Search
Total
49350 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-5187 | 1 Accusoft | 1 Imagegear | 2022-06-13 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable out-of-bounds write vulnerability exists in the TIFreadstripdata function of the igcore19d.dll library of Accusoft ImageGear 19.5.0. A specially crafted TIFF file file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability. | |||||
| CVE-2020-7246 | 1 Qdpm | 1 Qdpm | 2022-06-13 | 6.5 MEDIUM | 8.8 HIGH |
| A remote code execution (RCE) vulnerability exists in qdPM 9.1 and earlier. An attacker can upload a malicious PHP code file via the profile photo functionality, by leveraging a path traversal vulnerability in the users['photop_preview'] delete photo feature, allowing bypass of .htaccess protection. NOTE: this issue exists because of an incomplete fix for CVE-2015-3884. | |||||
| CVE-2019-5145 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2022-06-13 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit PDF Reader, version 9.7.0.29435. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability. | |||||
| CVE-2019-5131 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2022-06-13 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader, version 9.7.0.29435. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability. | |||||
| CVE-2019-5143 | 1 Moxa | 2 Awk-3131a, Awk-3131a Firmware | 2022-06-13 | 6.5 MEDIUM | 8.8 HIGH |
| An exploitable format string vulnerability exists in the iw_console conio_writestr functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted time server entry can cause an overflow of the time server buffer, resulting in remote code execution. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability. | |||||
| CVE-2019-5142 | 1 Moxa | 2 Awk-3131a, Awk-3131a Firmware | 2022-06-13 | 9.0 HIGH | 7.2 HIGH |
| An exploitable command injection vulnerability exists in the hostname functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted entry to network configuration information can cause execution of arbitrary system commands, resulting in full control of the device. An attacker can send various authenticated requests to trigger this vulnerability. | |||||
| CVE-2019-5141 | 1 Moxa | 2 Awk-3131a, Awk-3131a Firmware | 2022-06-13 | 6.5 MEDIUM | 8.8 HIGH |
| An exploitable command injection vulnerability exists in the iw_webs functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted iw_serverip parameter can cause user input to be reflected in a subsequent iw_system call, resulting in remote control over the device. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability. | |||||
| CVE-2019-5140 | 1 Moxa | 2 Awk-3131a, Awk-3131a Firmware | 2022-06-13 | 6.5 MEDIUM | 8.8 HIGH |
| An exploitable command injection vulnerability exists in the iwwebs functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted diagnostic script file name can cause user input to be reflected in a subsequent iwsystem call, resulting in remote control over the device. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability. | |||||
| CVE-2019-5139 | 1 Moxa | 2 Awk-3131a, Awk-3131a Firmware | 2022-06-13 | 3.6 LOW | 7.1 HIGH |
| An exploitable use of hard-coded credentials vulnerability exists in multiple iw_* utilities of the Moxa AWK-3131A firmware version 1.13. The device operating system contains an undocumented encryption password, allowing for the creation of custom diagnostic scripts. | |||||
| CVE-2019-5148 | 1 Moxa | 2 Awk-3131a, Awk-3131a Firmware | 2022-06-13 | 5.0 MEDIUM | 7.5 HIGH |
| An exploitable denial-of-service vulnerability exists in ServiceAgent functionality of the Moxa AWK-3131A, firmware version 1.13. A specially crafted packet can cause an integer underflow, triggering a large memcpy that will access unmapped or out-of-bounds memory. An attacker can send this packet while unauthenticated to trigger this vulnerability. | |||||
| CVE-2019-5153 | 1 Moxa | 2 Awk-3131a, Awk-3131a Firmware | 2022-06-13 | 6.5 MEDIUM | 8.8 HIGH |
| An exploitable remote code execution vulnerability exists in the iw_webs configuration parsing functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted user name entry can cause an overflow of an error message buffer, resulting in remote code execution. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability. | |||||
| CVE-2019-5162 | 1 Moxa | 2 Awk-3131a, Awk-3131a Firmware | 2022-06-13 | 9.0 HIGH | 8.8 HIGH |
| An exploitable improper access control vulnerability exists in the iw_webs account settings functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted user name entry can cause the overwrite of an existing user account password, resulting in remote shell access to the device as that user. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability. | |||||
