Search
Total
49350 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-11414 | 1 Intelbras | 2 Iwr 3000n, Iwr 3000n Firmware | 2019-04-22 | 4.3 MEDIUM | 8.8 HIGH |
| An issue was discovered on Intelbras IWR 3000N 1.5.0 devices. When the administrator password is changed from a certain client IP address, administrative authorization remains available to any client at that IP address, leading to complete control of the router. | |||||
| CVE-2019-11377 | 1 Wcms | 1 Wcms | 2019-04-22 | 6.5 MEDIUM | 8.8 HIGH |
| wcms/wex/finder/action.php in WCMS v0.3.2 has a Arbitrary File Upload Vulnerability via developer/finder because .php is a valid extension according to the fm_get_text_exts function. | |||||
| CVE-2019-11376 | 1 Brassica | 1 Soy Cms | 2019-04-22 | 6.5 MEDIUM | 7.2 HIGH |
| ** DISPUTED ** SOY CMS v3.0.2 allows remote attackers to execute arbitrary PHP code via a <?php substring in the second text box. NOTE: the vendor indicates that there was an assumption that the content is "made editable on its own." | |||||
| CVE-2019-11452 | 1 Whatsns | 1 Whatsns | 2019-04-22 | 6.5 MEDIUM | 7.2 HIGH |
| whatsns 4.0 allows index.php?admin_category/remove.html cid[] SQL injection. | |||||
| CVE-2019-11451 | 1 Whatsns | 1 Whatsns | 2019-04-22 | 6.5 MEDIUM | 7.2 HIGH |
| whatsns 4.0 allows index.php?inform/add.html qid SQL injection. | |||||
| CVE-2014-8119 | 3 Fedoraproject, Netcf Project, Redhat | 3 Fedora, Netcf, Enterprise Linux | 2019-04-22 | 5.0 MEDIUM | 7.5 HIGH |
| The find_ifcfg_path function in netcf before 0.2.7 might allow attackers to cause a denial of service (application crash) via vectors involving augeas path expressions. | |||||
| CVE-2016-5244 | 4 Fedoraproject, Linux, Redhat and 1 more | 11 Fedora, Linux Kernel, Enterprise Linux and 8 more | 2019-04-22 | 5.0 MEDIUM | 7.5 HIGH |
| The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message. | |||||
| CVE-2016-5766 | 6 Debian, Fedoraproject, Freebsd and 3 more | 7 Debian Linux, Fedora, Freebsd and 4 more | 2019-04-22 | 6.8 MEDIUM | 8.8 HIGH |
| Integer overflow in the _gd2GetHeader function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via crafted chunk dimensions in an image. | |||||
| CVE-2015-4644 | 2 Php, Redhat | 2 Php, Enterprise Linux | 2019-04-22 | 5.0 MEDIUM | 7.5 HIGH |
| The php_pgsql_meta_data function in pgsql.c in the PostgreSQL (aka pgsql) extension in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not validate token extraction for table names, which might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted name. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1352. | |||||
| CVE-2015-4605 | 2 Php, Redhat | 8 Php, Enterprise Linux, Enterprise Linux Desktop and 5 more | 2019-04-22 | 5.0 MEDIUM | 7.5 HIGH |
| The mcopy function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly restrict a certain offset value, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string that is mishandled by a "Python script text executable" rule. | |||||
| CVE-2015-4604 | 2 Php, Redhat | 8 Php, Enterprise Linux, Enterprise Linux Desktop and 5 more | 2019-04-22 | 5.0 MEDIUM | 7.5 HIGH |
| The mget function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly maintain a certain pointer relationship, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string that is mishandled by a "Python script text executable" rule. | |||||
| CVE-2015-1795 | 1 Redhat | 2 Enterprise Linux, Gluster Storage | 2019-04-22 | 7.2 HIGH | 7.8 HIGH |
| Red Hat Gluster Storage RPM Package 3.2 allows local users to gain privileges and execute arbitrary code as root. | |||||
| CVE-2016-8657 | 1 Redhat | 2 Enterprise Linux, Jboss Enterprise Application Platform | 2019-04-22 | 7.2 HIGH | 7.8 HIGH |
