Search
Total
17685 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-5882 | 2 Canonical, Irssi | 2 Ubuntu Linux, Irssi | 2019-02-26 | 7.5 HIGH | 9.8 CRITICAL |
| Irssi 1.1.x before 1.1.2 has a use after free when hidden lines are expired from the scroll buffer. | |||||
| CVE-2019-9081 | 1 Laravel | 1 Framework | 2019-02-26 | 7.5 HIGH | 9.8 CRITICAL |
| The Illuminate component of Laravel Framework 5.7.x has a deserialization vulnerability that can lead to remote code execution if the content is controllable, related to the __destruct method of the PendingCommand class in PendingCommand.php. | |||||
| CVE-2018-19601 | 1 Rhymix | 1 Rhymix | 2019-02-25 | 6.5 MEDIUM | 9.1 CRITICAL |
| Rhymix CMS 1.9.8.1 allows SSRF via an index.php?module=admin&act=dispModuleAdminFileBox SVG upload. | |||||
| CVE-2019-9028 | 1 Matio Project | 1 Matio | 2019-02-25 | 6.4 MEDIUM | 9.1 CRITICAL |
| An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a stack-based buffer over-read in the function InflateDimensions() in inflate.c when called from ReadNextCell in mat5.c. | |||||
| CVE-2019-9047 | 1 Fizzday | 1 Gorose | 2019-02-25 | 7.5 HIGH | 9.8 CRITICAL |
| GoRose v1.0.4 has SQL Injection when the order_by or group_by parameter can be controlled. | |||||
| CVE-2019-9015 | 1 Mopcms | 1 Mopcms | 2019-02-22 | 6.4 MEDIUM | 9.1 CRITICAL |
| A Path Traversal vulnerability was discovered in MOPCMS through 2018-11-30, leading to deletion of unexpected critical files. The exploitation point is in the "column management" function. The path added to the column is not verified. When a column is deleted by an attacker, the corresponding directory is deleted, as demonstrated by ./ to delete the entire web site. | |||||
| CVE-2018-19036 | 1 Bosch | 74 Autodome Ip 4000 Hd, Autodome Ip 4000i, Autodome Ip 5000 Hd and 71 more | 2019-02-22 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered in several Bosch IP cameras for firmware versions 6.32 and higher. A malicious client could potentially succeed in the unauthorized execution of code on the device via the network interface. | |||||
| CVE-2016-1000271 | 1 Dthdevelopment | 1 Dt Register | 2019-02-22 | 7.5 HIGH | 9.8 CRITICAL |
| Joomla extension DT Register version before 3.1.12 (Joomla 3.x) / 2.8.18 (Joomla 2.5) contains an SQL injection in "/index.php?controller=calendar&format=raw&cat[0]=SQLi&task=events". This attack appears to be exploitable if the attacker can reach the web server. | |||||
| CVE-2017-18362 | 1 Connectwise | 1 Manageditsync | 2019-02-22 | 7.5 HIGH | 9.8 CRITICAL |
| ConnectWise ManagedITSync integration through 2017 for Kaseya VSA is vulnerable to unauthenticated remote commands that allow full direct access to the Kaseya VSA database. In February 2019, attackers have actively exploited this in the wild to download and execute ransomware payloads on all endpoints managed by the VSA server. If the ManagedIT.asmx page is available via the Kaseya VSA web interface, anyone with access to the page is able to run arbitrary SQL queries, both read and write, without authentication. | |||||
| CVE-2019-7684 | 1 Inxedu | 1 Inxedu | 2019-02-22 | 10.0 HIGH | 9.8 CRITICAL |
| inxedu through 2018-12-24 has a vulnerability that can lead to the upload of a malicious JSP file. The vulnerable code location is com.inxedu.os.common.controller.VideoUploadController#gok4 (com/inxedu/os/common/controller/VideoUploadController.java). The attacker uses the /video/uploadvideo fileType parameter to change the list of acceptable extensions from jpg,gif,png,jpeg to jpg,gif,png,jsp,jpeg. | |||||
| CVE-2018-6908 | 1 Rainmachine | 4 Mini-8, Mini-8 Firmware, Touch Hd 12 and 1 more | 2019-02-22 | 5.0 MEDIUM | 9.8 CRITICAL |
