an attacker (e.g., $local_part or $domain). | ||
| CVE-2019-9885 | Cri | 0.64 | 9.8 | 0.03 | Jul 25, 2019 | eClass platform < ip.2.5.10.2.1 allows an attacker to execute SQL command via /admin/academic/studenview_left.php StudentID parameter. | ||
| CVE-2019-9884 | Cri | 0.64 | 9.8 | 0.03 | Jul 25, 2019 | eClass platform < ip.2.5.10.2.1 allows an attacker to use GETS method to request /admin page to bypass the password validation and access management page. | ||
| CVE-2019-2327 | Cri | 0.64 | 9.8 | 0.01 | Jul 25, 2019 | Possible buffer overflow can occur when playing clip with incorrect element size in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206,… | ||
| CVE-2019-2322 | Cri | 0.64 | 9.8 | 0.01 | Jul 25, 2019 | Buffer overflow can occur when playing specific clip which is non-standard in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in… | ||
| CVE-2019-2309 | Cri | 0.64 | 9.8 | 0.01 | Jul 25, 2019 | While storing calibrated data from firmware in cache, An integer overflow may occur since data length received may exceed real data length. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,… | ||
| CVE-2019-2307 | Cri | 0.64 | 9.8 | 0.02 | Jul 25, 2019 | Possible integer underflow due to lack of validation before calculation of data length in 802.11 Rx management configuration in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice… | ||
| CVE-2019-2305 | Cri | 0.64 | 9.8 | 0.01 | Jul 25, 2019 | Out of bound access when reason code is extracted from frame data without validating the frame length in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150,… | ||
| CVE-2019-2276 | Cri | 0.64 | 9.8 | 0.01 | Jul 25, 2019 | Possible out of bound read occurs while processing beaconing request due to lack of check on action frames received from user controlled space in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music… | ||
| CVE-2019-2254 | Cri | 0.64 | 9.8 | 0.01 | Jul 25, 2019 | Position determination accuracy may be degraded due to wrongly decoded information in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206,… | ||
| CVE-2019-2253 | Cri | 0.64 | 9.8 | 0.01 | Jul 25, 2019 | Buffer over-read can occur while parsing an ogg file with a corrupted comment block. in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150,… | ||
| CVE-2019-1010176 | Cri | 0.64 | 9.8 | 0.03 | Jul 25, 2019 | JerryScript commit 4e58ccf68070671e1fff5cd6673f0c1d5b80b166 is affected by: Buffer Overflow. The impact is: denial of service and possibly arbitrary code execution. The component is: function lit_char_to_utf8_bytes (jerry-core/lit/lit-char-helpers.c:377). The attack vector is:… | ||
| CVE-2019-1010174 | Cri | 0.64 | 9.8 | 0.05 | Jul 25, 2019 | CImg The CImg Library v.2.3.3 and earlier is affected by: command injection. The impact is: RCE. The component is: load_network() function. The attack vector is: Loading an image from a user-controllable url can lead to command injection, because no string sanitization is done… | ||
| CVE-2019-1010161 | Cri | 0.64 | 9.8 | 0.01 | Jul 25, 2019 | perl-CRYPT-JWT 0.022 and earlier is affected by: Incorrect Access Control. The impact is: bypass authentication. The component is: JWT.pm for JWT security token, line 614 in _decode_jws(). The attack vector is: network connectivity(crafting user-controlled input to bypass… | ||
| CVE-2019-1010191 | Cri | 0.00 | 9.8 | 0.01 | Jul 24, 2019 | marginalia < 1.6 is affected by: SQL Injection. The impact is: The impact is a injection of any SQL queries when a user controller argument is added as a component. The component is: Affects users that add a component that is user controller, for instance a parameter or a… | ||
| CVE-2019-1010179 | Cri | 0.64 | 9.8 | 0.03 | Jul 24, 2019 | PHKP including commit 88fd9cfdf14ea4b6ac3e3967feea7bcaabb6f03b is affected by: Improper Neutralization of Special Elements used in a Command ('Command Injection'). The impact is: It is possible to manipulate gpg-keys or execute commands remotely. The component is: function… | ||
| CVE-2019-1010178 | Cri | 0.64 | 9.8 | 0.05 | Jul 24, 2019 | Fred MODX Revolution < 1.0.0-beta5 is affected by: Incorrect Access Control - CWE-648. The impact is: Remote Code Execution. The component is: assets/components/fred/web/elfinder/connector.php. The attack vector is: Uploading a PHP file or change data in the database. The fixed… | ||