| CVE-2021-21480 | 1 Sap | 1 Manufacturing Integration And Intelligence | 2022-06-13 | 9.0 HIGH | 8.8 HIGH |
| SAP MII allows users to create dashboards and save them as JSP through the SSCE (Self Service Composition Environment). An attacker can intercept a request to the server, inject malicious JSP code in the request and forward to server. When this dashboard is opened by users having at least SAP_XMII Developer role, malicious content in the dashboard gets executed, leading to remote code execution in the server, which allows privilege escalation. The malicious JSP code can contain certain OS commands, through which an attacker can read sensitive files in the server, modify files or even delete contents in the server thus compromising the confidentiality, integrity and availability of the server hosting the SAP MII application. Also, an attacker authenticated as a developer can use the application to upload and execute a file which will permit them to execute operating systems commands completely compromising the server hosting the application. | |||||
| CVE-2019-5165 | 1 Moxa | 2 Awk-3131a, Awk-3131a Firmware | 2022-06-13 | 6.5 MEDIUM | 7.2 HIGH |
| An exploitable authentication bypass vulnerability exists in the hostname processing of the Moxa AWK-3131A firmware version 1.13. A specially configured device hostname can cause the device to interpret select remote traffic as local traffic, resulting in a bypass of web authentication. An attacker can send authenticated SNMP requests to trigger this vulnerability. | |||||
| CVE-2017-2920 | 1 Pl32 | 1 Photoline | 2022-06-13 | 6.8 MEDIUM | 7.8 HIGH |
| An memory corruption vulnerability exists in the .SVG parsing functionality of Computerinsel Photoline 20.02. A specially crafted .SVG file can cause a vulnerability resulting in memory corruption, which can potentially lead to arbitrary code execution. An attacker can send a specific .SVG file to trigger this vulnerability. | |||||
| CVE-2017-2827 | 1 Foscam | 2 C1 Indoor Hd Camera, C1 Indoor Hd Camera Firmware | 2022-06-13 | 6.5 MEDIUM | 8.8 HIGH |
| An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters during account creation resulting in command injection. An attacker can simply send an HTTP request to the device to trigger this vulnerability. | |||||
| CVE-2017-2916 | 1 Meetcircle | 2 Circle With Disney, Circle With Disney Firmware | 2022-06-13 | 9.0 HIGH | 8.8 HIGH |
| An exploitable vulnerability exists in the /api/CONFIG/restore functionality of Circle with Disney running firmware 2.0.1. Specially crafted network packets can cause an arbitrary file to be overwritten. An attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2017-2915 | 1 Meetcircle | 2 Circle With Disney, Circle With Disney Firmware | 2022-06-13 | 7.7 HIGH | 8.0 HIGH |
| An exploitable vulnerability exists in the WiFi configuration functionality of Circle with Disney running firmware 2.0.1. A specially crafted SSID can cause the device to execute arbitrary shell commands. An attacker needs to send a couple of HTTP requests and setup an access point reachable by the device to trigger this vulnerability. | |||||
| CVE-2017-2914 | 1 Meetcircle | 2 Circle With Disney, Circle With Disney Firmware | 2022-06-13 | 6.8 MEDIUM | 8.1 HIGH |
| An exploitable authentication bypass vulnerability exists in the API daemon of Circle with Disney running firmware 2.0.1. A specially crafted token can bypass the authentication routine of the Apid binary, causing the device to grant unintended administrative access. An attacker needs network connectivity to the device to trigger this vulnerability. | |||||
| CVE-2017-2909 | 1 Cesanta | 1 Mongoose | 2022-06-13 | 7.8 HIGH | 7.5 HIGH |
| An infinite loop programming error exists in the DNS server functionality of Cesanta Mongoose 6.8 library. A specially crafted DNS request can cause an infinite loop resulting in high CPU usage and Denial Of Service. An attacker can send a packet over the network to trigger this vulnerability. | |||||
| CVE-2017-2898 | 1 Meetcircle | 2 Circle With Disney, Circle With Disney Firmware | 2022-06-13 | 8.5 HIGH | 7.5 HIGH |
| An exploitable vulnerability exists in the signature verification of the firmware update functionality of Circle with Disney. Specially crafted network packets can cause an unsigned firmware to be installed in the device resulting in arbitrary code execution. An attacker can send a series of packets to trigger this vulnerability. | |||||
| CVE-2017-2897 | 1 Libxls Project | 1 Libxls | 2022-06-13 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable out-of-bounds write vulnerability exists in the read_MSAT function of libxls 1.4. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability. | |||||
| CVE-2017-2917 | 1 Meetcircle | 2 Circle With Disney, Circle With Disney Firmware | 2022-06-13 | 9.0 HIGH | 8.8 HIGH |