| An authentication bypass vulnerability exists in the Green Electronics RainMachine Mini-8 (2nd Generation) and Touch HD 12 web application allowing an unauthenticated attacker to perform authenticated actions on the device via a 127.0.0.1:port value in the HTTP 'Host' header, as demonstrated by retrieving credentials. | |||||
| CVE-2018-6012 | 1 Rainmachine | 2 Mini-8, Mini-8 Firmware | 2019-02-22 | 7.5 HIGH | 9.8 CRITICAL |
| The 'Weather Service' feature of the Green Electronics RainMachine Mini-8 (2nd generation) allows an attacker to inject arbitrary Python code via the 'Add new weather data source' upload function. | |||||
| CVE-2019-8996 | 1 Signiant | 1 Manager\+agents | 2019-02-22 | 7.5 HIGH | 9.8 CRITICAL |
| In Signiant Manager+Agents before 13.5, the implementation of the set command has a Buffer Overflow. | |||||
| CVE-2019-8982 | 1 Wavemaker | 1 Wavemarker Studio | 2019-02-21 | 6.8 MEDIUM | 9.6 CRITICAL |
| com/wavemaker/studio/StudioService.java in WaveMaker Studio 6.6 mishandles the studioService.download?method=getContent&inUrl= value, leading to disclosure of local files and SSRF. | |||||
| CVE-2013-5654 | 1 Yingzhipython Project | 1 Yingzhipython | 2019-02-21 | 9.4 HIGH | 9.1 CRITICAL |
| Vulnerability in YingZhi Python Programming Language v1.9 allows arbitrary anonymous uploads to the phone's storage | |||||
| CVE-2019-8948 | 1 Papercut | 2 Papercut Mf, Papercut Ng | 2019-02-21 | 7.5 HIGH | 9.8 CRITICAL |
| PaperCut MF before 18.3.6 and PaperCut NG before 18.3.6 allow script injection via the user interface, aka PC-15163. | |||||
| CVE-2016-2002 | 1 Hp | 1 Vertica | 2019-02-20 | 10.0 HIGH | 9.8 CRITICAL |
| The validateAdminConfig handler in the Analytics Management Console in HPE Vertica 7.0.x before 7.0.2.12, 7.1.x before 7.1.2-12, and 7.2.x before 7.2.2-1 allows remote attackers to execute arbitrary commands via the mcPort parameter, aka ZDI-CAN-3417. | |||||
| CVE-2016-1142 | 1 Seeds | 1 Acmailer | 2019-02-20 | 9.0 HIGH | 9.1 CRITICAL |
| Seeds acmailer before 3.8.21 and 3.9.x before 3.9.15 Beta allows remote authenticated users to execute arbitrary OS commands via unspecified vectors. | |||||
| CVE-2016-0916 | 1 Emc | 1 Networker | 2019-02-20 | 10.0 HIGH | 9.8 CRITICAL |
| EMC NetWorker 8.2.1.x and 8.2.2.x before 8.2.2.6 and 9.x before 9.0.0.6 mishandles authentication, which allows remote attackers to execute arbitrary commands by leveraging access to a different NetWorker instance. | |||||
| CVE-2016-0705 | 5 Canonical, Debian, Google and 2 more | 5 Ubuntu Linux, Debian Linux, Android and 2 more | 2019-02-20 | 10.0 HIGH | 9.8 CRITICAL |
| Double free vulnerability in the dsa_priv_decode function in crypto/dsa/dsa_ameth.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed DSA private key. | |||||
| CVE-2019-0259 | 1 Sap | 1 Businessobjects | 2019-02-20 | 7.5 HIGH | 9.8 CRITICAL |
| SAP BusinessObjects, versions 4.2 and 4.3, (Visual Difference) allows an attacker to upload any file (including script files) without proper file format validation. | |||||
| CVE-2019-8393 | 1 Hotels Server Project | 1 Hotels Server | 2019-02-20 | 7.5 HIGH | 9.8 CRITICAL |
| Hotels_Server through 2018-11-05 has SQL Injection via the API because the controller/api/login.php telephone parameter is mishandled. | |||||
| CVE-2019-8360 | 1 Themerig | 1 Find A Place Cms Directory | 2019-02-20 | 7.5 HIGH | 9.8 CRITICAL |
| Themerig Find a Place CMS Directory 1.5 has SQL Injection via the find/assets/external/data_2.php cate parameter. | |||||
| CVE-2016-0639 | 2 Oracle, Redhat | 2 Mysql, Enterprise Linux | 2019-02-19 | 10.0 HIGH | 9.8 CRITICAL |
| Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.11 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Pluggable Authentication. | |||||
