Export limit exceeded: 362446 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (362446 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-19220 | 1 Bmcsoftware | 1 Control-m\/agent | 2024-11-21 | 8.8 High |
| BMC Control-M/Agent 7.0.00.000 allows OS Command Injection (issue 2 of 2). | ||||
| CVE-2019-19219 | 1 Bmcsoftware | 1 Control-m\/agent | 2024-11-21 | 7.5 High |
| BMC Control-M/Agent 7.0.00.000 allows Arbitrary File Download. | ||||
| CVE-2019-19218 | 1 Bmcsoftware | 1 Control-m\/agent | 2024-11-21 | 7.5 High |
| BMC Control-M/Agent 7.0.00.000 has Insecure Password Storage. | ||||
| CVE-2019-19217 | 1 Bmcsoftware | 1 Control-m\/agent | 2024-11-21 | 8.8 High |
| BMC Control-M/Agent 7.0.00.000 allows OS Command Injection. | ||||
| CVE-2019-19216 | 1 Bmcsoftware | 1 Control-m\/agent | 2024-11-21 | 8.8 High |
| BMC Control-M/Agent 7.0.00.000 has an Insecure File Copy. | ||||
| CVE-2019-19215 | 1 Bmcsoftware | 1 Control-m\/agent | 2024-11-21 | 8.8 High |
| A buffer overflow vulnerability in BMC Control-M/Agent 7.0.00.000 when the On-Do action destination is Mail and the Control-M/Agent is configured to send the email, allows remote attackers to have unspecified impact via vectors related to the configured IP address or SMTP server. | ||||
| CVE-2019-19212 | 1 Dolibarr | 1 Dolibarr | 2024-11-21 | 9.8 Critical |
| Dolibarr ERP/CRM 3.0 through 10.0.3 allows XSS via the qty parameter to product/fournisseurs.php (product price screen). | ||||
| CVE-2019-19211 | 1 Dolibarr | 1 Dolibarr | 2024-11-21 | 6.1 Medium |
| Dolibarr ERP/CRM before 10.0.3 has an Insufficient Filtering issue that can lead to user/card.php XSS. | ||||
| CVE-2019-19210 | 1 Dolibarr | 1 Dolibarr | 2024-11-21 | 5.4 Medium |
| Dolibarr ERP/CRM before 10.0.3 allows XSS because uploaded HTML documents are served as text/html despite being renamed to .noexe files. | ||||
| CVE-2019-19209 | 1 Dolibarr | 1 Dolibarr | 2024-11-21 | 7.5 High |
| Dolibarr ERP/CRM before 10.0.3 allows SQL Injection. | ||||
| CVE-2019-19208 | 1 Codiad | 1 Codiad | 2024-11-21 | 9.8 Critical |
| Codiad Web IDE through 2.8.4 allows PHP Code injection. | ||||
| CVE-2019-19207 | 1 Rconfig | 1 Rconfig | 2024-11-21 | 8.8 High |
| rConfig 3.9.2 allows devices.php?searchColumn= SQL injection. | ||||
| CVE-2019-19206 | 1 Dolibarr | 1 Dolibarr Erp\/crm | 2024-11-21 | 5.4 Medium |
| Dolibarr CRM/ERP 10.0.3 allows viewimage.php?file= Stored XSS due to JavaScript execution in an SVG image for a profile picture. | ||||
| CVE-2019-19204 | 4 Debian, Fedoraproject, Oniguruma Project and 1 more | 6 Debian Linux, Fedora, Oniguruma and 3 more | 2024-11-21 | 7.5 High |
| An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function fetch_interval_quantifier (formerly known as fetch_range_quantifier) in regparse.c, PFETCH is called without checking PEND. This leads to a heap-based buffer over-read. | ||||
| CVE-2019-19203 | 3 Fedoraproject, Oniguruma Project, Redhat | 5 Fedora, Oniguruma, Enterprise Linux and 2 more | 2024-11-21 | 7.5 High |
| An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function gb18030_mbc_enc_len in file gb18030.c, a UChar pointer is dereferenced without checking if it passed the end of the matched string. This leads to a heap-based buffer over-read. | ||||
| CVE-2019-19202 | 1 Vtiger | 1 Vtiger Crm | 2024-11-21 | 8.8 High |
| In Vtiger 7.x before 7.2.0, the My Preferences saving functionality allows a user without administrative privileges to change his own role by adding roleid=H2 to a POST request. | ||||
| CVE-2019-19200 | 1 Reddoxx | 1 Maildepot | 2024-11-21 | 8.8 High |
| REDDOXX MailDepot 2032 2.2.1242 allows authenticated users to access the mailboxes of other users. | ||||
| CVE-2019-19199 | 1 Reddoxx | 1 Maildepot | 2024-11-21 | 7.4 High |
| REDDOXX MailDepot 2032 SP2 2.2.1242 has Insufficient Session Expiration because tokens are not invalidated upon a logout. | ||||
| CVE-2019-19198 | 1 Scoutnet | 1 Kalender | 2024-11-21 | 5.4 Medium |
| The Scoutnet Kalender plugin 1.1.0 for WordPress allows XSS. | ||||
| CVE-2019-19197 | 1 Kyrolsecuritylabs | 1 Kyrol Internet Security | 2024-11-21 | 7.8 High |
| IOCTL Handling in the kyrld.sys driver in Kyrol Internet Security 9.0.6.9 allows an attacker to achieve privilege escalation, denial-of-service, and code execution via usermode because 0x9C402401 using METHOD_NEITHER results in a read primitive. | ||||