| An exploitable vulnerability exists in the notifications functionality of Circle with Disney running firmware 2.0.1. Specially crafted network packets can cause an OS command injection. An attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2017-2823 | 1 Poweriso | 1 Poweriso | 2022-06-13 | 6.8 MEDIUM | 7.8 HIGH |
| A use-after-free vulnerability exists in the .ISO parsing functionality of PowerISO 6.8. A specially crafted .ISO file can cause a vulnerability resulting in potential code execution. An attacker can send a specific .ISO file to trigger this vulnerability. | |||||
| CVE-2021-46789 | 1 Huawei | 1 Emui | 2022-06-13 | 5.0 MEDIUM | 7.5 HIGH |
| Configuration defects in the secure OS module. Successful exploitation of this vulnerability can affect availability. | |||||
| CVE-2017-17740 | 4 Mcafee, Openldap, Opensuse and 1 more | 4 Policy Auditor, Openldap, Leap and 1 more | 2022-06-13 | 5.0 MEDIUM | 7.5 HIGH |
| contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation. | |||||
| CVE-2017-2906 | 2 Blender, Debian | 2 Blender, Debian Linux | 2022-06-13 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable integer overflow exists in the animation playing functionality of the Blender open-source 3d creation suite version 2.78c. A specially created '.avi' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to use the file as an asset in order to trigger this vulnerability. | |||||
| CVE-2017-2905 | 2 Blender, Debian | 2 Blender, Debian Linux | 2022-06-13 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable integer overflow exists in the bmp loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.bmp' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to use the file as an asset via the sequencer in order to trigger this vulnerability. | |||||
| CVE-2017-2904 | 2 Blender, Debian | 2 Blender, Debian Linux | 2022-06-13 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable integer overflow exists in the RADIANCE loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.hdr' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to use the file as an asset via the sequencer in order to trigger this vulnerability. | |||||
| CVE-2017-2903 | 2 Blender, Debian | 2 Blender, Debian Linux | 2022-06-13 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable integer overflow exists in the DPX loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.cin' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to use the file as an asset via the sequencer in order to trigger this vulnerability. | |||||
| CVE-2017-2902 | 2 Blender, Debian | 2 Blender, Debian Linux | 2022-06-13 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable integer overflow exists in the DPX loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.cin' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to use the file as an asset via the sequencer in order to trigger this vulnerability. | |||||
| CVE-2017-2901 | 2 Blender, Debian | 2 Blender, Debian Linux | 2022-06-13 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable integer overflow exists in the IRIS loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.iris' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to use the file as an asset via the sequencer in order to trigger this vulnerability. | |||||
| CVE-2017-2900 | 2 Blender, Debian | 2 Blender, Debian Linux | 2022-06-13 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable integer overflow exists in the PNG loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.png' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to use the file as an asset via the sequencer in order to trigger this vulnerability. | |||||
| CVE-2017-2899 | 2 Blender, Debian | 2 Blender, Debian Linux | 2022-06-13 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable integer overflow exists in the TIFF loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.tif' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to use the file as an asset via the sequencer in order to trigger this vulnerability. | |||||
| CVE-2017-2908 | 2 Blender, Debian | 2 Blender, Debian Linux | 2022-06-13 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable integer overflow exists in the thumbnail functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to render the thumbnail for the file while in the File->Open dialog. | |||||
| CVE-2017-2907 | 2 Blender, Debian | 2 Blender, Debian Linux | 2022-06-13 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable integer overflow exists in the animation playing functionality of the Blender open-source 3d creation suite version 2.78c. A specially created '.avi' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to use the file as an asset in order to trigger this vulnerability. | |||||
