Search
Total
49350 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-7913 | 1 Linux | 1 Linux Kernel | 2019-05-14 | 9.3 HIGH | 7.8 HIGH |
| The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) via vectors involving omission of the firmware name from a certain data structure. | |||||
| CVE-2017-11600 | 1 Linux | 1 Linux Kernel | 2019-05-14 | 6.9 MEDIUM | 7.0 HIGH |
| net/xfrm/xfrm_policy.c in the Linux kernel through 4.12.3, when CONFIG_XFRM_MIGRATE is enabled, does not ensure that the dir value of xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allows local users to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via an XFRM_MSG_MIGRATE xfrm Netlink message. | |||||
| CVE-2017-1000407 | 4 Canonical, Debian, Linux and 1 more | 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more | 2019-05-14 | 6.1 MEDIUM | 7.4 HIGH |
| The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic. | |||||
| CVE-2019-3863 | 5 Debian, Libssh2, Netapp and 2 more | 10 Debian Linux, Libssh2, Ontap Select Deploy Administration Utility and 7 more | 2019-05-14 | 6.8 MEDIUM | 8.8 HIGH |
| A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error. | |||||
| CVE-2019-5008 | 1 Qemu | 1 Qemu | 2019-05-14 | 5.0 MEDIUM | 7.5 HIGH |
| hw/sparc64/sun4u.c in QEMU 3.1.50 is vulnerable to a NULL pointer dereference, which allows the attacker to cause a denial of service via a device driver. | |||||
| CVE-2018-7765 | 1 Schneider-electric | 1 U.motion Builder | 2019-05-14 | 6.8 MEDIUM | 8.8 HIGH |
| The vulnerability exists within processing of track_import_export.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the object_id input parameter. | |||||
| CVE-2018-16556 | 1 Siemens | 10 Simatic S7-400, Simatic S7-400 Firmware, Simatic S7-400 Pn\/dp V7 and 7 more | 2019-05-14 | 7.8 HIGH | 7.5 HIGH |
| A vulnerability has been identified in SIMATIC S7-400 (incl. F) V6 and below (All versions), SIMATIC S7-400 PN/DP V7 (incl. F) (All versions), SIMATIC S7-400H V4.5 and below (All versions), SIMATIC S7-400H V6 (All versions < V6.0.9), SIMATIC S7-410 (All versions < V8.2.1). Specially crafted packets sent to port 102/tcp via Ethernet interface, via PROFIBUS, or via Multi Point Interfaces (MPI) could cause the affected devices to go into defect mode. Manual reboot is required to resume normal operation. Successful exploitation requires an attacker to be able to send specially crafted packets to port 102/tcp via Ethernet interface, via PROFIBUS or Multi Point Interfaces (MPI). No user interaction and no user privileges are required to exploit the security vulnerability. The vulnerability could allow causing a Denial-of-Service condition of the core functionality of the CPU, compromising the availability of the system. At the time of advisory publication no public exploitation of this security vulnerability was known. | |||||
| CVE-2018-19037 | 1 Virginmedia | 2 Hub 3.0, Hub 3.0 Firmware | 2019-05-14 | 5.0 MEDIUM | 7.5 HIGH |
| On Virgin Media wireless router 3.0 hub devices, the web interface is vulnerable to denial of service. When POST requests are sent and keep the connection open, the router lags and becomes unusable to anyone currently using the web interface. | |||||
| CVE-2016-6346 | 1 Redhat | 1 Resteasy | 2019-05-14 | 5.0 MEDIUM | 7.5 HIGH |
| RESTEasy enables GZIPInterceptor, which allows remote attackers to cause a denial of service via unspecified vectors. | |||||
| CVE-2018-14713 | 1 Asus | 2 Rt-ac3200, Rt-ac3200 Firmware | 2019-05-14 | 5.5 MEDIUM | 8.1 HIGH |
| Format string vulnerability in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to read arbitrary sections of memory and CPU registers via the "hook" URL parameter. | |||||
