Search
Total
17685 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-10778 | 1 Devcert-sanscache Project | 1 Devcert-sanscache | 2020-01-13 | 7.5 HIGH | 9.8 CRITICAL |
| devcert-sanscache before 0.4.7 allows remote attackers to execute arbitrary code or cause a Command Injection via the exec function. The variable `commonName` controlled by user input is used as part of the `exec` function without any sanitization. | |||||
| CVE-2019-15785 | 1 Fontforge | 1 Fontforge | 2020-01-13 | 7.5 HIGH | 9.8 CRITICAL |
| FontForge 20190813 through 20190820 has a buffer overflow in PrefsUI_LoadPrefs in prefs.c. | |||||
| CVE-2019-10776 | 1 Git-diff-apply Project | 1 Git-diff-apply | 2020-01-12 | 7.5 HIGH | 9.8 CRITICAL |
| In "index.js" file line 240, the run command executes the git command with a user controlled variable called remoteUrl. This affects git-diff-apply all versions prior to 0.22.2. | |||||
| CVE-2017-7324 | 1 Modx | 1 Modx Revolution | 2020-01-10 | 7.5 HIGH | 9.8 CRITICAL |
| setup/templates/findcore.php in MODX Revolution 2.5.4-pl and earlier allows remote attackers to execute arbitrary PHP code via the core_path parameter. | |||||
| CVE-2017-7321 | 1 Modx | 1 Modx Revolution | 2020-01-10 | 7.5 HIGH | 9.8 CRITICAL |
| setup/controllers/welcome.php in MODX Revolution 2.5.4-pl and earlier allows remote attackers to execute arbitrary PHP code via the config_key parameter to the setup/index.php?action=welcome URI. | |||||
| CVE-2015-5951 | 1 Thomsonreuters | 1 Fatca | 2020-01-10 | 9.0 HIGH | 9.9 CRITICAL |
| A file upload issue exists in the specid parameter in Thomson Reuters FATCH before 5.2, which allows malicious users to upload arbitrary PHP files to the web root and execute system commands. | |||||
| CVE-2014-1598 | 1 Centurystar Project | 1 Centurystar | 2020-01-10 | 10.0 HIGH | 9.8 CRITICAL |
| centurystar 7.12 ActiveX Control has a Stack Buffer Overflow | |||||
| CVE-2019-19628 | 1 Gitlab | 1 Gitlab | 2020-01-10 | 7.5 HIGH | 9.8 CRITICAL |
| In GitLab EE 11.3 through 12.5.3, 12.4.5, and 12.3.8, insufficient parameter sanitization for the Maven package registry could lead to privilege escalation and remote code execution vulnerabilities under certain conditions. | |||||
| CVE-2014-1409 | 1 Mobileiron | 2 Sentry, Virtual Smartphone Platform | 2020-01-10 | 6.4 MEDIUM | 9.1 CRITICAL |
| MobileIron VSP versions prior to 5.9.1 and Sentry versions prior to 5.0 have an authentication bypass vulnerability due to an XML file with obfuscated passwords | |||||
| CVE-2013-4976 | 1 Hikvision | 2 Ds-2cd7153-e, Ds-2cd7153-e Firmware | 2020-01-10 | 7.5 HIGH | 9.8 CRITICAL |
| Hikvision DS-2CD7153-E IP Camera has security bypass via hardcoded credentials | |||||
| CVE-2019-13445 | 1 Ros | 1 Ros-comm | 2020-01-09 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in the ROS communications-related packages (aka ros_comm or ros-melodic-ros-comm) through 1.14.3. parseOptions() in tools/rosbag/src/record.cpp has an integer overflow when a crafted split option can be entered on the command line. | |||||
| CVE-2019-7478 | 1 Sonicwall | 1 Global Management System | 2020-01-09 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability in GMS allow unauthenticated user to SQL injection in Webservice module. This vulnerability affected GMS versions GMS 8.4, 8.5, 8.6, 8.7, 9.0 and 9.1. | |||||
| CVE-2013-5122 | 1 Cisco | 8 Linksys E4200, Linksys E4200 Firmware, Linksys Ea2700 and 5 more | 2020-01-09 | 10.0 HIGH | 9.8 CRITICAL |
| Cisco Linksys Routers EA2700, EA3500, E4200, EA4500: A bug can cause an unsafe TCP port to open which leads to unauthenticated access | |||||
| CVE-2013-7070 | 1 Fibranet | 1 Monitorix | 2020-01-09 | 10.0 HIGH | 9.8 CRITICAL |
| The handle_request function in lib/HTTPServer.pm in Monitorix before 3.3.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the URI. | |||||
