| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-17412 | Cri | 0.64 | 9.8 | 0.02 | Mar 7, 2019 | zzcms v8.3 contains a SQL Injection vulnerability in /user/logincheck.php via an X-Forwarded-For HTTP header. | ||
| CVE-2018-16809 | Cri | 0.64 | 9.8 | 0.02 | Mar 7, 2019 | An issue was discovered in Dolibarr through 7.0.0. expensereport/card.php in the expense reports module allows SQL injection via the integer parameters qty and value_unit. | ||
| CVE-2018-18815 | Cri | 0.65 | 10.0 | 0.03 | Mar 7, 2019 | The REST API component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server for ActiveMatrix BPM, TIBCO Jaspersoft for AWS with Multi-Tenancy, and TIBCO Jaspersoft Reporting and Analytics for AWS contains a… | ||
| CVE-2019-0192 | Cri | 0.70 | 9.8 | 0.78 | Mar 7, 2019 | In Apache Solr versions 5.0.0 to 5.5.5 and 6.0.0 to 6.6.5, the Config API allows to configure the JMX server via an HTTP POST request. By pointing it to a malicious RMI server, an attacker could take advantage of Solr's unsafe deserialization to trigger remote code execution on… | ||
| CVE-2019-5019 | Cri | 0.64 | 9.8 | 0.02 | Mar 7, 2019 | A heap-based overflow vulnerability exists in the PowerPoint document conversion function of Rainbow PDF Office Server Document Converter V7.0 Pro R1 (7,0,2018,1113). While parsing Document Summary Property Set stream, the getSummaryInformation function is incorrectly checking… | ||
| CVE-2019-9626 | Cri | 0.64 | 9.8 | 0.01 | Mar 7, 2019 | PHPSHE 1.7 allows module/index/cart.php pintuan_id SQL Injection to index.php. | ||
| CVE-2019-9623 | Cri | 0.67 | 9.8 | 0.08 | Mar 7, 2019 | Feng Office 3.7.0.5 allows remote attackers to execute arbitrary code via "<!--#exec cmd=" in a .shtml file to ck_upload_handler.php. | ||
| CVE-2019-0187 | — | Cri | 0.64 | 9.8 | 0.03 | Mar 6, 2019 | Unauthenticated RCE is possible when JMeter is used in distributed mode (-r or -R command line options). Attacker can establish a RMI connection to a jmeter-server using RemoteJMeterEngine and proceed with an attack using untrusted data deserialization. This only affect tests… | |
| CVE-2019-9594 | Cri | 0.64 | 9.8 | 0.01 | Mar 6, 2019 | BlueCMS 1.6 allows SQL Injection via the user_id parameter in an uploads/admin/user.php?act=edit request. | ||
| CVE-2019-0729 | Cri | 0.64 | 9.8 | 0.03 | Mar 5, 2019 | An Elevation of Privilege vulnerability exists in the way Azure IoT Java SDK generates symmetric keys for encryption, allowing an attacker to predict the randomness of the key, aka 'Azure IoT Java SDK Elevation of Privilege Vulnerability'. | ||
| CVE-2019-0626 | Cri | 0.69 | 9.8 | 0.68 | Mar 5, 2019 | A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP server, aka 'Windows DHCP Server Remote Code Execution Vulnerability'. | ||
| CVE-2019-0604 | Cri | 0.93 | 9.8 | 1.00 | KEV | Mar 5, 2019 | A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0594. | |
| CVE-2019-3922 | Cri | 0.64 | 9.8 | 0.05 | Mar 5, 2019 | The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to a stack buffer overflow via crafted HTTP POST request sent by a remote, unauthenticated attacker to /GponForm/fsetup_Form. An attacker can leverage this vulnerability to potentially… | ||
| CVE-2019-3918 | Cri | 0.64 | 9.8 | 0.02 | Mar 5, 2019 | The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 contains multiple hard coded credentials for the Telnet and SSH interfaces. | ||
| CVE-2019-6563 | Cri | 0.64 | 9.8 | 0.02 | Mar 5, 2019 | Moxa IKS and EDS generate a predictable cookie calculated with an MD5 hash, allowing an attacker to capture the administrator's password, which could lead to a full compromise of the device. | ||
| CVE-2019-6557 | Cri | 0.64 | 9.8 | 0.05 | Mar 5, 2019 | Several buffer overflow vulnerabilities have been identified in Moxa IKS and EDS, which may allow remote code execution. | ||
| CVE-2019-6524 | Cri | 0.64 | 9.8 | 0.03 | Mar 5, 2019 | Moxa IKS and EDS do not implement sufficient measures to prevent multiple failed authentication attempts, which may allow an attacker to discover passwords via brute force attack. | ||