| CVE-2019-7297 | 1 D-link | 2 Dir-823g, Dir-823g Firmware | 2019-02-19 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered on D-Link DIR-823G devices with firmware through 1.02B03. A command Injection vulnerability allows attackers to execute arbitrary OS commands via shell metacharacters in a crafted /HNAP1 request. This occurs when the GetNetworkTomographyResult function calls the system function with an untrusted input parameter named Address. Consequently, an attacker can execute any command remotely when they control this input. | |||||
| CVE-2019-8423 | 1 Zoneminder | 1 Zoneminder | 2019-02-19 | 7.5 HIGH | 9.8 CRITICAL |
| ZoneMinder through 1.32.3 has SQL Injection via the skins/classic/views/events.php filter[Query][terms][0][cnj] parameter. | |||||
| CVE-2019-8424 | 1 Zoneminder | 1 Zoneminder | 2019-02-19 | 7.5 HIGH | 9.8 CRITICAL |
| ZoneMinder before 1.32.3 has SQL Injection via the ajax/status.php sort parameter. | |||||
| CVE-2019-8429 | 1 Zoneminder | 1 Zoneminder | 2019-02-19 | 7.5 HIGH | 9.8 CRITICAL |
| ZoneMinder before 1.32.3 has SQL Injection via the ajax/status.php filter[Query][terms][0][cnj] parameter. | |||||
| CVE-2019-8428 | 1 Zoneminder | 1 Zoneminder | 2019-02-19 | 7.5 HIGH | 9.8 CRITICAL |
| ZoneMinder before 1.32.3 has SQL Injection via the skins/classic/views/control.php groupSql parameter, as demonstrated by a newGroup[MonitorIds][] value. | |||||
| CVE-2015-4615 | 1 Easy2map | 1 Easy2map-photos | 2019-02-19 | 7.5 HIGH | 9.8 CRITICAL |
| Vulnerability in Easy2map-photos WordPress Plugin v1.09 allows SQL Injection via unsanitized mapTemplateName, mapName, mapSettingsXML, parentCSSXML, photoCSSXML, mapCSSXML, mapHTML,mapID variables | |||||
| CVE-2019-6503 | 1 Chatopera | 1 Cosin | 2019-02-15 | 7.5 HIGH | 9.8 CRITICAL |
| There is a deserialization vulnerability in Chatopera cosin v3.10.0. An attacker can execute commands during server-side deserialization by uploading maliciously constructed files. This is related to the TemplateController.java impsave method and the MainUtils toObject method. | |||||
| CVE-2018-9583 | 1 Google | 1 Android | 2019-02-14 | 10.0 HIGH | 9.8 CRITICAL |
| In bta_ag_parse_cmer of bta_ag_cmd.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote code execution in the bluetooth server with no additional execution privileges needed. User interaction is not needed for exploitation. Android ID: A-112860487. | |||||
| CVE-2019-3576 | 1 Inxedu Project | 1 Inxedu | 2019-02-14 | 7.5 HIGH | 9.8 CRITICAL |
| inxedu through 2018-12-24 has a SQL Injection vulnerability that can lead to information disclosure via the deleteFaveorite/ PATH_INFO. The vulnerable code location is com.inxedu.os.edu.controller.user.UserController#deleteFavorite (aka deleteFavorite in com/inxedu/os/edu/controller/user/UserController.java), where courseFavoritesService.deleteCourseFavoritesById is mishandled during use of MyBatis. NOTE: UserController.java has a spelling variation in an annotation: a @RequestMapping("/deleteFaveorite/{ids}") line followed by a "public ModelAndView deleteFavorite" line. | |||||
| CVE-2019-3577 | 1 Bijiadao | 1 Waimai Super Cms | 2019-02-14 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Waimai Super Cms 20150505. web/Lib/Action/ProductAction.class.php allows blind SQL Injection via the id[0] parameter to the /product URI. | |||||
| CVE-2015-8876 | 1 Php | 1 Php | 2019-02-14 | 7.5 HIGH | 9.8 CRITICAL |
| Zend/zend_exceptions.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 does not validate certain Exception objects, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or trigger unintended method execution via crafted serialized data. | |||||
| CVE-2009-5154 | 1 Mobotix | 2 S14, S14 Firmware | 2019-02-13 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. There is a default password of meinsm for the admin account. | |||||
| CVE-2019-7747 | 1 Dbninja | 1 Dbninja | 2019-02-13 | 6.8 MEDIUM | 9.6 CRITICAL |