| CVE-2019-1010177 | Cri | 0.64 | 9.8 | 0.02 | Jul 24, 2019 | Jsish 2.4.70 2.047 is affected by: Use After Free. The impact is: denial of service and possibly arbitrary code execution. The component is: function Jsi_RegExpNew (jsi/jsiRegexp.c:39). The attack vector is: executing crafted javascript code. The fixed version is: after commit… | ||
| CVE-2019-2856 | Cri | 0.64 | 9.8 | 0.02 | Jul 23, 2019 | Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Application Container - JavaEE). Supported versions that are affected is 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to… | ||
| CVE-2019-2828 | Cri | 0.63 | 9.6 | 0.02 | Jul 23, 2019 | Vulnerability in the Oracle Field Service component of Oracle E-Business Suite (subcomponent: Wireless). Supported versions that are affected are 12.1.1 - 12.1.3 and 12.2.3 - 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to… | ||
| CVE-2019-2775 | Cri | 0.59 | 9.1 | 0.02 | Jul 23, 2019 | Vulnerability in the Oracle Payments component of Oracle E-Business Suite (subcomponent: File Transmission). Supported versions that are affected are 12.1.1 - 12.1.3 and 12.2.3 - 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via… |
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with an unvalidated length at nfs_readlink_reply, in the "if" block after calculating the new path length.
- risk 0.64cvss 9.8epss 0.03
An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a net_process_received_packet integer underflow during an nc_input_packet call.
- risk 0.64cvss 9.8epss 0.02
SQL Injection in the Nextcloud Android app prior to version 3.0.0 allows to destroy a local cache when a harmful query is executed requiring to resetup the account.
- risk 0.64cvss 9.8epss 0.01
OXID eShop 6.0.x before 6.0.5 and 6.1.x before 6.1.4 allows SQL Injection via a crafted URL, leading to full access by an attacker. This includes all shopping cart options, customer data, and the database. No interaction between the attacker and the victim is necessary.
- risk 0.64cvss 9.8epss 0.02
In Univa Grid Engine before 8.6.3, when configured for Docker jobs and execd spooling on root_squash, weak file permissions ("other" write access) occur in certain cases (GE-6890).
- risk 0.64cvss 9.8epss 0.04
A SQL injection vulnerability exists in the 10Web Photo Gallery plugin before 1.5.31 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via filemanager/model.php.
- risk 0.64cvss 9.8epss 0.02
An issue was discovered that affects the following versions of Rancher: v2.0.0 through v2.0.13, v2.1.0 through v2.1.8, and v2.2.0 through 2.2.1. When Rancher starts for the first time, it creates a default admin user with a well-known password. After initial setup, the Rancher…
- risk 0.64cvss 9.8epss 0.02
cPanel before 76.0.8 allows remote attackers to execute arbitrary code via mailing-list attachments (SEC-452).
- risk 0.63cvss 9.1epss 0.45
The WP Fastest Cache plugin through 0.8.9.5 for WordPress allows wpFastestCache.php and inc/cache.php Directory Traversal.
- risk 0.64cvss 9.8epss 0.03
In FreeType before 2.6.1, a buffer over-read occurs in type1/t1parse.c on function T1_Get_Private_Dict where there is no check that the new values of cur and limit are sensible before going to Again.
- risk 0.64cvss 9.8epss 0.04
In MatrixSSL 3.8.3 Open through 4.2.1 Open, the DTLS server mishandles incoming network messages leading to a heap-based buffer overflow of up to 256 bytes and possible Remote Code Execution in parseSSLHandshake in sslDecode.c. During processing of a crafted packet, the server…
- risk 0.64cvss 9.8epss 0.02
Apache VCL versions 2.1 through 2.5 do not properly validate form input when processing a submitted block allocation. The form data is then used as an argument to the php built in function strtotime. This allows for an attack against the underlying implementation of that…
- risk 0.58cvss 9.8epss 0.19
In Docker 19.03.x before 19.03.1 linked against the GNU C Library (aka glibc), code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container.