| CVE-2019-6522 | Cri | 0.59 | 9.1 | 0.03 | Mar 5, 2019 | Moxa IKS and EDS fails to properly check array bounds which may allow an attacker to read device memory on arbitrary addresses, and may allow an attacker to retrieve sensitive data or cause device reboot. | ||
| CVE-2018-19725 | Cri | 0.64 | 9.8 | 0.04 | Mar 5, 2019 | Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a security bypass vulnerability. Successful exploitation could lead to privilege escalation. | ||
| CVE-2019-4032 | Cri | 0.64 | 9.8 | 0.02 | Mar 5, 2019 | IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.1.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM… | ||
| CVE-2019-8262 | Cri | 0.64 | 9.8 | 0.05 | Mar 5, 2019 | UltraVNC revision 1203 has multiple heap buffer overflow vulnerabilities in VNC client code inside Ultra decoder, which results in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1204. | ||
| CVE-2019-8261 | Cri | 0.64 | 9.8 | 0.02 | Mar 5, 2019 | UltraVNC revision 1199 has a out-of-bounds read vulnerability in VNC code inside client CoRRE decoder, caused by multiplication overflow. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1200. | ||
| CVE-2019-8260 | Cri | 0.64 | 9.8 | 0.02 | Mar 5, 2019 | UltraVNC revision 1199 has a out-of-bounds read vulnerability in VNC client RRE decoder code, caused by multiplication overflow. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1200. | ||
| CVE-2019-8258 | Cri | 0.64 | 9.8 | 0.04 | Mar 5, 2019 | UltraVNC revision 1198 has a heap buffer overflow vulnerability in VNC client code which results code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1199. | ||
| CVE-2018-15361 | Cri | 0.64 | 9.8 | 0.03 | Mar 5, 2019 | UltraVNC revision 1198 has a buffer underflow vulnerability in VNC client code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1199. | ||
| CVE-2019-6235 | Cri | 0.65 | 10.0 | 0.02 | Mar 4, 2019 | A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3, iTunes 12.9.3 for Windows. A sandboxed process may be able to circumvent sandbox restrictions. | ||
| CVE-2019-6206 | Cri | 0.64 | 9.8 | 0.01 | Mar 4, 2019 | An issue existed with autofill resuming after it was canceled. The issue was addressed with improved state management. This issue is fixed in iOS 12.1.3. Password autofill may fill in passwords after they were manually cleared. | ||
| CVE-2019-9566 | Cri | 0.64 | 9.8 | 0.02 | Mar 4, 2019 | FlarumChina v0.1.0-beta.7C has SQL injection via a /?q= request. | ||
| CVE-2019-9565 | Cri | 0.59 | 9.1 | 0.02 | Mar 4, 2019 | Druide Antidote RX, HD, 8 before 8.05.2287, 9 before 9.5.3937 and 10 before 10.1.2147 allows remote attackers to steal NTLM hashes or perform SMB relay attacks upon a direct launch of the product, or upon an indirect launch via an integration such as Chrome, Firefox, Word,… | ||
| CVE-2019-9552 | — | Cri | 0.64 | 9.8 | 0.02 | Mar 4, 2019 | Eloan V3.0 through 2018-09-20 allows remote attackers to list files via a direct request to the p2p/api/ or p2p/lib/ or p2p/images/ URI. | |
| CVE-2019-9546 | Cri | 0.64 | 9.8 | 0.03 | Mar 1, 2019 | SolarWinds Orion Platform before 2018.4 Hotfix 2 allows privilege escalation through the RabbitMQ service. | ||
| CVE-2019-9483 | Cri | 0.59 | 9.1 | 0.01 | Mar 1, 2019 | Amazon Ring Doorbell before 3.4.7 mishandles encryption, which allows attackers to obtain audio and video data, or insert spoofed video that does not correspond to the actual person at the door. | ||
| CVE-2019-1663 | Cri | 0.74 | 9.8 | 0.96 | Feb 28, 2019 | A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code on an affected… | ||
| CVE-2018-18498 | Cri | 0.64 | 9.8 | 0.04 | Feb 28, 2019 | A potential vulnerability leading to an integer overflow can occur during buffer size calculations for images when a raw value is used instead of the checked value. This leads to a possible out-of-bounds write. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4,… | ||
| CVE-2018-18493 | Cri | 0.64 | 9.8 | 0.05 | Feb 28, 2019 | A buffer overflow can occur in the Skia library during buffer offset calculations with hardware accelerated canvas 2D actions due to the use of 32-bit calculations instead of 64-bit. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.4,… | ||
