Export limit exceeded: 361808 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 361808 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (361808 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-17270 | 1 Yachtcontrol | 1 Yachtcontrol | 2024-11-21 | 9.8 Critical |
| Yachtcontrol through 2019-10-06: It's possible to perform direct Operating System commands as an unauthenticated user via the "/pages/systemcall.php?command={COMMAND}" page and parameter, where {COMMAND} will be executed and returning the results to the client. Affects Yachtcontrol webservers disclosed via Dutch GPRS/4G mobile IP-ranges. IP addresses vary due to DHCP client leasing of telco's. | ||||
| CVE-2019-17269 | 1 Intelliantech | 1 Remote Access | 2024-11-21 | 9.8 Critical |
| Intellian Remote Access 3.18 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the Ping Test field. | ||||
| CVE-2019-17268 | 1 Omniauth-weibo-oauth2 Project | 1 Omniauth-weibo-oauth2 | 2024-11-21 | 9.8 Critical |
| The omniauth-weibo-oauth2 gem 0.4.6 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. Versions through 0.4.5, and 0.5.1 and later, are unaffected. | ||||
| CVE-2019-17267 | 5 Debian, Fasterxml, Netapp and 2 more | 21 Debian Linux, Jackson-databind, Active Iq Unified Manager and 18 more | 2024-11-21 | 9.8 Critical |
| A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup. | ||||
| CVE-2019-17266 | 2 Canonical, Gnome | 2 Ubuntu Linux, Libsoup | 2024-11-21 | 9.8 Critical |
| libsoup from versions 2.65.1 until 2.68.1 have a heap-based buffer over-read because soup_ntlm_parse_challenge() in soup-auth-ntlm.c does not properly check an NTLM message's length before proceeding with a memcpy. | ||||
| CVE-2019-17264 | 1 Liblnk Project | 1 Liblnk | 2024-11-21 | 3.3 Low |
| In libyal liblnk before 20191006, liblnk_location_information_read_data in liblnk_location_information.c has a heap-based buffer over-read because an incorrect variable name is used for a certain offset. NOTE: the vendor has disputed this as described in the GitHub issue | ||||
| CVE-2019-17263 | 1 Libfwsi Project | 1 Libfwsi | 2024-11-21 | 3.3 Low |
| In libyal libfwsi before 20191006, libfwsi_extension_block_copy_from_byte_stream in libfwsi_extension_block.c has a heap-based buffer over-read because rejection of an unsupported size only considers values less than 6, even though values of 6 and 7 are also unsupported. NOTE: the vendor has disputed this as described in the GitHub issue | ||||
| CVE-2019-17262 | 1 Xnview | 1 Xnview | 2024-11-21 | 7.8 High |
| XnView Classic 2.49.1 allows a User Mode Write AV starting at Xwsq+0x0000000000001fc0. | ||||
| CVE-2019-17261 | 1 Xnview | 1 Xnview | 2024-11-21 | 7.8 High |
| XnView Classic 2.49.1 allows a User Mode Write AV starting at Xwsq+0x0000000000001e51. | ||||
| CVE-2019-17260 | 1 Mpc-hc | 1 Mpc-hc | 2024-11-21 | 7.8 High |
| MPC-HC through 1.7.13 allows a Read Access Violation on a Block Data Move starting at mpc_hc!memcpy+0x000000000000004e. | ||||
| CVE-2019-17259 | 1 Kmplayer | 1 Kmplayer | 2024-11-21 | 7.8 High |
| KMPlayer 4.2.2.31 allows a User Mode Write AV starting at utils!src_new+0x000000000014d6ee. | ||||
| CVE-2019-17258 | 1 Irfanview | 1 Irfanview | 2024-11-21 | 7.8 High |
| IrfanView 4.53 allows Data from a Faulting Address to control a subsequent Write Address starting at JPEG_LS+0x000000000000839c. | ||||
| CVE-2019-17257 | 1 Irfanview | 1 Irfanview | 2024-11-21 | 5.5 Medium |
| IrfanView 4.53 allows a Exception Handler Chain to be Corrupted starting at EXR!ReadEXR+0x000000000002af80. | ||||
| CVE-2019-17256 | 1 Irfanview | 1 Irfanview | 2024-11-21 | 7.8 High |
| IrfanView 4.53 allows a User Mode Write AV starting at DPX!ReadDPX_W+0x0000000000001203. | ||||
| CVE-2019-17255 | 1 Irfanview | 1 Irfanview | 2024-11-21 | 7.8 High |
| IrfanView 4.53 allows a User Mode Write AV starting at EXR!ReadEXR+0x0000000000010836. | ||||
| CVE-2019-17254 | 1 Irfanview | 1 Irfanview | 2024-11-21 | 7.8 High |
| IrfanView 4.53 allows Data from a Faulting Address to control a subsequent Write Address starting at FORMATS!Read_BadPNG+0x0000000000000101. | ||||
| CVE-2019-17253 | 1 Irfanview | 1 Irfanview | 2024-11-21 | 7.8 High |
| IrfanView 4.53 allows a User Mode Write AV starting at JPEG_LS+0x000000000000a6b8. | ||||
| CVE-2019-17252 | 1 Irfanview | 1 Irfanview | 2024-11-21 | 7.8 High |
| IrfanView 4.53 allows a User Mode Write AV starting at FORMATS!Read_BadPNG+0x0000000000000115. | ||||
| CVE-2019-17251 | 1 Irfanview | 1 Irfanview | 2024-11-21 | 7.8 High |
| IrfanView 4.53 allows a User Mode Write AV starting at FORMATS!GetPlugInInfo+0x0000000000007d43. | ||||
| CVE-2019-17250 | 1 Irfanview | 1 Irfanview | 2024-11-21 | 7.8 High |
| IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x00000000000042f5. | ||||