| CVE-2019-15911 | 1 Asus | 14 As-101, As-101 Firmware, Dl-101 and 11 more | 2020-01-09 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on ASUS HG100, MW100, WS-101, TS-101, AS-101, MS-101, DL-101 devices using ZigBee PRO. Because of insecure key transport in ZigBee communication, attackers can obtain sensitive information, cause the multiple denial of service attacks, take over smart home devices, and tamper with messages. | |||||
| CVE-2020-5514 | 1 Gilacms | 1 Gila Cms | 2020-01-09 | 9.0 HIGH | 9.1 CRITICAL |
| Gila CMS 1.11.8 allows Unrestricted Upload of a File with a Dangerous Type via .phar or .phtml to the lzld/thumb?src= URI. | |||||
| CVE-2013-3085 | 1 Belkin | 2 F5d8236-4, F5d8236-4 Firmware | 2020-01-09 | 7.5 HIGH | 9.8 CRITICAL |
| An authentication bypass exists in the web management interface in Belkin F5D8236-4 v2. | |||||
| CVE-2019-19735 | 1 Mfscripts | 1 Yetishare | 2020-01-08 | 6.4 MEDIUM | 9.1 CRITICAL |
| class.userpeer.php in MFScripts YetiShare 3.5.2 through 4.5.3 uses an insecure method of creating password reset hashes (based only on microtime), which allows an attacker to guess the hash and set the password within a few hours by bruteforcing. | |||||
| CVE-2013-3941 | 1 Xnview | 1 Xnview | 2020-01-08 | 7.5 HIGH | 9.8 CRITICAL |
| Xjp2.dll in XnView before 2.13 allows remote attackers to execute arbitrary code via (1) the Csiz parameter in a SIZ marker, which triggers an incorrect memory allocation, or (2) the lqcd field in a QCD marker in a crafted JPEG2000 file, which leads to a heap-based buffer overflow. | |||||
| CVE-2019-18956 | 1 Divisait | 4 Dv2eemvc, Proxia Phr, Proxia Suite and 1 more | 2020-01-08 | 7.5 HIGH | 9.8 CRITICAL |
| Divisa Proxia Suite 9 < 9.12.16, 9.11.19, 9.10.26, 9.9.8, 9.8.43 and 9.7.10, 10.0 < 10.0.32, and 10.1 < 10.1.5, SparkSpace 1.0 < 1.0.30, 1.1 < 1.1.2, and 1.2 < 1.2.4, and Proxia PHR 1.0 < 1.0.30 and 1.1 < 1.1.2 allows remote code execution via untrusted Java deserialization. The proxia-error cookie is insecurely deserialized in every request (GET or POST). Thus, an unauthenticated attacker can easily craft a seria1.0lized payload in order to execute arbitrary code via the prepareError function in the com.divisait.dv2ee.controller.MVCControllerServlet class of the dv2eemvc.jar component. allows remote code execution via untrusted Java deserialization. The proxia-error cookie is insecurely deserialized in every request (GET or POST). Thus, an unauthenticated attacker can easily craft a serialized payload in order to execute arbitrary code via the prepareError function in the com.divisait.dv2ee.controller.MVCControllerServlet class of the dv2eemvc.jar component. Affected products include Proxia Premium Edition 2017 and Sparkspace. | |||||
| CVE-2019-2204 | 1 Google | 1 Android | 2020-01-08 | 10.0 HIGH | 9.8 CRITICAL |
| In FindSharedFunctionInfo of objects.cc, there is a possible out of bounds read due to a mistake in AST traversal. This could lead to remote code execution in the pacprocessor with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9 Android ID: A-138442295 | |||||
| CVE-2019-19781 | 1 Citrix | 6 Application Delivery Controller, Application Delivery Controller Firmware, Gateway and 3 more | 2020-01-08 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal. | |||||
| CVE-2007-0158 | 1 Acme | 1 Thttpd | 2020-01-08 | 7.5 HIGH | 9.8 CRITICAL |
| thttpd 2007 has buffer underflow. | |||||
| CVE-2019-16327 | 1 Dlink | 2 Dir-601, Dir-601 Firmware | 2020-01-08 | 7.5 HIGH | 9.8 CRITICAL |
| D-Link DIR-601 B1 2.00NA devices are vulnerable to authentication bypass. They do not check for authentication at the server side and rely on client-side validation, which is bypassable. NOTE: this is an end-of-life product. | |||||