| CVE-2019-5495 | 1 Netapp | 1 Oncommand Unified Manager | 2019-05-14 | 5.0 MEDIUM | 7.5 HIGH |
| OnCommand Unified Manager for VMware vSphere, Linux and Windows prior to 9.5 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors. | |||||
| CVE-2019-9726 | 1 Eq-3 | 2 Ccu3, Ccu3 Firmware | 2019-05-14 | 5.0 MEDIUM | 7.5 HIGH |
| Directory Traversal / Arbitrary File Read in eQ-3 AG Homematic CCU3 3.43.15 and earlier allows remote attackers to read arbitrary files of the device's filesystem. This vulnerability can be exploited by unauthenticated attackers with access to the web interface. | |||||
| CVE-2018-4456 | 1 Apple | 1 Mac Os X | 2019-05-14 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved input validation. This issue affected versions prior to macOS High Sierra 10.13.6, macOS Mojave 10.14. | |||||
| CVE-2018-20580 | 1 Smartbear | 1 Readyapi | 2019-05-14 | 9.3 HIGH | 8.8 HIGH |
| The WSDL import functionality in SmartBear ReadyAPI 2.5.0 and 2.6.0 allows remote attackers to execute arbitrary Java code via a crafted request parameter in a WSDL file. | |||||
| CVE-2017-14315 | 1 Apple | 1 Iphone Os | 2019-05-14 | 7.9 HIGH | 7.5 HIGH |
| In Apple iOS 7 through 9, due to a BlueBorne flaw in the implementation of LEAP (Low Energy Audio Protocol), a large audio command can be sent to a targeted device and lead to a heap overflow with attacker-controlled data. Since the audio commands sent via LEAP are not properly validated, an attacker can use this overflow to gain full control of the device through the relatively high privileges of the Bluetooth stack in iOS. The attack bypasses Bluetooth access control; however, the default "Bluetooth On" value must be present in Settings. | |||||
| CVE-2019-11600 | 1 Openproject | 1 Openproject | 2019-05-14 | 6.8 MEDIUM | 8.1 HIGH |
| A SQL injection vulnerability in the activities API in OpenProject before 8.3.2 allows a remote attacker to execute arbitrary SQL commands via the id parameter. The attack can be performed unauthenticated if OpenProject is configured not to require authentication for API access. | |||||
| CVE-2019-10650 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2019-05-14 | 5.8 MEDIUM | 8.1 HIGH |
| In ImageMagick 7.0.8-36 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or information disclosure via a crafted image file. | |||||
| CVE-2018-3990 | 2 Microsoft, Wibu | 2 Windows, Wibukey | 2019-05-14 | 7.2 HIGH | 7.8 HIGH |
| An exploitable pool corruption vulnerability exists in the 0x8200E804 IOCTL handler functionality of WIBU-SYSTEMS WibuKey.sys Version 6.40 (Build 2400). A specially crafted IRP request can cause a buffer overflow, resulting in kernel memory corruption and, potentially, privilege escalation. An attacker can send an IRP request to trigger this vulnerability. | |||||
| CVE-2018-8007 | 1 Apache | 1 Couchdb | 2019-05-13 | 9.0 HIGH | 7.2 HIGH |
| Apache CouchDB administrative users can configure the database server via HTTP(S). Due to insufficient validation of administrator-supplied configuration settings via the HTTP API, it is possible for a CouchDB administrator user to escalate their privileges to that of the operating system's user that CouchDB runs under, by bypassing the blacklist of configuration settings that are not allowed to be modified via the HTTP API. This privilege escalation effectively allows an existing CouchDB admin user to gain arbitrary remote code execution, bypassing already disclosed CVE-2017-12636. Mitigation: All users should upgrade to CouchDB releases 1.7.2 or 2.1.2. | |||||
