Total
23717 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-15537 | 1 Cesnet | 1 Proxystatistics | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
The proxystatistics module before 3.1.0 for SimpleSAMLphp allows SQL Injection in lib/Auth/Process/DatabaseCommand.php. | |||||
CVE-2019-14201 | 1 Denx | 1 U-boot | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_lookup_reply. | |||||
CVE-2019-14697 | 1 Musl-libc | 1 Musl | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
musl libc through 1.1.23 has an x87 floating-point stack adjustment imbalance, related to the math/i386/ directory. In some cases, use of this library could introduce out-of-bounds writes that are not present in an application's source code. | |||||
CVE-2019-1581 | 1 Paloaltonetworks | 1 Pan-os | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
A remote code execution vulnerability in the PAN-OS SSH device management interface that can lead to unauthenticated remote users with network access to the SSH management interface gaining root access to PAN-OS. This issue affects PAN-OS 7.1 versions prior to 7.1.24-h1, 7.1.25; 8.0 versions prior to 8.0.19-h1, 8.0.20; 8.1 versions prior to 8.1.9-h4, 8.1.10; 9.0 versions prior to 9.0.3-h3, 9.0.4. | |||||
CVE-2019-3705 | 1 Dell | 4 Idrac6 Firmware, Idrac7 Firmware, Idrac8 Firmware and 1 more | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
Dell EMC iDRAC6 versions prior to 2.92, iDRAC7/iDRAC8 versions prior to 2.61.60.60, and iDRAC9 versions prior to 3.20.21.20, 3.21.24.22, 3.21.26.22 and 3.23.23.23 contain a stack-based buffer overflow vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to crash the webserver or execute arbitrary code on the system with privileges of the webserver by sending specially crafted input data to the affected system. | |||||
CVE-2018-14670 | 1 Yandex | 1 Clickhouse | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Incorrect configuration in deb package in ClickHouse before 1.1.54131 could lead to unauthorized use of the database. | |||||
CVE-2019-7068 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
CVE-2019-13952 | 1 Gdnsd | 1 Gdnsd | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
The set_ipv6() function in zscan_rfc1035.rl in gdnsd before 2.4.3 and 3.x before 3.2.1 has a stack-based buffer overflow via a long and malformed IPv6 address in zone data. | |||||
CVE-2019-13614 | 1 Tp-link | 2 Archer C1200, Archer C1200 Firmware | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
CMD_SET_CONFIG_COUNTRY in the TP-Link Device Debug protocol in TP-Link Archer C1200 1.0.0 Build 20180502 rel.45702 and earlier is prone to a stack-based buffer overflow, which allows a remote attacker to achieve code execution or denial of service by sending a crafted payload to the listening server. | |||||
CVE-2017-7342 | 1 Fortinet | 1 Fortiportal | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
A weak password recovery process vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to execute unauthorized code or commands via a hidden Close button | |||||
CVE-2019-11402 | 1 Gradle | 1 Enterprise | 2023-12-10 | 5.0 MEDIUM | 9.8 CRITICAL |
In Gradle Enterprise before 2018.5.3, Build Cache Nodes did not store the credentials at rest in an encrypted format. | |||||
CVE-2019-13207 | 1 Nlnetlabs | 1 Name Server Daemon | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
nsd-checkzone in NLnet Labs NSD 4.2.0 has a Stack-based Buffer Overflow in the dname_concatenate() function in dname.c. | |||||
CVE-2019-13486 | 2 Debian, Xymon | 2 Debian Linux, Xymon | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
In Xymon through 4.3.28, a stack-based buffer overflow exists in the status-log viewer component because of expansion in svcstatus.c. | |||||
CVE-2019-7101 | 2 Adobe, Microsoft | 2 Shockwave Player, Windows | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
CVE-2019-13983 | 1 Rangerstudio | 1 Directus 7 Api | 2023-12-10 | 5.0 MEDIUM | 9.8 CRITICAL |
Directus 7 API before 2.2.2 has insufficient anti-automation, as demonstrated by lack of a CAPTCHA in core/Directus/Services/AuthService.php and endpoints/Auth.php. | |||||
CVE-2019-10892 | 1 Dlink | 2 Dir-806, Dir-806 Firmware | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
An issue was discovered in D-Link DIR-806 devices. There is a stack-based buffer overflow in function hnap_main at /htdocs/cgibin. The function will call sprintf without checking the length of strings in parameters given by HTTP header and can be controlled by users. And it finally leads to a stack-based buffer overflow via a special HTTP header. | |||||
CVE-2018-13898 | 1 Qualcomm | 80 Mdm9150, Mdm9150 Firmware, Mdm9206 and 77 more | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Out-of-Bounds write due to incorrect array index check in PMIC in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607, MDM9650, MDM9655, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016, SXR1130 | |||||
CVE-2019-16143 | 1 Blake2 | 1 Blake2-rust | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in the blake2 crate before 0.8.1 for Rust. The BLAKE2b and BLAKE2s algorithms, when used with HMAC, produce incorrect results because the block sizes are half of the required sizes. | |||||
CVE-2018-13924 | 1 Qualcomm | 112 Ipq8074, Ipq8074 Firmware, Mdm9150 and 109 more | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
Lack of check to prevent the buffer length taking negative values can lead to stack overflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9150, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCA6174A, QCA8081, QCS404, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130 | |||||
CVE-2019-15785 | 1 Fontforge | 1 Fontforge | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
FontForge 20190813 through 20190820 has a buffer overflow in PrefsUI_LoadPrefs in prefs.c. |