| CVE-2019-13566 | 1 Ros | 1 Ros-comm | 2020-01-08 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in the ROS communications-related packages (aka ros_comm or ros-melodic-ros-comm) through 1.14.3. A buffer overflow allows attackers to cause a denial of service and possibly execute arbitrary code via an IP address with a long hostname. | |||||
| CVE-2014-8673 | 1 Soplanning | 1 Soplanning | 2020-01-08 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple SQL vulnerabilities exist in planning.php, user_list.php, projets.php, user_groupes.php, and groupe_list.php in Simple Online Planning (SOPPlanning)before 1.33. | |||||
| CVE-2019-10672 | 1 Symonics | 1 Libmysofa | 2020-01-08 | 7.5 HIGH | 9.8 CRITICAL |
| treeRead in hdf/btree.c in libmysofa before 0.7 does not properly validate multiplications and additions. | |||||
| CVE-2019-20041 | 1 Wordpress | 1 Wordpress | 2020-01-08 | 7.5 HIGH | 9.8 CRITICAL |
| wp_kses_bad_protocol in wp-includes/kses.php in WordPress before 5.3.1 mishandles the HTML5 colon named entity, allowing attackers to bypass input sanitization, as demonstrated by the javascript: substring. | |||||
| CVE-2019-19844 | 2 Canonical, Djangoproject | 2 Ubuntu Linux, Django | 2020-01-08 | 5.0 MEDIUM | 9.8 CRITICAL |
| Django before 1.11.27, 2.x before 2.2.9, and 3.x before 3.0.1 allows account takeover. A suitably crafted email address (that is equal to an existing user's email address after case transformation of Unicode characters) would allow an attacker to be sent a password reset token for the matched user account. (One mitigation in the new releases is to send password reset tokens only to the registered user email address.) | |||||
| CVE-2017-18514 | 1 Simplerealtytheme | 1 Simple Login Log | 2020-01-07 | 7.5 HIGH | 9.8 CRITICAL |
| The simple-login-log plugin before 1.1.2 for WordPress has SQL injection. | |||||
| CVE-2019-20049 | 1 Al-enterprise | 1 Omnivista 4760 | 2020-01-07 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered on Alcatel-Lucent OmniVista 4760 devices. A remote unauthenticated attacker can chain a directory traversal (which helps to bypass authentication) with an insecure file upload to achieve Remote Code Execution as SYSTEM. The directory traversal is in the __construct() whereas the insecure file upload is in SetSkinImages(). | |||||
| CVE-2017-18381 | 2 Edx, Mongodb | 2 Edx-platform, Mongodb | 2020-01-07 | 6.5 MEDIUM | 9.1 CRITICAL |
| The installation process in Open edX before 2017-01-10 exposes a MongoDB instance to external connections with default credentials. | |||||
| CVE-2013-4743 | 1 Static Http Server Project | 1 Static Http Server | 2020-01-07 | 7.5 HIGH | 9.8 CRITICAL |
| Static HTTP Server 1.0 has a Local Overflow | |||||
| CVE-2019-14897 | 1 Linux | 1 Linux Kernel | 2020-01-07 | 7.5 HIGH | 9.8 CRITICAL |
| A stack-based buffer overflow was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. An attacker is able to cause a denial of service (system crash) or, possibly execute arbitrary code, when a STA works in IBSS mode (allows connecting stations together without the use of an AP) and connects to another STA. | |||||
| CVE-2019-19088 | 1 Gitlab | 1 Gitlab | 2020-01-06 | 7.5 HIGH | 9.8 CRITICAL |
| Gitlab Enterprise Edition (EE) 11.3 through 12.4.2 allows Directory Traversal. | |||||
| CVE-2013-4621 | 1 Magdevgroup | 1 Magnolia Cms | 2020-01-04 | 7.5 HIGH | 9.8 CRITICAL |
| Magnolia CMS before 4.5.9 has multiple access bypass vulnerabilities | |||||
| CVE-2019-5390 | 1 Hp | 1 Intelligent Management Center | 2020-01-04 | 10.0 HIGH | 9.8 CRITICAL |
| A remote command injection vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
| CVE-2019-19977 | 1 Libesmtp Project | 1 Libesmtp | 2020-01-03 | 7.5 HIGH | 9.8 CRITICAL |
| libESMTP through 1.0.6 mishandles domain copying into a fixed-size buffer in ntlm_build_type_2 in ntlm/ntlmstruct.c, as demonstrated by a stack-based buffer over-read. | |||||
| CVE-2019-10774 | 1 Php-shellcommand Project | 1 Php-shellcommand | 2020-01-03 | 10.0 HIGH | 9.8 CRITICAL |