| CVE-2017-12636 | 1 Apache | 1 Couchdb | 2019-05-13 | 9.0 HIGH | 7.2 HIGH |
| CouchDB administrative users can configure the database server via HTTP(S). Some of the configuration options include paths for operating system-level binaries that are subsequently launched by CouchDB. This allows an admin user in Apache CouchDB before 1.7.0 and 2.x before 2.1.1 to execute arbitrary shell commands as the CouchDB user, including downloading and executing scripts from the public internet. | |||||
| CVE-2019-12041 | 1 Remarkable Project | 1 Remarkable | 2019-05-13 | 5.0 MEDIUM | 7.5 HIGH |
| lib/common/html_re.js in remarkable 1.7.1 allows Regular Expression Denial of Service (ReDoS) via a CDATA section. | |||||
| CVE-2017-18122 | 2 Debian, Simplesamlphp | 2 Debian Linux, Simplesamlphp | 2019-05-13 | 6.8 MEDIUM | 8.1 HIGH |
| A signature-validation bypass issue was discovered in SimpleSAMLphp through 1.14.16. A SimpleSAMLphp Service Provider using SAML 1.1 will regard as valid any unsigned SAML response containing more than one signed assertion, provided that the signature of at least one of the assertions is valid. Attributes contained in all the assertions received will be merged and the entityID of the first assertion received will be used, allowing an attacker to impersonate any user of any IdP given an assertion signed by the targeted IdP. | |||||
| CVE-2019-11832 | 1 Typo3 | 1 Typo3 | 2019-05-13 | 9.3 HIGH | 7.5 HIGH |
| TYPO3 8.x before 8.7.25 and 9.x before 9.5.6 allows remote code execution because it does not properly configure the applications used for image processing, as demonstrated by ImageMagick or GraphicsMagick. | |||||
| CVE-2019-7360 | 1 Autodesk | 11 Advance Steel, Autocad, Autocad Architecture and 8 more | 2019-05-13 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable use-after-free vulnerability in the DXF-parsing functionality in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018. A specially crafted DXF file may trigger a use-after-free, resulting in code execution. | |||||
| CVE-2018-12301 | 1 Seagate | 1 Nas Os | 2019-05-13 | 5.0 MEDIUM | 7.5 HIGH |
| Unvalidated URL in Download Manager in Seagate NAS OS version 4.3.15.1 allows attackers to access the loopback interface via a Download URL of 127.0.0.1 or localhost. | |||||
| CVE-2018-12298 | 1 Seagate | 1 Nas Os | 2019-05-13 | 5.0 MEDIUM | 7.5 HIGH |
| Directory Traversal in filebrowser in Seagate NAS OS 4.3.15.1 allows attackers to read files within the application's container via a URL path. | |||||
| CVE-2017-0900 | 3 Debian, Redhat, Rubygems | 8 Debian Linux, Enterprise Linux Desktop, Enterprise Linux Server and 5 more | 2019-05-13 | 5.0 MEDIUM | 7.5 HIGH |
| RubyGems version 2.6.12 and earlier is vulnerable to maliciously crafted gem specifications to cause a denial of service attack against RubyGems clients who have issued a `query` command. | |||||
| CVE-2018-4360 | 2 Apple, Microsoft | 6 Icloud, Iphone Os, Itunes and 3 more | 2019-05-13 | 6.8 MEDIUM | 8.8 HIGH |
| Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. | |||||
| CVE-2018-20782 | 1 Globee | 1 Woocommerce | 2019-05-13 | 5.0 MEDIUM | 7.5 HIGH |
| The GloBee plugin before 1.1.2 for WooCommerce mishandles IPN messages. | |||||
| CVE-2019-7652 | 1 Thehive-project | 1 Cortex-analyzers | 2019-05-13 | 4.0 MEDIUM | 7.7 HIGH |
| TheHive Project UnshortenLink analyzer before 1.1, included in Cortex-Analyzers before 1.15.2, has SSRF. To exploit the vulnerability, an attacker must create a new analysis, select URL for Data Type, and provide an SSRF payload like "http://127.0.0.1:22" in the Data parameter. The result can be seen in the main dashboard. Thus, it is possible to do port scans on localhost and intranet hosts. | |||||