| CVE-2018-18492 | Cri | 0.64 | 9.8 | 0.10 | Feb 28, 2019 | A use-after-free vulnerability can occur after deleting a selection element due to a weak reference to the select element in the options collection. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox <… | ||
| CVE-2018-12407 | Cri | 0.64 | 9.8 | 0.03 | Feb 28, 2019 | A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content, when working with the VertexBuffer11 module. This results in a potentially exploitable crash. This vulnerability affects Firefox < 64. | ||
| CVE-2018-12405 | Cri | 0.64 | 9.8 | 0.03 | Feb 28, 2019 | Mozilla developers and community members reported memory safety bugs present in Firefox 63 and Firefox ESR 60.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This… | ||
| CVE-2018-12392 | Cri | 0.64 | 9.8 | 0.03 | Feb 28, 2019 | When manipulating user events in nested loops while opening a document through script, it is possible to trigger a potentially exploitable crash due to poor event handling. This vulnerability affects Firefox < 63, Firefox ESR < 60.3, and Thunderbird < 60.3. | ||
| CVE-2018-12390 | Cri | 0.64 | 9.8 | 0.03 | Feb 28, 2019 | Mozilla developers and community members reported memory safety bugs present in Firefox 62 and Firefox ESR 60.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This… | ||
| CVE-2019-9227 | Cri | 0.64 | 9.8 | 0.04 | Feb 28, 2019 | An issue was discovered in baigo CMS 2.1.1. There is a vulnerability that allows remote attackers to execute arbitrary code. A BG_SITE_NAME parameter with malicious code can be written into the opt_base.inc.php file. | ||
| CVE-2019-9215 | Cri | 0.64 | 9.8 | 0.02 | Feb 28, 2019 | In Live555 before 2019.02.27, malformed headers lead to invalid memory access in the parseAuthorizationHeader function. | ||
| CVE-2019-9212 | Cri | 0.64 | 9.8 | 0.03 | Feb 27, 2019 | SOFA-Hessian through 4.0.2 allows remote attackers to execute arbitrary commands via a crafted serialized Hessian object because blacklisting of com.caucho.naming.QName and com.sun.org.apache.xpath.internal.objects.XString is mishandled, related to Resin Gadget. NOTE: The vendor… | ||
| CVE-2019-9201 | Cri | 0.64 | 9.8 | 0.03 | Feb 26, 2019 | Multiple Phoenix Contact devices allow remote attackers to establish TCP sessions to port 1962 and obtain sensitive information or make changes, as demonstrated by using the Create Backup feature to traverse all directories. | ||
| CVE-2019-9195 | Cri | 0.00 | 9.8 | 0.04 | Feb 26, 2019 | util/src/zip.rs in Grin before 1.0.2 mishandles suspicious files. An attacker can execute arbitrary code via directory traversal in a ZIP archive. | ||
| CVE-2019-9194 | Cri | 0.04 | 9.8 | 0.97 | Feb 26, 2019 | elFinder before 2.1.48 has a command injection vulnerability in the PHP connector. | ||
| CVE-2019-7392 | Cri | 0.59 | 9.1 | 0.02 | Feb 26, 2019 | An improper authentication vulnerability in CA Privileged Access Manager 3.x Web-UI jk-manager and jk-status allows a remote attacker to gain sensitive information or alter configuration. | ||
| CVE-2019-9184 | Cri | 0.67 | 9.8 | 0.09 | Feb 26, 2019 | SQL injection vulnerability in the J2Store plugin 3.x before 3.3.7 for Joomla! allows remote attackers to execute arbitrary SQL commands via the product_option[] parameter. | ||
| CVE-2019-6592 | Cri | 0.59 | 9.1 | 0.01 | Feb 26, 2019 | On BIG-IP 14.1.0-14.1.0.1, TMM may restart and produce a core file when validating SSL certificates in client SSL or server SSL profiles. | ||
| CVE-2019-9169 | Cri | 0.64 | 9.8 | 0.05 | Feb 26, 2019 | In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match. |
- risk 0.64cvss 9.8epss 0.02
zzcms v8.3 contains a SQL Injection vulnerability in /user/logincheck.php via an X-Forwarded-For HTTP header.
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in Dolibarr through 7.0.0. expensereport/card.php in the expense reports module allows SQL injection via the integer parameters qty and value_unit.