| php-shellcommand versions before 1.6.1 have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2019-12568 | 1 Open Tftp Server Project | 1 Open Tftp Server | 2020-01-03 | 7.5 HIGH | 9.8 CRITICAL |
| Stack-based overflow vulnerability in the logMess function in Open TFTP Server SP 1.66 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via a long TFTP error packet, a different vulnerability than CVE-2018-10387 and CVE-2019-12567. | |||||
| CVE-2018-10389 | 1 Open Tftp Server Project | 1 Open Tftp Server | 2020-01-03 | 7.5 HIGH | 9.8 CRITICAL |
| Format string vulnerability in the logMess function in TFTP Server MT 1.65 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via format string sequences in a TFTP error packet. | |||||
| CVE-2018-10388 | 1 Open Tftp Server Project | 1 Open Tftp Server | 2020-01-03 | 7.5 HIGH | 9.8 CRITICAL |
| Format string vulnerability in the logMess function in TFTP Server SP 1.66 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via format string sequences in a TFTP error packet. | |||||
| CVE-2019-16535 | 1 Yandex | 1 Clickhouse | 2020-01-03 | 7.5 HIGH | 9.8 CRITICAL |
| In all versions of ClickHouse before 19.14, an OOB read, OOB write and integer underflow in decompression algorithms can be used to achieve RCE or DoS via native protocol. | |||||
| CVE-2019-19747 | 1 Neuvector | 1 Neuvector | 2020-01-03 | 7.5 HIGH | 9.8 CRITICAL |
| NeuVector 3.1 when configured to allow authentication via Active Directory, does not enforce non-empty passwords which allows an attacker with access to the Neuvector portal to authenticate as any valid LDAP user by providing a valid username and an empty password (provided that the active directory server has not been configured to reject empty passwords). | |||||
| CVE-2019-12567 | 1 Open Tftp Server Project | 1 Open Tftp Server | 2020-01-03 | 7.5 HIGH | 9.8 CRITICAL |
| Stack-based overflow vulnerability in the logMess function in Open TFTP Server MT 1.65 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via a long TFTP error packet, a different vulnerability than CVE-2018-10387 and CVE-2019-12568. | |||||
| CVE-2018-10387 | 1 Open Tftp Server Project | 1 Open Tftp Server | 2020-01-03 | 7.5 HIGH | 9.8 CRITICAL |
| Heap-based overflow vulnerability in TFTP Server SP 1.66 and earlier allows remote attackers to perform a denial of service or possibly execute arbitrary code via a long TFTP error packet, a different vulnerability than CVE-2008-2161. | |||||
| CVE-2019-15913 | 1 Mi | 10 Dgnwg03lm, Dgnwg03lm Firmware, Mccgq01lm and 7 more | 2020-01-03 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Xiaomi DGNWG03LM, ZNCZ03LM, MCCGQ01LM, WSDCGQ01LM, RTCGQ01LM devices. Because of insecure key transport in ZigBee communication, causing attackers to gain sensitive information and denial of service attack, take over smart home devices, and tamper with messages. | |||||
| CVE-2019-14896 | 3 Fedoraproject, Linux, Redhat | 3 Fedora, Linux Kernel, Enterprise Linux | 2020-01-03 | 10.0 HIGH | 9.8 CRITICAL |
| A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. A remote attacker could cause a denial of service (system crash) or, possibly execute arbitrary code, when the lbs_ibss_join_existing function is called after a STA connects to an AP. | |||||
| CVE-2019-10758 | 1 Mongo-express Project | 1 Mongo-express | 2020-01-02 | 9.0 HIGH | 9.9 CRITICAL |
| mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints that uses the `toBSON` method. A misuse of the `vm` dependency to perform `exec` commands in a non-safe environment. | |||||
| CVE-2019-17527 | 1 Joomsky | 1 Js Jobs | 2020-01-02 | 7.5 HIGH | 9.8 CRITICAL |
| dataForDepandantField in models/custormfields.php in the JS JOBS FREE extension before 1.2.7 for Joomla! allows SQL Injection via the index.php?option=com_jsjobs&task=customfields.getfieldtitlebyfieldandfieldfo child parameter. | |||||