- risk 0.64cvss 9.8epss 0.04
A SQL injection vulnerability exists in the Vsourz Digital Advanced CF7 DB plugin through 1.6.1 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system.
- risk 0.57cvss 9.8epss 0.08
SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution.
- risk 0.64cvss 9.8epss 0.03
A stack-based buffer overflow in the upnpd binary running on NETGEAR WNDR3400v3 routers with firmware version 1.0.1.18_1.0.63 allows an attacker to remotely execute arbitrary code via a crafted UPnP SSDP packet.
- risk 0.00cvss 9.8epss 0.03
In the Linux kernel before 4.14, an out of boundary access happened in drivers/nvme/target/fc.c.
- risk 0.57cvss 9.8epss 0.03
In the Linux kernel before 4.9.6, there is an off by one in the drivers/mtd/spi-nor/cadence-quadspi.c cqspi_setup_flash() function. There are CQSPI_MAX_CHIPSELECT elements in the ->f_pdata array so the ">" should be ">=" instead.
- risk 0.57cvss 9.8epss 0.03
In the Linux kernel before 3.4, a buffer overflow occurs in drivers/net/wireless/iwlwifi/iwl-agn-sta.c, which will cause at least memory corruption.
- risk 0.57cvss 9.8epss 0.04
In the Linux kernel before 3.1, an off by one in the drivers/target/loopback/tcm_loop.c tcm_loop_make_naa_tpg() function could result in at least memory corruption.
- risk 0.57cvss 9.8epss 0.03
In the Linux kernel before 2.6.20, there is an off-by-one bug in net/netlabel/netlabel_cipso_v4.c where it is possible to overflow the doi_def->tags[] array.
- risk 0.58cvss 9.8epss 0.16
initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description.
- risk 0.64cvss 9.8epss 0.03
The simple_captcha2 gem 0.2.3 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party.
- risk 0.64cvss 9.8epss 0.03
The datagrid gem 1.0.6 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party.
- risk 0.64cvss 9.8epss 0.07
Axway SecureTransport 5.x through 5.3 (or 5.x through 5.5 with certain API configuration) is vulnerable to unauthenticated blind XML injection (and XXE) in the resetPassword functionality via the REST API. This vulnerability can lead to local file disclosure, DoS, or URI…
- risk 0.63cvss 9.6epss 0.03
In FreeBSD 12.0-STABLE before r350246, 12.0-RELEASE before 12.0-RELEASE-p8, 11.3-STABLE before r350247, 11.3-RELEASE before 11.3-RELEASE-p1, and 11.2-RELEASE before 11.2-RELEASE-p12, the emulated XHCI device included with the bhyve hypervisor did not properly validate data…
- risk 0.00cvss 9.1epss 0.05
Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload.
- risk 0.64cvss 9.8epss 0.03
In Apache Storm versions 1.1.0 to 1.2.2, when the user is using the storm-kafka-client or storm-kafka modules, it is possible to cause the Storm UI daemon to deserialize user provided bytes into a Java class.
- risk 0.00cvss 9.8epss 0.02
An out of bounds write is possible via a specially crafted packet in certain configurations of Proxygen due to improper handling of Base64 when parsing malformed binary content in Structured HTTP Headers. This issue affects versions of proxygen prior to v2019.07.22.00.
- risk 0.64cvss 9.8epss 0.09
Exim 4.85 through 4.92 (fixed in 4.92.1) allows remote code execution as root in some unusual configurations that use the ${sort } expansion for items that can be controlled by an attacker (e.g., $local_part or $domain).
- risk 0.64cvss 9.8epss 0.03
eClass platform < ip.2.5.10.2.1 allows an attacker to execute SQL command via /admin/academic/studenview_left.php StudentID parameter.