- risk 0.65cvss 10.0epss 0.03
The REST API component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server for ActiveMatrix BPM, TIBCO Jaspersoft for AWS with Multi-Tenancy, and TIBCO Jaspersoft Reporting and Analytics for AWS contains a…
- risk 0.70cvss 9.8epss 0.78
In Apache Solr versions 5.0.0 to 5.5.5 and 6.0.0 to 6.6.5, the Config API allows to configure the JMX server via an HTTP POST request. By pointing it to a malicious RMI server, an attacker could take advantage of Solr's unsafe deserialization to trigger remote code execution on…
- risk 0.64cvss 9.8epss 0.02
A heap-based overflow vulnerability exists in the PowerPoint document conversion function of Rainbow PDF Office Server Document Converter V7.0 Pro R1 (7,0,2018,1113). While parsing Document Summary Property Set stream, the getSummaryInformation function is incorrectly checking…
- risk 0.64cvss 9.8epss 0.01
PHPSHE 1.7 allows module/index/cart.php pintuan_id SQL Injection to index.php.
- risk 0.67cvss 9.8epss 0.08
Feng Office 3.7.0.5 allows remote attackers to execute arbitrary code via "<!--#exec cmd=" in a .shtml file to ck_upload_handler.php.
- risk 0.64cvss 9.8epss 0.03
Unauthenticated RCE is possible when JMeter is used in distributed mode (-r or -R command line options). Attacker can establish a RMI connection to a jmeter-server using RemoteJMeterEngine and proceed with an attack using untrusted data deserialization. This only affect tests…
- risk 0.64cvss 9.8epss 0.01
BlueCMS 1.6 allows SQL Injection via the user_id parameter in an uploads/admin/user.php?act=edit request.
- risk 0.64cvss 9.8epss 0.03
An Elevation of Privilege vulnerability exists in the way Azure IoT Java SDK generates symmetric keys for encryption, allowing an attacker to predict the randomness of the key, aka 'Azure IoT Java SDK Elevation of Privilege Vulnerability'.
- risk 0.69cvss 9.8epss 0.68
A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP server, aka 'Windows DHCP Server Remote Code Execution Vulnerability'.
- risk 0.93cvss 9.8epss 1.00
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0594.
- risk 0.64cvss 9.8epss 0.05
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to a stack buffer overflow via crafted HTTP POST request sent by a remote, unauthenticated attacker to /GponForm/fsetup_Form. An attacker can leverage this vulnerability to potentially…
- risk 0.64cvss 9.8epss 0.02
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 contains multiple hard coded credentials for the Telnet and SSH interfaces.
- risk 0.64cvss 9.8epss 0.02
Moxa IKS and EDS generate a predictable cookie calculated with an MD5 hash, allowing an attacker to capture the administrator's password, which could lead to a full compromise of the device.
- risk 0.64cvss 9.8epss 0.05
Several buffer overflow vulnerabilities have been identified in Moxa IKS and EDS, which may allow remote code execution.
- risk 0.64cvss 9.8epss 0.03
Moxa IKS and EDS do not implement sufficient measures to prevent multiple failed authentication attempts, which may allow an attacker to discover passwords via brute force attack.
- risk 0.59cvss 9.1epss 0.03
Moxa IKS and EDS fails to properly check array bounds which may allow an attacker to read device memory on arbitrary addresses, and may allow an attacker to retrieve sensitive data or cause device reboot.
- risk 0.64cvss 9.8epss 0.04
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a security bypass vulnerability. Successful exploitation could lead to privilege escalation.
- risk 0.64cvss 9.8epss 0.02
IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.1.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM…
- risk 0.64cvss 9.8epss 0.05
UltraVNC revision 1203 has multiple heap buffer overflow vulnerabilities in VNC client code inside Ultra decoder, which results in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1204.
- risk 0.64cvss 9.8epss 0.02
UltraVNC revision 1199 has a out-of-bounds read vulnerability in VNC code inside client CoRRE decoder, caused by multiplication overflow. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1200.
- risk 0.64cvss 9.8epss 0.02
UltraVNC revision 1199 has a out-of-bounds read vulnerability in VNC client RRE decoder code, caused by multiplication overflow. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1200.
- risk 0.64cvss 9.8epss 0.04
UltraVNC revision 1198 has a heap buffer overflow vulnerability in VNC client code which results code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1199.
- risk 0.64cvss 9.8epss 0.03
UltraVNC revision 1198 has a buffer underflow vulnerability in VNC client code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1199.
- risk 0.65cvss 10.0epss 0.02
A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3, iTunes 12.9.3 for Windows. A sandboxed process may be able to circumvent sandbox restrictions.
- risk 0.64cvss 9.8epss 0.01
An issue existed with autofill resuming after it was canceled. The issue was addressed with improved state management. This issue is fixed in iOS 12.1.3. Password autofill may fill in passwords after they were manually cleared.
