Total
23759 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-10922 | 1 Siemens | 2 Simatic Pcs 7, Simatic Wincc | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 and newer (All versions), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 and newer (All versions). An attacker with network access to affected installations, which are configured without "Encrypted Communication", can execute arbitrary code. The security vulnerability could be exploited by an unauthenticated attacker with network access to the affected installation. No user interaction is required to exploit this security vulnerability. The vulnerability impacts confidentiality, integrity, and availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known. | |||||
CVE-2018-11936 | 1 Qualcomm | 56 Mdm9206, Mdm9206 Firmware, Mdm9607 and 53 more | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
Index of array is processed in a wrong way inside a while loop and result in invalid index (-1 or something else) leads to out of bound memory access. in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9379, QCA9886, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 820, SD 820A, SD 835, SDX20, SDX24, Snapdragon_High_Med_2016 | |||||
CVE-2018-20998 | 1 Arrayfire | 1 Arrayfire | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in the arrayfire crate before 3.6.0 for Rust. Addition of the repr() attribute to an enum is mishandled, leading to memory corruption. | |||||
CVE-2018-20871 | 1 Univa | 1 Grid Engine | 2023-12-10 | 6.8 MEDIUM | 9.8 CRITICAL |
In Univa Grid Engine before 8.6.3, when configured for Docker jobs and execd spooling on root_squash, weak file permissions ("other" write access) occur in certain cases (GE-6890). | |||||
CVE-2018-20180 | 2 Debian, Rdesktop | 2 Debian Linux, Rdesktop | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
rdesktop versions up to and including v1.8.3 contain an Integer Underflow that leads to a Heap-Based Buffer Overflow in the function rdpsnddbg_process() and results in memory corruption and probably even a remote code execution. | |||||
CVE-2019-7806 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
CVE-2018-16530 | 1 Forcepoint | 1 Email Security | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
A stack-based buffer overflow in Forcepoint Email Security version 8.5 allows an attacker to craft malicious input and potentially crash a process creating a denial-of-service. While no known Remote Code Execution (RCE) vulnerabilities exist, as with all buffer overflows, the possibility of RCE cannot be completely ruled out. Data Execution Protection (DEP) is already enabled on the Email appliance as a risk mitigation. | |||||
CVE-2019-16303 | 1 Jhipster | 2 Jhipster, Jhipster Kotlin | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
A class generated by the Generator in JHipster before 6.3.0 and JHipster Kotlin through 1.1.0 produces code that uses an insecure source of randomness (apache.commons.lang3 RandomStringUtils). This allows an attacker (if able to obtain their own password reset URL) to compute the value for all other password resets for other accounts, thus allowing privilege escalation or account takeover. | |||||
CVE-2019-5387 | 1 Hp | 1 Intelligent Management Center | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
CVE-2019-5019 | 1 Rainbowpdf | 1 Office Server Document Converter | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
A heap-based overflow vulnerability exists in the PowerPoint document conversion function of Rainbow PDF Office Server Document Converter V7.0 Pro R1 (7,0,2018,1113). While parsing Document Summary Property Set stream, the getSummaryInformation function is incorrectly checking the correlation between size and the number of properties in PropertySet packets, causing an out-of-bounds write that leads to heap corruption and consequent code execution. | |||||
CVE-2019-0040 | 1 Juniper | 1 Junos | 2023-12-10 | 6.4 MEDIUM | 9.1 CRITICAL |
On Junos OS, rpcbind should only be listening to port 111 on the internal routing instance (IRI). External packets destined to port 111 should be dropped. Due to an information leak vulnerability, responses were being generated from the source address of the management interface (e.g. fxp0) thus disclosing internal addressing and existence of the management interface itself. A high rate of crafted packets destined to port 111 may also lead to a partial Denial of Service (DoS). Note: Systems with fxp0 disabled or unconfigured are not vulnerable to this issue. This issue only affects Junos OS releases based on FreeBSD 10 or higher (typically Junos OS 15.1+). Administrators can confirm whether systems are running a version of Junos OS based on FreeBSD 10 or higher by typing: user@junos> show version | match kernel JUNOS OS Kernel 64-bit [20181214.223829_fbsd-builder_stable_10] Affected releases are Juniper Networks Junos OS: 15.1 versions prior to 15.1F6-S12, 15.1R7-S4; 15.1X53 versions prior to 15.1X53-D236; 16.1 versions prior to 16.1R7-S1; 16.2 versions prior to 16.2R2-S9; 17.1 versions prior to 17.1R3; 17.2 versions prior to 17.2R1-S8; 17.3 versions prior to 17.3R2; 17.4 versions prior to 17.4R1-S1, 17.4R1-S7, 17.4R2. This issue does not affect Junos OS releases prior to 15.1. | |||||
CVE-2015-9290 | 1 Freetype | 1 Freetype | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
In FreeType before 2.6.1, a buffer over-read occurs in type1/t1parse.c on function T1_Get_Private_Dict where there is no check that the new values of cur and limit are sensible before going to Again. | |||||
CVE-2019-9160 | 1 Xinruidz | 2 Sundray Wan Controller, Sundray Wan Controller Firmware | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
WAC on the Sangfor Sundray WLAN Controller version 3.7.4.2 and earlier has a backdoor account allowing a remote attacker to login to the system via SSH (on TCP port 22345) and escalate to root (because the password for root is the WebUI admin password concatenated with a static string). | |||||
CVE-2018-21003 | 1 Themekraft | 1 Buddyforms | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
The buddyforms plugin before 2.2.8 for WordPress has SQL injection. | |||||
CVE-2019-9932 | 1 Lexmark | 142 6500e, 6500e Firmware, C734 and 139 more | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
Various Lexmark products have a Buffer Overflow (issue 2 of 3). | |||||
CVE-2019-2322 | 1 Qualcomm | 88 Mdm9150, Mdm9150 Firmware, Mdm9206 and 85 more | 2023-12-10 | 9.3 HIGH | 9.8 CRITICAL |
Buffer overflow can occur when playing specific clip which is non-standard in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016 | |||||
CVE-2019-16092 | 2 Canonical, Symonics | 2 Ubuntu Linux, Libmysofa | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Symonics libmysofa 0.7 has a NULL pointer dereference in getHrtf in hrtf/reader.c. | |||||
CVE-2019-10173 | 2 Oracle, Xstream Project | 10 Banking Platform, Business Activity Monitoring, Communications Billing And Revenue Management Elastic Charging Engine and 7 more | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
It was found that xstream API version 1.4.10 before 1.4.11 introduced a regression for a previous deserialization flaw. If the security framework has not been initialized, it may allow a remote attacker to run arbitrary shell commands when unmarshalling XML or any supported format. e.g. JSON. (regression of CVE-2013-7285) | |||||
CVE-2019-8047 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
CVE-2019-12260 | 6 Belden, Netapp, Oracle and 3 more | 51 Garrettcom Magnum Dx940e, Garrettcom Magnum Dx940e Firmware, Hirschmann Dragon Mach4000 and 48 more | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 2 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion caused by a malformed TCP AO option. |