Export limit exceeded: 367033 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (367033 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-9087 | 1 Digitaldruid | 1 Hoteldruid | 2024-11-21 | N/A |
| HotelDruid before v2.3.1 has SQL Injection via the /tab_tariffe.php numtariffa1 parameter. | ||||
| CVE-2019-9086 | 1 Digitaldruid | 1 Hoteldruid | 2024-11-21 | N/A |
| HotelDruid before v2.3.1 has SQL Injection via the /visualizza_tabelle.php anno parameter. | ||||
| CVE-2019-9085 | 1 Digitaldruid | 1 Hoteldruid | 2024-11-21 | N/A |
| Hoteldruid before v2.3.1 allows remote authenticated users to cause a denial of service (invoice-creation outage) via the n_file parameter to visualizza_contratto.php with invalid arguments (any non-numeric value), as demonstrated by the anno=2019&id_transazione=1&numero_contratto=1&n_file=a query string to visualizza_contratto.php. | ||||
| CVE-2019-9084 | 1 Digitaldruid | 1 Hoteldruid | 2024-11-21 | N/A |
| In Hoteldruid before 2.3.1, a division by zero was discovered in $num_tabelle in tab_tariffe.php (aka the numtariffa1 parameter) due to the mishandling of non-numeric values, as demonstrated by the /tab_tariffe.php?anno=[YEAR]&numtariffa1=1a URI. It could allow an administrator to conduct remote denial of service (disrupting certain business functions of the product). | ||||
| CVE-2019-9083 | 1 Sqlitemanager | 1 Sqlitemanager | 2024-11-21 | N/A |
| SQLiteManager 1.20 and 1.24 allows SQL injection via the /sqlitemanager/main.php dbsel parameter. NOTE: This product is discontinued. | ||||
| CVE-2019-9080 | 1 Domainmod | 1 Domainmod | 2024-11-21 | 7.5 High |
| DomainMOD before 4.14.0 uses MD5 without a salt for password storage. | ||||
| CVE-2019-9078 | 1 Zzcms | 1 Zzcms | 2024-11-21 | N/A |
| zzcms 2019 has XSS via an arbitrary user/ask.php?do=modify parameter because inc/stopsqlin.php does not block a mixed-case string such as sCrIpT. | ||||
| CVE-2019-9077 | 4 Canonical, F5, Gnu and 1 more | 4 Ubuntu Linux, Traffix Signaling Delivery Controller, Binutils and 1 more | 2024-11-21 | 7.8 High |
| An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in process_mips_specific in readelf.c via a malformed MIPS option section. | ||||
| CVE-2019-9076 | 2 Gnu, Netapp | 2 Binutils, Element Software Management | 2024-11-21 | 5.5 Medium |
| An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in elf_read_notes in elf.c. | ||||
| CVE-2019-9075 | 4 Canonical, F5, Gnu and 1 more | 18 Ubuntu Linux, Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager and 15 more | 2024-11-21 | 7.8 High |
| An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is a heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap in archive64.c. | ||||
| CVE-2019-9074 | 3 Canonical, Gnu, Netapp | 4 Ubuntu Linux, Binutils, Hci Management Node and 1 more | 2024-11-21 | 5.5 Medium |
| An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an out-of-bounds read leading to a SEGV in bfd_getl32 in libbfd.c, when called from pex64_get_runtime_function in pei-x86_64.c. | ||||
| CVE-2019-9073 | 3 Canonical, Gnu, Netapp | 4 Ubuntu Linux, Binutils, Hci Management Node and 1 more | 2024-11-21 | 5.5 Medium |
| An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in _bfd_elf_slurp_version_tables in elf.c. | ||||
| CVE-2019-9072 | 2 Gnu, Netapp | 3 Binutils, Hci Management Node, Solidfire | 2024-11-21 | 5.5 Medium |
| An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in setup_group in elf.c. | ||||
| CVE-2019-9071 | 3 Canonical, Gnu, Netapp | 4 Ubuntu Linux, Binutils, Hci Management Node and 1 more | 2024-11-21 | 5.5 Medium |
| An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a stack consumption issue in d_count_templates_scopes in cp-demangle.c after many recursive calls. | ||||
| CVE-2019-9070 | 4 Canonical, F5, Gnu and 1 more | 4 Ubuntu Linux, Traffix Signaling Delivery Controller, Binutils and 1 more | 2024-11-21 | 7.8 High |
| An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a heap-based buffer over-read in d_expression_1 in cp-demangle.c after many recursive calls. | ||||
| CVE-2019-9066 | 1 Php Appointment Booking Script Project | 1 Php Appointment Booking Script | 2024-11-21 | N/A |
| PHP Scripts Mall PHP Appointment Booking Script 3.0.3 allows HTML injection in a user profile. | ||||
| CVE-2019-9065 | 1 Custom T-shirt Ecommerce Script Project | 1 Custom T-shirt Ecommerce Script | 2024-11-21 | N/A |
| PHP Scripts Mall Custom T-Shirt Ecommerce Script 3.1.1 allows parameter tampering of the payment amount. | ||||
| CVE-2019-9064 | 1 Cab Booking Script Project | 1 Cab Booking Script | 2024-11-21 | N/A |
| PHP Scripts Mall Cab Booking Script 1.0.3 allows Directory Traversal into the parent directory of a jpg or png file. | ||||
| CVE-2019-9063 | 1 Auction Website Script Project | 1 Auction Website Script | 2024-11-21 | N/A |
| PHP Scripts Mall Auction website script 2.0.4 allows parameter tampering of the payment amount. | ||||
| CVE-2019-9062 | 1 Phpscriptsmall | 1 Online Food Ordering Script | 2024-11-21 | N/A |
| PHP Scripts Mall Online Food Ordering Script 1.0 has Cross-Site Request Forgery (CSRF) in my-account.php. | ||||