Export limit exceeded: 364862 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (364862 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-7548 | 5 Debian, Opensuse, Oracle and 2 more | 9 Debian Linux, Backports Sle, Leap and 6 more | 2024-11-21 | 7.8 High |
| SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be controlled. | ||||
| CVE-2019-7547 | 1 Topnew | 1 Sidu | 2024-11-21 | N/A |
| An issue was discovered in SIDU 6.0. Because the database name is not strictly filtered, the attacker can insert a name containing an XSS Payload, leading to stored XSS. | ||||
| CVE-2019-7546 | 1 Topnew | 1 Sidu | 2024-11-21 | N/A |
| An issue was discovered in SIDU 6.0. The dbs parameter of the conn.php page has a reflected Cross-site Scripting (XSS) vulnerability. | ||||
| CVE-2019-7545 | 1 Dbninja | 1 Dbninja | 2024-11-21 | N/A |
| In DbNinja 3.2.7, the Add Host function of the Manage Hosts pages has a Stored Cross-site Scripting (XSS) vulnerability in the User Name field. | ||||
| CVE-2019-7544 | 1 Mywebsql | 1 Mywebsql | 2024-11-21 | N/A |
| An issue was discovered in MyWebSQL 3.7. The Add User function of the User Manager pages has a Stored Cross-site Scripting (XSS) vulnerability in the User Name Field. | ||||
| CVE-2019-7543 | 1 Kindsoft | 1 Kindeditor | 2024-11-21 | N/A |
| In KindEditor 4.1.11, the php/demo.php content1 parameter has a reflected Cross-site Scripting (XSS) vulnerability. | ||||
| CVE-2019-7541 | 1 Rukovoditel | 1 Rukovoditel | 2024-11-21 | N/A |
| Rukovoditel through 2.4.1 allows XSS via a URL that lacks a module=users%2flogin substring. | ||||
| CVE-2019-7539 | 1 Ipycache Project | 1 Ipycache | 2024-11-21 | N/A |
| A code injection issue was discovered in ipycache through 2016-05-31. | ||||
| CVE-2019-7537 | 1 Pytroll | 1 Donfig | 2024-11-21 | N/A |
| An issue was discovered in Donfig 0.3.0. There is a vulnerability in the collect_yaml method in config_obj.py. It can execute arbitrary Python commands, resulting in command execution. | ||||
| CVE-2019-7535 | 1 Gurock | 1 Testrail | 2024-11-21 | N/A |
| index.php in Gurock TestRail 5.3.0.3603 returns potentially sensitive information for an invalid request, as demonstrated by full path disclosure and the identification of PHP as the backend technology. | ||||
| CVE-2019-7524 | 5 Canonical, Debian, Dovecot and 2 more | 5 Ubuntu Linux, Debian Linux, Dovecot and 2 more | 2024-11-21 | N/A |
| In Dovecot before 2.2.36.3 and 2.3.x before 2.3.5.1, a local attacker can cause a buffer overflow in the indexer-worker process, which can be used to elevate to root. This occurs because of missing checks in the fts and pop3-uidl components. | ||||
| CVE-2019-7489 | 1 Sonicwall | 1 Email Security Appliance | 2024-11-21 | 9.8 Critical |
| A vulnerability in SonicWall Email Security appliance allow an unauthenticated user to perform remote code execution. This vulnerability affected Email Security Appliance version 10.0.2 and earlier. | ||||
| CVE-2019-7488 | 1 Sonicwall | 1 Email Security Appliance | 2024-11-21 | 9.8 Critical |
| Weak default password cause vulnerability in SonicWall Email Security appliance which leads to attacker gain access to appliance database. This vulnerability affected Email Security Appliance version 10.0.2 and earlier. | ||||
| CVE-2019-7487 | 2 Microsoft, Sonicwall | 3 Windows, Sonicos, Sonicos Sslvpn Nacagent | 2024-11-21 | 7.8 High |
| Installation of the SonicOS SSLVPN NACagent 3.5 on the Windows operating system, an autorun value is created does not put the path in quotes, so if a malicious binary by an attacker within the parent path could allow code execution. | ||||
| CVE-2019-7486 | 1 Sonicwall | 2 Sma 100, Sma 100 Firmware | 2024-11-21 | 8.8 High |
| Code injection in SonicWall SMA100 allows an authenticated user to execute arbitrary code in viewcacert CGI script. This vulnerability impacted SMA100 version 9.0.0.4 and earlier. | ||||
| CVE-2019-7485 | 1 Sonicwall | 2 Sma 100, Sma 100 Firmware | 2024-11-21 | 8.8 High |
| Buffer overflow in SonicWall SMA100 allows an authenticated user to execute arbitrary code in DEARegister CGI script. This vulnerability impacted SMA100 version 9.0.0.3 and earlier. | ||||
| CVE-2019-7484 | 1 Sonicwall | 2 Sma 100, Sma 100 Firmware | 2024-11-21 | 6.5 Medium |
| Authenticated SQL Injection in SonicWall SMA100 allow user to gain read-only access to unauthorized resources using viewcacert CGI script. This vulnerability impacted SMA100 version 9.0.0.3 and earlier. | ||||
| CVE-2019-7482 | 1 Sonicwall | 2 Sma 100, Sma 100 Firmware | 2024-11-21 | 9.8 Critical |
| Stack-based buffer overflow in SonicWall SMA100 allows an unauthenticated user to execute arbitrary code in function libSys.so. This vulnerability impacted SMA100 version 9.0.0.3 and earlier. | ||||
| CVE-2019-7479 | 1 Sonicwall | 2 Sonicos, Sonicosv | 2024-11-21 | 7.2 High |
| A vulnerability in SonicOS allow authenticated read-only admin can elevate permissions to configuration mode. This vulnerability affected SonicOS Gen 5 version 5.9.1.12-4o and earlier, Gen 6 version 6.2.7.4-32n, 6.5.1.4-4n, 6.5.2.3-4n, 6.5.3.3-3n, 6.2.7.10-3n, 6.4.1.0-3n, 6.5.3.3-3n, 6.5.1.9-4n and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V). | ||||
| CVE-2019-7478 | 1 Sonicwall | 1 Global Management System | 2024-11-21 | 9.8 Critical |
| A vulnerability in GMS allow unauthenticated user to SQL injection in Webservice module. This vulnerability affected GMS versions GMS 8.4, 8.5, 8.6, 8.7, 9.0 and 9.1. | ||||