- risk 0.64cvss 9.8epss 0.03
eClass platform < ip.2.5.10.2.1 allows an attacker to use GETS method to request /admin page to bypass the password validation and access management page.
- risk 0.64cvss 9.8epss 0.01
Possible buffer overflow can occur when playing clip with incorrect element size in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206,…
- risk 0.64cvss 9.8epss 0.01
Buffer overflow can occur when playing specific clip which is non-standard in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in…
- risk 0.64cvss 9.8epss 0.01
While storing calibrated data from firmware in cache, An integer overflow may occur since data length received may exceed real data length. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,…
- risk 0.64cvss 9.8epss 0.02
Possible integer underflow due to lack of validation before calculation of data length in 802.11 Rx management configuration in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice…
- risk 0.64cvss 9.8epss 0.01
Out of bound access when reason code is extracted from frame data without validating the frame length in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150,…
- risk 0.64cvss 9.8epss 0.01
Possible out of bound read occurs while processing beaconing request due to lack of check on action frames received from user controlled space in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music…
- risk 0.64cvss 9.8epss 0.01
Position determination accuracy may be degraded due to wrongly decoded information in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206,…
- risk 0.64cvss 9.8epss 0.01
Buffer over-read can occur while parsing an ogg file with a corrupted comment block. in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150,…
- risk 0.64cvss 9.8epss 0.03
JerryScript commit 4e58ccf68070671e1fff5cd6673f0c1d5b80b166 is affected by: Buffer Overflow. The impact is: denial of service and possibly arbitrary code execution. The component is: function lit_char_to_utf8_bytes (jerry-core/lit/lit-char-helpers.c:377). The attack vector is:…
- risk 0.64cvss 9.8epss 0.05
CImg The CImg Library v.2.3.3 and earlier is affected by: command injection. The impact is: RCE. The component is: load_network() function. The attack vector is: Loading an image from a user-controllable url can lead to command injection, because no string sanitization is done…
- risk 0.64cvss 9.8epss 0.01
perl-CRYPT-JWT 0.022 and earlier is affected by: Incorrect Access Control. The impact is: bypass authentication. The component is: JWT.pm for JWT security token, line 614 in _decode_jws(). The attack vector is: network connectivity(crafting user-controlled input to bypass…
- risk 0.00cvss 9.8epss 0.01
marginalia < 1.6 is affected by: SQL Injection. The impact is: The impact is a injection of any SQL queries when a user controller argument is added as a component. The component is: Affects users that add a component that is user controller, for instance a parameter or a…
- risk 0.64cvss 9.8epss 0.03
PHKP including commit 88fd9cfdf14ea4b6ac3e3967feea7bcaabb6f03b is affected by: Improper Neutralization of Special Elements used in a Command ('Command Injection'). The impact is: It is possible to manipulate gpg-keys or execute commands remotely. The component is: function…
- risk 0.64cvss 9.8epss 0.05
Fred MODX Revolution < 1.0.0-beta5 is affected by: Incorrect Access Control - CWE-648. The impact is: Remote Code Execution. The component is: assets/components/fred/web/elfinder/connector.php. The attack vector is: Uploading a PHP file or change data in the database. The fixed…
- risk 0.64cvss 9.8epss 0.02
Jsish 2.4.70 2.047 is affected by: Use After Free. The impact is: denial of service and possibly arbitrary code execution. The component is: function Jsi_RegExpNew (jsi/jsiRegexp.c:39). The attack vector is: executing crafted javascript code. The fixed version is: after commit…
- risk 0.64cvss 9.8epss 0.02
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Application Container - JavaEE). Supported versions that are affected is 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to…
- risk 0.63cvss 9.6epss 0.02
Vulnerability in the Oracle Field Service component of Oracle E-Business Suite (subcomponent: Wireless). Supported versions that are affected are 12.1.1 - 12.1.3 and 12.2.3 - 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to…
- risk 0.59cvss 9.1epss 0.02
Vulnerability in the Oracle Payments component of Oracle E-Business Suite (subcomponent: File Transmission). Supported versions that are affected are 12.1.1 - 12.1.3 and 12.2.3 - 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via…