- risk 0.64cvss 9.8epss 0.02
FlarumChina v0.1.0-beta.7C has SQL injection via a /?q= request.
- risk 0.59cvss 9.1epss 0.02
Druide Antidote RX, HD, 8 before 8.05.2287, 9 before 9.5.3937 and 10 before 10.1.2147 allows remote attackers to steal NTLM hashes or perform SMB relay attacks upon a direct launch of the product, or upon an indirect launch via an integration such as Chrome, Firefox, Word,…
- risk 0.64cvss 9.8epss 0.02
Eloan V3.0 through 2018-09-20 allows remote attackers to list files via a direct request to the p2p/api/ or p2p/lib/ or p2p/images/ URI.
- risk 0.64cvss 9.8epss 0.03
SolarWinds Orion Platform before 2018.4 Hotfix 2 allows privilege escalation through the RabbitMQ service.
- risk 0.59cvss 9.1epss 0.01
Amazon Ring Doorbell before 3.4.7 mishandles encryption, which allows attackers to obtain audio and video data, or insert spoofed video that does not correspond to the actual person at the door.
- risk 0.74cvss 9.8epss 0.96
A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code on an affected…
- risk 0.64cvss 9.8epss 0.04
A potential vulnerability leading to an integer overflow can occur during buffer size calculations for images when a raw value is used instead of the checked value. This leads to a possible out-of-bounds write. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4,…
- risk 0.64cvss 9.8epss 0.05
A buffer overflow can occur in the Skia library during buffer offset calculations with hardware accelerated canvas 2D actions due to the use of 32-bit calculations instead of 64-bit. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.4,…
- risk 0.64cvss 9.8epss 0.10
A use-after-free vulnerability can occur after deleting a selection element due to a weak reference to the select element in the options collection. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox <…
- risk 0.64cvss 9.8epss 0.03
A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content, when working with the VertexBuffer11 module. This results in a potentially exploitable crash. This vulnerability affects Firefox < 64.
- risk 0.64cvss 9.8epss 0.03
Mozilla developers and community members reported memory safety bugs present in Firefox 63 and Firefox ESR 60.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This…
- risk 0.64cvss 9.8epss 0.03
When manipulating user events in nested loops while opening a document through script, it is possible to trigger a potentially exploitable crash due to poor event handling. This vulnerability affects Firefox < 63, Firefox ESR < 60.3, and Thunderbird < 60.3.
- risk 0.64cvss 9.8epss 0.03
Mozilla developers and community members reported memory safety bugs present in Firefox 62 and Firefox ESR 60.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This…
- risk 0.64cvss 9.8epss 0.04
An issue was discovered in baigo CMS 2.1.1. There is a vulnerability that allows remote attackers to execute arbitrary code. A BG_SITE_NAME parameter with malicious code can be written into the opt_base.inc.php file.
- risk 0.64cvss 9.8epss 0.02
In Live555 before 2019.02.27, malformed headers lead to invalid memory access in the parseAuthorizationHeader function.
- risk 0.64cvss 9.8epss 0.03
SOFA-Hessian through 4.0.2 allows remote attackers to execute arbitrary commands via a crafted serialized Hessian object because blacklisting of com.caucho.naming.QName and com.sun.org.apache.xpath.internal.objects.XString is mishandled, related to Resin Gadget. NOTE: The vendor…
- risk 0.64cvss 9.8epss 0.03
Multiple Phoenix Contact devices allow remote attackers to establish TCP sessions to port 1962 and obtain sensitive information or make changes, as demonstrated by using the Create Backup feature to traverse all directories.
- risk 0.00cvss 9.8epss 0.04
util/src/zip.rs in Grin before 1.0.2 mishandles suspicious files. An attacker can execute arbitrary code via directory traversal in a ZIP archive.
- risk 0.04cvss 9.8epss 0.97
elFinder before 2.1.48 has a command injection vulnerability in the PHP connector.
- risk 0.59cvss 9.1epss 0.02
An improper authentication vulnerability in CA Privileged Access Manager 3.x Web-UI jk-manager and jk-status allows a remote attacker to gain sensitive information or alter configuration.
- risk 0.67cvss 9.8epss 0.09
SQL injection vulnerability in the J2Store plugin 3.x before 3.3.7 for Joomla! allows remote attackers to execute arbitrary SQL commands via the product_option[] parameter.
- risk 0.59cvss 9.1epss 0.01
On BIG-IP 14.1.0-14.1.0.1, TMM may restart and produce a core file when validating SSL certificates in client SSL or server SSL profiles.
- risk 0.64cvss 9.8epss 0.05
In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.