| It was discovered that EAP packages in certain versions of Red Hat Enterprise Linux use incorrect permissions for /etc/sysconfig/jbossas configuration files. The file is writable to jboss group (root:jboss, 664). On systems using classic /etc/init.d init scripts (i.e. on Red Hat Enterprise Linux 6 and earlier), the file is sourced by the jboss init script and its content executed with root privileges when jboss service is started, stopped, or restarted. | |||||
| CVE-2014-0143 | 2 Qemu, Redhat | 2 Qemu, Enterprise Linux | 2019-04-22 | 4.4 MEDIUM | 7.0 HIGH |
| Multiple integer overflows in the block drivers in QEMU, possibly before 2.0.0, allow local users to cause a denial of service (crash) via a crafted catalog size in (1) the parallels_open function in block/parallels.c or (2) bochs_open function in bochs.c, a large L1 table in the (3) qcow2_snapshot_load_tmp in qcow2-snapshot.c or (4) qcow2_grow_l1_table function in qcow2-cluster.c, (5) a large request in the bdrv_check_byte_request function in block.c and other block drivers, (6) crafted cluster indexes in the get_refcount function in qcow2-refcount.c, or (7) a large number of blocks in the cloop_open function in cloop.c, which trigger buffer overflows, memory corruption, large memory allocations and out-of-bounds read and writes. | |||||
| CVE-2016-2150 | 5 Debian, Microsoft, Opensuse and 2 more | 12 Debian Linux, Windows, Leap and 9 more | 2019-04-22 | 3.6 LOW | 7.1 HIGH |
| SPICE allows local guest OS users to read from or write to arbitrary host memory locations via crafted primary surface parameters, a similar issue to CVE-2015-5261. | |||||
| CVE-2016-3072 | 2 Katello, Redhat | 3 Katello, Enterprise Linux, Satellite | 2019-04-22 | 6.5 MEDIUM | 8.8 HIGH |
| Multiple SQL injection vulnerabilities in the scoped_search function in app/controllers/katello/api/v2/api_controller.rb in Katello allow remote authenticated users to execute arbitrary SQL commands via the (1) sort_by or (2) sort_order parameter. | |||||
| CVE-2015-4035 | 2 Redhat, Tukaani | 2 Enterprise Linux, Xz | 2019-04-22 | 4.6 MEDIUM | 7.8 HIGH |
| scripts/xzgrep.in in xzgrep 5.2.x before 5.2.0, before 5.0.0 does not properly process file names containing semicolons, which allows remote attackers to execute arbitrary code by having a user run xzgrep on a crafted file name. | |||||
| CVE-2016-4459 | 1 Redhat | 2 Enterprise Linux, Mod Cluster | 2019-04-22 | 7.8 HIGH | 7.5 HIGH |
| Stack-based buffer overflow in native/mod_manager/node.c in mod_cluster 1.2.9. | |||||
| CVE-2019-2027 | 1 Google | 1 Android | 2019-04-22 | 9.3 HIGH | 8.8 HIGH |
| In floor0_inverse1 of floor0.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-119120561. | |||||
| CVE-2019-2028 | 1 Google | 1 Android | 2019-04-22 | 9.3 HIGH | 8.8 HIGH |
| In numerous hand-crafted functions in libmpeg2, NEON registers are not preserved. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-120644655. | |||||
| CVE-2019-2031 | 1 Google | 1 Android | 2019-04-22 | 4.6 MEDIUM | 7.8 HIGH |
| In rw_t3t_act_handle_check_ndef_rsp of rw_t3t.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-120502559. | |||||
| CVE-2019-2033 | 1 Google | 1 Android | 2019-04-22 | 4.6 MEDIUM | 7.8 HIGH |
| In create_hdr of dnssd_clientstub.c, there is a possible use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-121327565. | |||||
| CVE-2019-2032 | 1 Google | 1 Android | 2019-04-22 | 4.6 MEDIUM | 7.8 HIGH |
| In SetScanResponseData of ble_advertiser_hci_interface.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-8.0 Android-8.1 Android-9. Android ID: A-121145627. | |||||
| CVE-2018-5360 | 2 Graphicsmagick, Libtiff | 2 Graphicsmagick, Libtiff | 2019-04-22 | 6.8 MEDIUM | 8.8 HIGH |
| LibTIFF before 4.0.6 mishandles the reading of TIFF files, as demonstrated by a heap-based buffer over-read in the ReadTIFFImage function in coders/tiff.c in GraphicsMagick 1.3.27. | |||||
