Export limit exceeded: 362730 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (362730 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-16106 | 1 Humanica | 1 Humatrix | 2024-11-21 | 7.5 High |
| The Recruitment module in Humanica Humatrix 7 1.0.0.203 and 1.0.0.681 allows an unauthenticated attacker to change the password of any user via the recruitment_online/personalData/act_acounttab.cfm txtNewUserName and hdNP fields. | ||||
| CVE-2019-16105 | 1 Silver-peak | 2 Unity Edgeconnect Sd-wan, Unity Edgeconnect Sd-wan Firmware | 2024-11-21 | N/A |
| Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows ..%2f directory traversal via a rest/json/configdb/download/ URI. | ||||
| CVE-2019-16104 | 1 Silver-peak | 2 Unity Edgeconnect Sd-wan, Unity Edgeconnect Sd-wan Firmware | 2024-11-21 | 6.1 Medium |
| Silver Peak EdgeConnect SD-WAN before 8.1.7.x has reflected XSS via the rest/json/configdb/download/ PATH_INFO. | ||||
| CVE-2019-16103 | 1 Silver-peak | 2 Unity Edgeconnect Sd-wan, Unity Edgeconnect Sd-wan Firmware | 2024-11-21 | N/A |
| Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows privilege escalation (by administrators) from the menu to a root Bash OS shell via the spsshell feature. | ||||
| CVE-2019-16102 | 1 Silver-peak | 2 Unity Edgeconnect Sd-wan, Unity Edgeconnect Sd-wan Firmware | 2024-11-21 | N/A |
| Silver Peak EdgeConnect SD-WAN before 8.1.7.x has an SNMP service with a public value for rocommunity and trapcommunity. | ||||
| CVE-2019-16101 | 1 Silver-peak | 2 Unity Edgeconnect Sd-wan, Unity Edgeconnect Sd-wan Firmware | 2024-11-21 | N/A |
| Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows remote attackers to obtain potentially sensitive stack traces by sending incorrect JSON data to the REST API, such as the rest/json/banners URI. | ||||
| CVE-2019-16100 | 1 Silver-peak | 2 Unity Edgeconnect Sd-wan, Unity Edgeconnect Sd-wan Firmware | 2024-11-21 | N/A |
| Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows remote attackers to trigger a web-interface outage via slow client-side HTTP traffic from a single source. | ||||
| CVE-2019-16099 | 1 Silver-peak | 2 Unity Edgeconnect Sd-wan, Unity Edgeconnect Sd-wan Firmware | 2024-11-21 | N/A |
| Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows CSRF via JSON data to a .swf file. | ||||
| CVE-2019-16098 | 1 Msi | 1 Afterburner | 2024-11-21 | 7.8 High |
| The driver in Micro-Star MSI Afterburner 4.6.2.15658 (aka RTCore64.sys and RTCore32.sys) allows any authenticated user to read and write to arbitrary memory, I/O ports, and MSRs. This can be exploited for privilege escalation, code execution under high privileges, and information disclosure. These signed drivers can also be used to bypass the Microsoft driver-signing policy to deploy malicious code. | ||||
| CVE-2019-16097 | 1 Linuxfoundation | 1 Harbor | 2024-11-21 | 6.5 Medium |
| core/api/user.go in Harbor 1.7.0 through 1.8.2 allows non-admin users to create admin accounts via the POST /api/users API, when Harbor is setup with DB as authentication backend and allow user to do self-registration. Fixed version: v1.7.6 v1.8.3. v.1.9.0. Workaround without applying the fix: configure Harbor to use non-DB authentication backend such as LDAP. | ||||
| CVE-2019-16096 | 1 Kilo Project | 1 Kilo | 2024-11-21 | 7.5 High |
| Kilo 0.0.1 has a heap-based buffer overflow because there is an integer overflow in a calculation involving the number of tabs in one row. | ||||
| CVE-2019-16095 | 2 Canonical, Symonics | 2 Ubuntu Linux, Libmysofa | 2024-11-21 | 7.5 High |
| Symonics libmysofa 0.7 has an invalid read in getDimension in hrtf/reader.c. | ||||
| CVE-2019-16094 | 2 Canonical, Symonics | 2 Ubuntu Linux, Libmysofa | 2024-11-21 | 7.5 High |
| Symonics libmysofa 0.7 has an invalid read in readOHDRHeaderMessageDataLayout in hdf/dataobject.c. | ||||
| CVE-2019-16093 | 2 Canonical, Symonics | 2 Ubuntu Linux, Libmysofa | 2024-11-21 | 9.8 Critical |
| Symonics libmysofa 0.7 has an invalid write in readOHDRHeaderMessageDataLayout in hdf/dataobject.c. | ||||
| CVE-2019-16092 | 2 Canonical, Symonics | 2 Ubuntu Linux, Libmysofa | 2024-11-21 | 9.8 Critical |
| Symonics libmysofa 0.7 has a NULL pointer dereference in getHrtf in hrtf/reader.c. | ||||
| CVE-2019-16091 | 2 Canonical, Symonics | 2 Ubuntu Linux, Libmysofa | 2024-11-21 | 7.5 High |
| Symonics libmysofa 0.7 has an out-of-bounds read in directblockRead in hdf/fractalhead.c. | ||||
| CVE-2019-16089 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.1 Medium |
| An issue was discovered in the Linux kernel through 5.2.13. nbd_genl_status in drivers/block/nbd.c does not check the nla_nest_start_noflag return value. | ||||
| CVE-2019-16088 | 1 Glyphandcog | 1 Xpdfreader | 2024-11-21 | N/A |
| Xpdf 3.04 has a SIGSEGV in XRef::fetch in XRef.cc after many recursive calls to Catalog::countPageTree in Catalog.cc. | ||||
| CVE-2019-16072 | 1 Netsas | 1 Enigma Network Management Solution | 2024-11-21 | 9.8 Critical |
| An OS command injection vulnerability in the discover_and_manage CGI script in NETSAS Enigma NMS 65.0.0 and prior allows an attacker to execute arbitrary code because of improper neutralization of shell metacharacters in the ip_address variable within an snmp_browser action. | ||||
| CVE-2019-16071 | 1 Netsas | 1 Enigma Nms | 2024-11-21 | 8.8 High |
| Enigma NMS 65.0.0 and prior allows administrative users to create low-privileged accounts that do not have the ability to modify any settings in the system, only view the components. However, it is possible for a low-privileged user to perform all actions as an administrator by bypassing authorization controls and sending requests to the server in the context of an administrator. | ||||