| CVE-2017-12789 | 1 Metinfo | 1 Metinfo | 2019-05-13 | 6.8 MEDIUM | 8.8 HIGH |
| Metinfo 5.3.18 is affected by: Cross Site Request Forgery (CSRF). The impact is: Information Disclosure (remote). The component is: admin/interface/online/delete.php. The attack vector is: The administrator clicks on the malicious link in the login state. | |||||
| CVE-2018-19865 | 2 Opensuse, Qt | 2 Leap, Qt | 2019-05-10 | 5.0 MEDIUM | 7.5 HIGH |
| A keystroke logging issue was discovered in Virtual Keyboard in Qt 5.7.x, 5.8.x, 5.9.x, 5.10.x, and 5.11.x before 5.11.3. | |||||
| CVE-2017-11793 | 1 Microsoft | 8 Internet Explorer, Windows 10, Windows 7 and 5 more | 2019-05-10 | 7.6 HIGH | 7.5 HIGH |
| Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11796, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800, CVE-2017-11801, CVE-2017-11802, CVE-2017-11804, CVE-2017-11805, CVE-2017-11806, CVE-2017-11807, CVE-2017-11808, CVE-2017-11809, CVE-2017-11810, CVE-2017-11811, CVE-2017-11812, and CVE-2017-11821. | |||||
| CVE-2017-8682 | 1 Microsoft | 10 Office 2007, Office 2010, Office Word Viewer and 7 more | 2019-05-10 | 9.3 HIGH | 8.8 HIGH |
| Windows graphics on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, Windows Server 2016, Microsoft Office Word Viewer, Microsoft Office 2007 Service Pack 3 , and Microsoft Office 2010 Service Pack 2 allows an attacker to execute remote code by the way it handles embedded fonts, aka "Win32k Graphics Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8683. | |||||
| CVE-2017-11764 | 1 Microsoft | 3 Edge, Windows 10, Windows Server 2016 | 2019-05-10 | 7.6 HIGH | 7.5 HIGH |
| Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the Microsoft Edge scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8649, CVE-2017-8660, CVE-2017-8729, CVE-2017-8738, CVE-2017-8740, CVE-2017-8741, CVE-2017-8748, CVE-2017-8752, CVE-2017-8753, CVE-2017-8755, and CVE-2017-8756. | |||||
| CVE-2017-8751 | 1 Microsoft | 2 Edge, Windows 10 | 2019-05-10 | 7.6 HIGH | 7.5 HIGH |
| Microsoft Edge in Microsoft Windows 1703 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Microsoft Edge accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8731, CVE-2017-8734, and CVE-2017-11766. | |||||
| CVE-2017-12884 | 1 Open-xchange | 1 Open-xchange Appsuite | 2019-05-10 | 5.0 MEDIUM | 7.5 HIGH |
| OX Software GmbH App Suite 7.8.4 and earlier is affected by: Information Exposure. | |||||
| CVE-2017-12869 | 2 Debian, Simplesamlphp | 2 Debian Linux, Simplesamlphp | 2019-05-10 | 5.0 MEDIUM | 7.5 HIGH |
| The multiauth module in SimpleSAMLphp 1.14.13 and earlier allows remote attackers to bypass authentication context restrictions and use an authentication source defined in config/authsources.php via vectors related to improper validation of user input. | |||||
| CVE-2017-11810 | 1 Microsoft | 8 Internet Explorer, Windows 10, Windows 7 and 5 more | 2019-05-10 | 7.6 HIGH | 7.5 HIGH |
| Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800, CVE-2017-11801, CVE-2017-11802, CVE-2017-11804, CVE-2017-11805, CVE-2017-11806, CVE-2017-11807, CVE-2017-11808, CVE-2017-11809, CVE-2017-11811, CVE-2017-11812, and CVE-2017-11821. | |||||
| CVE-2019-11082 | 1 Dkpro-core Project | 1 Dkpro-core | 2019-05-10 | 6.4 MEDIUM | 7.5 HIGH |
| core/api/datasets/internal/actions/Explode.java in the Dataset API in DKPro Core through 1.10.0 allows Directory Traversal, resulting in the overwrite of local files with the contents of an archive. | |||||