| CVE-2019-2035 | 1 Google | 1 Android | 2019-04-22 | 6.8 MEDIUM | 7.8 HIGH |
| In rw_i93_sm_update_ndef of rw_i93.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-122320256 | |||||
| CVE-2019-2037 | 1 Google | 1 Android | 2019-04-22 | 5.0 MEDIUM | 7.5 HIGH |
| In l2cu_send_peer_config_rej of l2c_utils.cc, there is a possible out-of-bound read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-119870451. | |||||
| CVE-2018-19969 | 1 Phpmyadmin | 1 Phpmyadmin | 2019-04-22 | 6.8 MEDIUM | 8.8 HIGH |
| phpMyAdmin 4.7.x and 4.8.x versions prior to 4.8.4 are affected by a series of CSRF flaws. By deceiving a user into clicking on a crafted URL, it is possible to perform harmful SQL operations such as renaming databases, creating new tables/routines, deleting designer pages, adding/deleting users, updating user passwords, killing SQL processes, etc. | |||||
| CVE-2019-8999 | 1 Blackberry | 1 Unified Endpoint Management | 2019-04-19 | 5.0 MEDIUM | 7.5 HIGH |
| An XML External Entity vulnerability in the UEM Core of BlackBerry UEM version(s) earlier than 12.10.1a could allow an attacker to potentially gain read access to files on any system reachable by the UEM service account. | |||||
| CVE-2019-5668 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2019-04-18 | 7.2 HIGH | 7.8 HIGH |
| NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiSubmitCommandVirtual in which the application dereferences a pointer that it expects to be valid, but is NULL, which may lead to denial of service or escalation of privileges. | |||||
| CVE-2019-0121 | 1 Intel | 1 Matrix Storage Manager | 2019-04-18 | 4.6 MEDIUM | 7.8 HIGH |
| Improper permissions in Intel(R) Matrix Storage Manager 8.9.0.1023 and before may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2019-5667 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2019-04-18 | 7.2 HIGH | 7.8 HIGH |
| NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiSetRootPageTable in which the application dereferences a pointer that it expects to be valid, but is NULL, which may lead to code execution, denial of service or escalation of privileges. | |||||
| CVE-2019-0163 | 1 Intel | 2 I5-5350u, I5-5350u Firmware | 2019-04-18 | 4.6 MEDIUM | 8.2 HIGH |
| Insufficient input validation in system firmware for Intel(R) Broadwell U i5 vPro before version MYBDWi5v.86A may allow an authenticated user to potentially enable escalation of privilege, denial of service, and/or information disclosure via local access. | |||||
| CVE-2017-9833 | 1 Boa | 1 Boa | 2019-04-18 | 7.8 HIGH | 7.5 HIGH |
| /cgi-bin/wapopen in BOA Webserver 0.94.14rc21 allows the injection of "../.." using the FILECAMERA variable (sent by GET) to read files with root privileges. | |||||
| CVE-2017-9618 | 1 Artifex | 1 Ghostscript Ghostxps | 2019-04-18 | 6.8 MEDIUM | 7.8 HIGH |
| The xps_load_sfnt_name function in xps/xpsfont.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted document. | |||||
| CVE-2017-9619 | 1 Artifex | 1 Ghostscript Ghostxps | 2019-04-18 | 6.8 MEDIUM | 7.8 HIGH |
| The xps_true_callback_glyph_name function in xps/xpsttf.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (Segmentation Violation and application crash) via a crafted file. | |||||
| CVE-2019-5769 | 4 Debian, Fedoraproject, Google and 1 more | 6 Debian Linux, Fedora, Chrome and 3 more | 2019-04-18 | 6.8 MEDIUM | 8.8 HIGH |
| Incorrect handling of invalid end character position when front rendering in Blink in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2019-5770 | 4 Debian, Fedoraproject, Google and 1 more | 6 Debian Linux, Fedora, Chrome and 3 more | 2019-04-18 | 6.8 MEDIUM | 8.8 HIGH |
| Insufficient input validation in WebGL in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | |||||
| CVE-2018-16558 | 1 Siemens | 2 Simatic S7-1500, Simatic S7-1500 Firmware | 2019-04-18 | 7.8 HIGH | 7.5 HIGH |
