| Page(s) : 1 2 3 4 5 [6] 7 8 9 10 11 12 13 14 15 16 ... | Result(s) : 149138 |
Alerts
| Date | Name | Categories | Detail | |
|---|---|---|---|---|
| N/A | 2019-07-18 | CVE-2019-3570 | cve | Call to the scrypt_enc() function in HHVM can lead to heap corruption by using specifically crafted parameters (N, r and p). This happens if the parameters are configurable by a... |
| 7.5 | 2019-07-18 | CVE-2019-13952 | cve | The set_ipv6() function in zscan_rfc1035.rl in gdnsd before 2.4.3 and 3.x before 3.2.1 has a stack-based buffer overflow via a long and malformed IPv6 address in zone data. |
| 7.5 | 2019-07-18 | CVE-2019-13951 | cve | The set_ipv4() function in zscan_rfc1035.rl in gdnsd 3.x before 3.2.1 has a stack-based buffer overflow via a long and malformed IPv4 address in zone data. |
| 3.5 | 2019-07-18 | CVE-2019-13950 | cve | index.php?c=admin&a=index in SyGuestBook A5 Version 1.2 has stored XSS via a reply to a comment. |
| 6.8 | 2019-07-18 | CVE-2019-13949 | cve | SyGuestBook A5 Version 1.2 has no CSRF protection mechanism, as demonstrated by CSRF for an index.php?c=Administrator&a=update admin password change. |
| 3.5 | 2019-07-18 | CVE-2019-13948 | cve | SyGuestBook A5 Version 1.2 allows stored XSS because the isValidData function in include/functions.php does not properly block XSS payloads, as demonstrated by a crafted use of ... |
| N/A | 2019-07-18 | CVE-2019-13915 | cve | b3log Wide before 1.6.0 allows three types of attacks to access arbitrary files. First, the attacker can write code in the editor, and compile and run it approximately three tim... |
| N/A | 2019-07-18 | CVE-2019-13607 | cve | The Opera Mini application through 16.0.14 for iOS has a UXSS vulnerability that can be triggered by performing navigation to a javascript: URL. |
| 7.5 | 2019-07-18 | CVE-2019-13575 | cve | A SQL injection vulnerability exists in WPEverest Everest Forms plugin for WordPress through 1.4.9. Successful exploitation of this vulnerability would allow a remote attacker t... |
| N/A | 2019-07-18 | CVE-2019-13509 | cve | In Docker CE and EE before 18.09.8 (as well as Docker EE before 17.06.2-ee-23 and 18.x before 18.03.1-ee-10), Docker Engine in debug mode may sometimes add secrets to the debug ... |
| N/A | 2019-07-18 | CVE-2019-11230 | cve | In Avast Antivirus before 19.4, a local administrator can trick the product into renaming arbitrary files by replacing the Logs\Update.log file with a symlink. The next time the... |
| N/A | 2019-07-18 | CVE-2019-1010268 | cve | Ladon since 0.6.1 (since ebef0aae48af78c159b6fce81bc6f5e7e0ddb059) is affected by: XML External Entity (XXE). The impact is: Information Disclosure, reading files and reaching i... |
| N/A | 2019-07-18 | CVE-2019-1010262 | cve | ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-1010142. Reason: This candidate is a reservation duplicate of CVE-2019-1010142. Notes: All CVE users should r... |
| 4.3 | 2019-07-18 | CVE-2019-1010261 | cve | Gitea 1.7.0 and earlier is affected by: Cross Site Scripting (XSS). The impact is: Attacker is able to have victim execute arbitrary JS in browser. The component is: go-get URL ... |
| 7.5 | 2019-07-18 | CVE-2019-1010259 | cve | SaltStack Salt 2018.3, 2019.2 is affected by: SQL Injection. The impact is: An attacker could escalate privileges on MySQL server deployed by cloud provider. It leads to RCE. Th... |
| N/A | 2019-07-18 | CVE-2019-1010104 | cve | TechyTalk Quick Chat WordPress Plugin All up to the latest is affected by: SQL Injection. The impact is: Access to the database. The component is: like_escape is used in Quick-c... |
| N/A | 2019-07-18 | CVE-2019-1010073 | cve | BACnet Stack bacserv 0.9.1 and 0.8.5 is affected by: Buffer Overflow. The impact is: exploit was not explored. The component is: bacserv BVLC forwarded NPDU. bvlc_bdt_forward_np... |
| 4.3 | 2019-07-18 | CVE-2019-1010069 | cve | moinejf abcm2ps 8.13.20 is affected by: Incorrect Access Control. The impact is: Allows attackers to cause a denial of service attack via a crafted file. The component is: front... |
| N/A | 2019-07-18 | CVE-2019-1010066 | cve | Lawrence Livermore National Laboratory msr-safe v1.1.0 is affected by: Incorrect Access Control. The impact is: An attacker could modify model specific registers. The component ... |
| N/A | 2019-07-18 | CVE-2019-1010065 | cve | The Sleuth Kit 4.6.0 and earlier is affected by: Integer Overflow. The impact is: Opening crafted disk image triggers crash in tsk/fs/hfs_dent.c:237. The component is: Overflow ... |
| Page(s) : 1 2 3 4 5 [6] 7 8 9 10 11 12 13 14 15 16 ... | Result(s) : 149138 |