| DbNinja 3.2.7 allows session fixation via the data.php sessid parameter. | |||||
| CVE-2019-7720 | 1 Taogogo | 1 Taocms | 2019-02-13 | 7.5 HIGH | 9.8 CRITICAL |
| taocms through 2014-05-24 allows eval injection by placing PHP code in the install.php db_name parameter and then making a config.php request. | |||||
| CVE-2018-20768 | 1 Xerox | 58 Workcentre 3655, Workcentre 3655 Firmware, Workcentre 3655i and 55 more | 2019-02-13 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. An attacker can execute PHP code by leveraging a writable file. | |||||
| CVE-2018-20770 | 1 Xerox | 58 Workcentre 3655, Workcentre 3655 Firmware, Workcentre 3655i and 55 more | 2019-02-13 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is Blind SQL Injection. | |||||
| CVE-2018-20771 | 1 Xerox | 58 Workcentre 3655, Workcentre 3655 Firmware, Workcentre 3655i and 55 more | 2019-02-13 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is unauthenticated Remote Command Execution. | |||||
| CVE-2018-19645 | 1 Microfocus | 1 Solutions Business Manager | 2019-02-13 | 7.5 HIGH | 9.8 CRITICAL |
| An Authentication Bypass issue exists in Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5. | |||||
| CVE-2018-11788 | 1 Apache | 1 Karaf | 2019-02-12 | 7.5 HIGH | 9.8 CRITICAL |
| Apache Karaf provides a features deployer, which allows users to "hot deploy" a features XML by dropping the file directly in the deploy folder. The features XML is parsed by XMLInputFactory class. Apache Karaf XMLInputFactory class doesn't contain any mitigation codes against XXE. This is a potential security risk as an user can inject external XML entities in Apache Karaf version prior to 4.1.7 or 4.2.2. It has been fixed in Apache Karaf 4.1.7 and 4.2.2 releases. | |||||
| CVE-2019-7678 | 1 Enphase | 1 Envoy | 2019-02-12 | 7.5 HIGH | 9.8 CRITICAL |
| A directory traversal vulnerability was discovered in Enphase Envoy R3.*.* via images/, include/, include/js, or include/css on TCP port 8888. | |||||
| CVE-2016-4117 | 5 Adobe, Apple, Google and 2 more | 5 Flash Player, Mac Os X, Chrome Os and 2 more | 2019-02-12 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player 21.0.0.226 and earlier allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in May 2016. | |||||
| CVE-2018-5204 | 1 Infraware-global | 1 Ml Report | 2019-02-11 | 7.5 HIGH | 9.8 CRITICAL |
| ML Report version Between 2.00.000.0000 and 2.18.628.5980 contains a vulnerability that could allow remote attacker to download and execute remote arbitrary file by setting the arguments to the activex method. this can be leveraged for code execution. | |||||
| CVE-2019-7719 | 1 Nibbleblog | 1 Nibbleblog | 2019-02-11 | 7.5 HIGH | 9.8 CRITICAL |
| Nibbleblog 4.0.5 allows eval injection by placing PHP code in the install.php username parameter and then making a content/private/shadow.php request. | |||||
| CVE-2018-20779 | 1 Traq | 1 Traq | 2019-02-11 | 7.5 HIGH | 9.8 CRITICAL |
| Traq 3.7.1 allows SQL Injection via a tickets?search= URI. | |||||
| CVE-2018-0651 | 1 Yokogawa | 8 Astplanner, Idefine For Prosafe-rs, Idefine For Prosafe-rs Firmware and 5 more | 2019-02-11 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer overflow in the license management function of YOKOGAWA products (iDefine for ProSafe-RS R1.16.3 and earlier, STARDOM VDS R7.50 and earlier, STARDOM FCN/FCJ Simulator R4.20 and earlier, ASTPLANNER R15.01 and earlier, TriFellows V5.04 and earlier) allows remote attackers to stop the license management function or execute an arbitrary program via unspecified vectors. | |||||
| CVE-2018-0668 | 1 Mnc | 1 Inplc-rt | 2019-02-11 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer overflow in INplc-RT 3.08 and earlier allows remote attackers to cause denial-of-service (DoS) condition that may result in executing arbtrary code via unspecified vectors. | |||||