Export limit exceeded: 361587 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 361587 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (361587 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-16103 | 1 Silver-peak | 2 Unity Edgeconnect Sd-wan, Unity Edgeconnect Sd-wan Firmware | 2024-11-21 | N/A |
| Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows privilege escalation (by administrators) from the menu to a root Bash OS shell via the spsshell feature. | ||||
| CVE-2019-16102 | 1 Silver-peak | 2 Unity Edgeconnect Sd-wan, Unity Edgeconnect Sd-wan Firmware | 2024-11-21 | N/A |
| Silver Peak EdgeConnect SD-WAN before 8.1.7.x has an SNMP service with a public value for rocommunity and trapcommunity. | ||||
| CVE-2019-16101 | 1 Silver-peak | 2 Unity Edgeconnect Sd-wan, Unity Edgeconnect Sd-wan Firmware | 2024-11-21 | N/A |
| Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows remote attackers to obtain potentially sensitive stack traces by sending incorrect JSON data to the REST API, such as the rest/json/banners URI. | ||||
| CVE-2019-16100 | 1 Silver-peak | 2 Unity Edgeconnect Sd-wan, Unity Edgeconnect Sd-wan Firmware | 2024-11-21 | N/A |
| Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows remote attackers to trigger a web-interface outage via slow client-side HTTP traffic from a single source. | ||||
| CVE-2019-16099 | 1 Silver-peak | 2 Unity Edgeconnect Sd-wan, Unity Edgeconnect Sd-wan Firmware | 2024-11-21 | N/A |
| Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows CSRF via JSON data to a .swf file. | ||||
| CVE-2019-16098 | 1 Msi | 1 Afterburner | 2024-11-21 | 7.8 High |
| The driver in Micro-Star MSI Afterburner 4.6.2.15658 (aka RTCore64.sys and RTCore32.sys) allows any authenticated user to read and write to arbitrary memory, I/O ports, and MSRs. This can be exploited for privilege escalation, code execution under high privileges, and information disclosure. These signed drivers can also be used to bypass the Microsoft driver-signing policy to deploy malicious code. | ||||
| CVE-2019-16097 | 1 Linuxfoundation | 1 Harbor | 2024-11-21 | 6.5 Medium |
| core/api/user.go in Harbor 1.7.0 through 1.8.2 allows non-admin users to create admin accounts via the POST /api/users API, when Harbor is setup with DB as authentication backend and allow user to do self-registration. Fixed version: v1.7.6 v1.8.3. v.1.9.0. Workaround without applying the fix: configure Harbor to use non-DB authentication backend such as LDAP. | ||||
| CVE-2019-16096 | 1 Kilo Project | 1 Kilo | 2024-11-21 | 7.5 High |
| Kilo 0.0.1 has a heap-based buffer overflow because there is an integer overflow in a calculation involving the number of tabs in one row. | ||||
| CVE-2019-16095 | 2 Canonical, Symonics | 2 Ubuntu Linux, Libmysofa | 2024-11-21 | 7.5 High |
| Symonics libmysofa 0.7 has an invalid read in getDimension in hrtf/reader.c. | ||||
| CVE-2019-16094 | 2 Canonical, Symonics | 2 Ubuntu Linux, Libmysofa | 2024-11-21 | 7.5 High |
| Symonics libmysofa 0.7 has an invalid read in readOHDRHeaderMessageDataLayout in hdf/dataobject.c. | ||||
| CVE-2019-16093 | 2 Canonical, Symonics | 2 Ubuntu Linux, Libmysofa | 2024-11-21 | 9.8 Critical |
| Symonics libmysofa 0.7 has an invalid write in readOHDRHeaderMessageDataLayout in hdf/dataobject.c. | ||||
| CVE-2019-16092 | 2 Canonical, Symonics | 2 Ubuntu Linux, Libmysofa | 2024-11-21 | 9.8 Critical |
| Symonics libmysofa 0.7 has a NULL pointer dereference in getHrtf in hrtf/reader.c. | ||||
| CVE-2019-16091 | 2 Canonical, Symonics | 2 Ubuntu Linux, Libmysofa | 2024-11-21 | 7.5 High |
| Symonics libmysofa 0.7 has an out-of-bounds read in directblockRead in hdf/fractalhead.c. | ||||
| CVE-2019-16089 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.1 Medium |
| An issue was discovered in the Linux kernel through 5.2.13. nbd_genl_status in drivers/block/nbd.c does not check the nla_nest_start_noflag return value. | ||||
| CVE-2019-16088 | 1 Glyphandcog | 1 Xpdfreader | 2024-11-21 | N/A |
| Xpdf 3.04 has a SIGSEGV in XRef::fetch in XRef.cc after many recursive calls to Catalog::countPageTree in Catalog.cc. | ||||
| CVE-2019-16072 | 1 Netsas | 1 Enigma Network Management Solution | 2024-11-21 | 9.8 Critical |
| An OS command injection vulnerability in the discover_and_manage CGI script in NETSAS Enigma NMS 65.0.0 and prior allows an attacker to execute arbitrary code because of improper neutralization of shell metacharacters in the ip_address variable within an snmp_browser action. | ||||
| CVE-2019-16071 | 1 Netsas | 1 Enigma Nms | 2024-11-21 | 8.8 High |
| Enigma NMS 65.0.0 and prior allows administrative users to create low-privileged accounts that do not have the ability to modify any settings in the system, only view the components. However, it is possible for a low-privileged user to perform all actions as an administrator by bypassing authorization controls and sending requests to the server in the context of an administrator. | ||||
| CVE-2019-16070 | 1 Netsas | 1 Enigma Network Management Solution | 2024-11-21 | 6.1 Medium |
| A number of stored Cross-site Scripting (XSS) vulnerabilities were identified in NETSAS Enigma NMS 65.0.0 and prior that could allow a threat actor to inject malicious code directly into the application through web application form inputs. | ||||
| CVE-2019-16069 | 1 Netsas | 1 Enigma Network Management Solution | 2024-11-21 | 6.1 Medium |
| A number of stored Cross-site Scripting (XSS) vulnerabilities were identified in NETSAS Enigma NMS 65.0.0 and prior that could allow a threat actor to inject malicious code directly into the application through the SNMP protocol. | ||||
| CVE-2019-16068 | 1 Netsas | 1 Enigma Network Management Solution | 2024-11-21 | 8.8 High |
| A CSRF vulnerability exists in NETSAS ENIGMA NMS version 65.0.0 and prior that could allow an attacker to be able to trick a victim into submitting a malicious manage_files.cgi request. This can be triggered via XSS or an IFRAME tag included within the site. | ||||