| CVE-2017-2924 | 2 Debian, Freexl Project | 2 Debian Linux, Freexl | 2022-06-13 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable heap-based buffer overflow vulnerability exists in the read_legacy_biff function of FreeXL 1.0.3. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability. | |||||
| CVE-2017-2923 | 2 Debian, Freexl Project | 2 Debian Linux, Freexl | 2022-06-13 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable heap based buffer overflow vulnerability exists in the 'read_biff_next_record function' of FreeXL 1.0.3. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability. | |||||
| CVE-2017-2918 | 2 Blender, Debian | 2 Blender, Debian Linux | 2022-06-13 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable integer overflow exists in the Image loading functionality of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to open the file or use it as a library in order to trigger this vulnerability. | |||||
| CVE-2017-2919 | 2 Debian, Libxls Project | 2 Debian Linux, Libxls | 2022-06-13 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable stack based buffer overflow vulnerability exists in the xls_getfcell function of libxls 1.3.4. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability | |||||
| CVE-2018-1999001 | 2 Jenkins, Oracle | 2 Jenkins, Communications Cloud Native Core Automated Test Suite | 2022-06-13 | 4.3 MEDIUM | 8.8 HIGH |
| A unauthorized modification of configuration vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in User.java that allows attackers to provide crafted login credentials that cause Jenkins to move the config.xml file from the Jenkins home directory. If Jenkins is started without this file present, it will revert to the legacy defaults of granting administrator access to anonymous users. | |||||
| CVE-2018-1000194 | 2 Jenkins, Oracle | 2 Jenkins, Communications Cloud Native Core Automated Test Suite | 2022-06-13 | 5.5 MEDIUM | 8.1 HIGH |
| A path traversal vulnerability exists in Jenkins 2.120 and older, LTS 2.107.2 and older in FilePath.java, SoloFilePathFilter.java that allows malicious agents to read and write arbitrary files on the Jenkins master, bypassing the agent-to-master security subsystem protection. | |||||
| CVE-2018-1999002 | 2 Jenkins, Oracle | 2 Jenkins, Communications Cloud Native Core Automated Test Suite | 2022-06-13 | 5.0 MEDIUM | 7.5 HIGH |
| A arbitrary file read vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in the Stapler web framework's org/kohsuke/stapler/Stapler.java that allows attackers to send crafted HTTP requests returning the contents of any file on the Jenkins master file system that the Jenkins master has access to. | |||||
| CVE-2019-1003005 | 1 Jenkins | 1 Script Security | 2022-06-13 | 6.5 MEDIUM | 8.8 HIGH |
| A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.50 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript.java that allows attackers with Overall/Read permission to provide a Groovy script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM. | |||||
| CVE-2018-20546 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2022-06-13 | 5.8 MEDIUM | 8.1 HIGH |
| There is an illegal READ memory access at caca/dither.c (function get_rgba_default) in libcaca 0.99.beta19 for the default bpp case. | |||||
| CVE-2018-20545 | 4 Canonical, Fedoraproject, Libcaca Project and 1 more | 4 Ubuntu Linux, Fedora, Libcaca and 1 more | 2022-06-13 | 6.8 MEDIUM | 8.8 HIGH |
| There is an illegal WRITE memory access at common-image.c (function load_image) in libcaca 0.99.beta19 for 4bpp data. | |||||
| CVE-2022-30744 | 1 Samsung | 1 Kies | 2022-06-13 | 4.4 MEDIUM | 7.8 HIGH |
| DLL hijacking vulnerability in KiesWrapper in Samsung Kies prior to version 2.6.4.22043_1 allows attacker to execute arbitrary code. | |||||
| CVE-2022-21757 | 2 Google, Mediatek | 24 Android, Mt6833, Mt6853 and 21 more | 2022-06-13 | 7.8 HIGH | 7.5 HIGH |
| In WIFI Firmware, there is a possible system crash due to a missing count check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06468894; Issue ID: ALPS06468894. | |||||
| CVE-2019-5015 | 1 Pixar | 1 Renderman | 2022-06-13 | 7.2 HIGH | 7.8 HIGH |
| A local privilege escalation vulnerability exists in the Mac OS X version of Pixar Renderman 22.3.0's Install Helper helper tool. A user with local access can use this vulnerability to escalate their privileges to root. An attacker would need local access to the machine for a successful exploit. | |||||
| CVE-2022-21745 | 2 Google, Mediatek | 44 Android, Mt6761, Mt6762 and 41 more | 2022-06-13 | 8.3 HIGH | 8.8 HIGH |
| In WIFI Firmware, there is a possible memory corruption due to a use after free. This could lead to remote escalation of privilege, when devices are connecting to the attacker-controllable Wi-Fi hotspot, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06468872; Issue ID: ALPS06468872. | |||||