| A vulnerability has been identified in SIMATIC S7-1500 CPU (All versions >= V2.0 and < V2.5), SIMATIC S7-1500 CPU (All versions <= V1.8.5). Specially crafted network packets sent to port 80/tcp or 443/tcp could allow an unauthenticated remote attacker to cause a Denial-of-Service condition of the device. The security vulnerability could be exploited by an attacker with network access to the affected systems on port 80/tcp or 443/tcp. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known. | |||||
| CVE-2019-5757 | 4 Debian, Fedoraproject, Google and 1 more | 6 Debian Linux, Fedora, Chrome and 3 more | 2019-04-18 | 6.8 MEDIUM | 8.8 HIGH |
| An incorrect object type assumption in SVG in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. | |||||
| CVE-2019-5762 | 4 Debian, Fedoraproject, Google and 1 more | 6 Debian Linux, Fedora, Chrome and 3 more | 2019-04-18 | 6.8 MEDIUM | 8.8 HIGH |
| Inappropriate memory management when caching in PDFium in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. | |||||
| CVE-2018-16559 | 1 Siemens | 2 Simatic S7-1500, Simatic S7-1500 Firmware | 2019-04-18 | 7.8 HIGH | 7.5 HIGH |
| A vulnerability has been identified in SIMATIC S7-1500 CPU (All versions >= V2.0 and < V2.5), SIMATIC S7-1500 CPU (All versions <= V1.8.5). Specially crafted network packets sent to port 80/tcp or 443/tcp could allow an unauthenticated remote attacker to cause a Denial-of-Service condition of the device. The security vulnerability could be exploited by an attacker with network access to the affected systems on port 80/tcp or 443/tcp. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known. | |||||
| CVE-2019-10642 | 1 Contao | 1 Contao Cms | 2019-04-18 | 6.8 MEDIUM | 8.8 HIGH |
| Contao 4.7 allows CSRF. | |||||
| CVE-2018-11851 | 1 Google | 1 Android | 2019-04-18 | 7.2 HIGH | 7.8 HIGH |
| In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check on input received to calculate the buffer length can lead to out of bound write to kernel stack. | |||||
| CVE-2018-11889 | 1 Google | 1 Android | 2019-04-18 | 7.2 HIGH | 7.8 HIGH |
| In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, when requesting rssi timeout, access invalid memory may occur since local variable 'context' stack data of wlan function is free. | |||||
| CVE-2018-11891 | 1 Google | 1 Android | 2019-04-18 | 8.3 HIGH | 8.8 HIGH |
| In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check on the length of array while accessing can lead to an out of bound read in WLAN HOST function. | |||||
| CVE-2018-11869 | 1 Google | 1 Android | 2019-04-18 | 7.2 HIGH | 7.8 HIGH |
| In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of length validation check for value received from firmware can lead to buffer overflow in WMA handler. | |||||
| CVE-2018-11868 | 1 Google | 1 Android | 2019-04-18 | 7.2 HIGH | 7.8 HIGH |
| In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of length validation check for value received from firmware can lead to buffer overflow in nan response event handler. | |||||
| CVE-2018-11860 | 1 Google | 1 Android | 2019-04-18 | 7.2 HIGH | 7.8 HIGH |
| In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, a potential buffer over flow could occur while processing the ndp event due to lack of check on the message length. | |||||
| CVE-2018-11878 | 1 Google | 1 Android | 2019-04-18 | 7.2 HIGH | 7.8 HIGH |
| In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, possibility of invalid memory access while processing driver command in WLAN function. | |||||
| CVE-2018-11897 | 1 Google | 1 Android | 2019-04-18 | 7.2 HIGH | 7.8 HIGH |
| In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing diag event after associating to a network out of bounds read occurs if ssid of the network joined is greater than max limit. | |||||