| CVE-2017-12760 | 1 Ynetinteractive | 1 Mobiketa | 2019-05-10 | 6.5 MEDIUM | 8.8 HIGH |
| Ynet Interactive - http://demo.ynetinteractive.com/mobiketa/ Mobiketa 4.0 is affected by: SQL Injection. The impact is: Code execution (remote). | |||||
| CVE-2018-5408 | 1 Printerlogic | 1 Print Management | 2019-05-10 | 5.8 MEDIUM | 7.4 HIGH |
| The PrinterLogic Print Management software, versions up to and including 18.3.1.96, does not validate, or incorrectly validates, the PrinterLogic management portal's SSL certificate. When a certificate is invalid or malicious, it might allow an attacker to spoof a trusted entity by using a man-in-the-middle (MITM) attack. The software might connect to a malicious host while believing it is a trusted host, or the software might be deceived into accepting spoofed data that appears to originate from a trusted host. | |||||
| CVE-2017-1274 | 1 Ibm | 1 Domino | 2019-05-10 | 6.5 MEDIUM | 8.8 HIGH |
| IBM Domino 8.5.3, and 9.0 is vulnerable to a stack based overflow in the IMAP service that could allow an authenticated attacker to execute arbitrary code by specifying a large mailbox name. IBM X-Force ID: 124749. | |||||
| CVE-2017-12761 | 1 Webfile Explorer Project | 1 Webfile Explorer | 2019-05-10 | 5.0 MEDIUM | 7.5 HIGH |
| http://codecanyon.net/user/Endober WebFile Explorer 1.0 is affected by: SQL Injection. The impact is: Arbitrary File Download (remote). The component is: $file = $_GET['id'] in download.php. The attack vector is: http://speicher.example.com/envato/codecanyon/demo/web-file-explorer/download.php?id=WebExplorer/../config.php. | |||||
| CVE-2016-3110 | 2 Fedoraproject, Redhat | 4 Fedora, Enterprise Linux, Jboss Enterprise Application Platform and 1 more | 2019-05-10 | 5.0 MEDIUM | 7.5 HIGH |
| mod_cluster, as used in Red Hat JBoss Web Server 2.1, allows remote attackers to cause a denial of service (Apache http server crash) via an MCMP message containing a series of = (equals) characters after a legitimate element. | |||||
| CVE-2017-1000115 | 3 Debian, Mercurial, Redhat | 8 Debian Linux, Mercurial, Enterprise Linux Desktop and 5 more | 2019-05-10 | 5.0 MEDIUM | 7.5 HIGH |
| Mercurial prior to version 4.3 is vulnerable to a missing symlink check that can malicious repositories to modify files outside the repository | |||||
| CVE-2018-1608 | 1 Ibm | 1 Rational Engineering Lifecycle Manager | 2019-05-10 | 5.0 MEDIUM | 7.5 HIGH |
| IBM Rational Engineering Lifecycle Manager 6.0 through 6.0.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 143798. | |||||
| CVE-2017-12839 | 1 Mpg123 | 1 Mpg123 | 2019-05-10 | 6.8 MEDIUM | 8.3 HIGH |
| A heap-based buffer over-read in the getbits function in src/libmpg123/getbits.h in mpg123 through 1.25.5 allows remote attackers to cause a possible denial-of-service (out-of-bounds read) or possibly have unspecified other impact via a crafted mp3 file. | |||||
| CVE-2017-2304 | 1 Juniper | 7 Ex4300, Ex4600, Junos and 4 more | 2019-05-10 | 5.0 MEDIUM | 7.5 HIGH |
| Juniper Networks QFX3500, QFX3600, QFX5100, QFX5200, EX4300 and EX4600 devices running Junos OS 14.1X53 prior to 14.1X53-D40, 15.1X53 prior to 15.1X53-D40, 15.1 prior to 15.1R2, do not pad Ethernet packets with zeros, and thus some packets can contain fragments of system memory or data from previous packets. This issue is also known as 'Etherleak' | |||||
| CVE-2016-1600 | 1 Microfocus | 1 Identity Manager | 2019-05-10 | 5.0 MEDIUM | 7.5 HIGH |
| The ServiceNow driver in NetIQ Identity Manager versions prior to 4.6 are susceptible to an information disclosure vulnerability. | |||||