Export limit exceeded: 361533 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (361533 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-15555 | 1 Wellness Project | 1 Wellness | 2024-11-21 | N/A |
| FredReinink Wellness-app before 2019-06-19 allows SQL injection, related to dietTrack.php, exerciseGenerator.php, fitnessTrack.php, and server.php. | ||||
| CVE-2019-15554 | 1 Servo | 1 Smallvec | 2024-11-21 | N/A |
| An issue was discovered in the smallvec crate before 0.6.10 for Rust. There is memory corruption for certain grow attempts with less than the current capacity. | ||||
| CVE-2019-15553 | 1 Memoffset Project | 1 Memoffset | 2024-11-21 | N/A |
| An issue was discovered in the memoffset crate before 0.5.0 for Rust. offset_of and span_of can cause exposure of uninitialized memory. | ||||
| CVE-2019-15552 | 1 Libflate Project | 1 Libflate | 2024-11-21 | N/A |
| An issue was discovered in the libflate crate before 0.1.25 for Rust. MultiDecoder::read has a use-after-free, leading to arbitrary code execution. | ||||
| CVE-2019-15551 | 1 Servo | 1 Smallvec | 2024-11-21 | N/A |
| An issue was discovered in the smallvec crate before 0.6.10 for Rust. There is a double free for certain grow attempts with the current capacity. | ||||
| CVE-2019-15550 | 1 Simdjson Project | 1 Simdjson | 2024-11-21 | 7.5 High |
| An issue was discovered in the simd-json crate before 0.1.15 for Rust. There is an out-of-bounds read and an incorrect crossing of a page boundary. | ||||
| CVE-2019-15549 | 1 Asn1 Der Project | 1 Asn1 Der | 2024-11-21 | N/A |
| An issue was discovered in the asn1_der crate before 0.6.2 for Rust. Attackers can trigger memory exhaustion by supplying a large value in a length field. | ||||
| CVE-2019-15548 | 1 Ncurses Project | 1 Ncurses | 2024-11-21 | N/A |
| An issue was discovered in the ncurses crate through 5.99.0 for Rust. There are instr and mvwinstr buffer overflows because interaction with C functions is mishandled. | ||||
| CVE-2019-15547 | 1 Ncurses Project | 1 Ncurses | 2024-11-21 | N/A |
| An issue was discovered in the ncurses crate through 5.99.0 for Rust. There are format string issues in printw functions because C format arguments are mishandled. | ||||
| CVE-2019-15546 | 1 Pancurses Project | 1 Pancurses | 2024-11-21 | N/A |
| An issue was discovered in the pancurses crate through 0.16.1 for Rust. printw and mvprintw have format string vulnerabilities. | ||||
| CVE-2019-15545 | 1 Libp2p | 1 Libp2p | 2024-11-21 | N/A |
| An issue was discovered in the libp2p-core crate before 0.8.1 for Rust. Attackers can spoof ed25519 signatures. | ||||
| CVE-2019-15544 | 2 Apache, Rust-protobuf Project | 2 Hbase, Rust-protobuf | 2024-11-21 | 7.5 High |
| An issue was discovered in the protobuf crate before 2.6.0 for Rust. Attackers can exhaust all memory via Vec::reserve calls. | ||||
| CVE-2019-15543 | 1 Slice-deque Project | 1 Slice-deque | 2024-11-21 | N/A |
| An issue was discovered in the slice-deque crate before 0.2.0 for Rust. There is memory corruption in certain allocation cases. | ||||
| CVE-2019-15542 | 1 Ammonia Project | 1 Ammonia | 2024-11-21 | N/A |
| An issue was discovered in the ammonia crate before 2.1.0 for Rust. There is uncontrolled recursion during HTML DOM tree serialization. | ||||
| CVE-2019-15541 | 1 Rustls Project | 1 Rustls | 2024-11-21 | N/A |
| rustls-mio/examples/tlsserver.rs in the rustls crate before 0.16.0 for Rust allows attackers to cause a denial of service (loop of conn_event and ready) by arranging for a client to never be writable. | ||||
| CVE-2019-15540 | 1 Cdemu | 1 Libmirage | 2024-11-21 | N/A |
| filters/filter-cso/filter-stream.c in the CSO filter in libMirage 3.2.2 in CDemu does not validate the part size, triggering a heap-based buffer overflow that can lead to root access by a local Linux user. | ||||
| CVE-2019-15539 | 1 Mantisbt | 1 Mantisbt | 2024-11-21 | 6.1 Medium |
| The proj_doc_edit_page.php Project Documentation feature in MantisBT before 2.21.3 has a stored cross-site scripting (XSS) vulnerability, allowing execution of arbitrary code (if CSP settings permit it) after uploading an attachment with a crafted filename. The code is executed when editing the document's page. | ||||
| CVE-2019-15538 | 7 Canonical, Debian, Fedoraproject and 4 more | 29 Ubuntu Linux, Debian Linux, Fedora and 26 more | 2024-11-21 | 7.5 High |
| An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. XFS partially wedges when a chgrp fails on account of being out of disk quota. xfs_setattr_nonsize is failing to unlock the ILOCK after the xfs_qm_vop_chown_reserve call fails. This is primarily a local DoS attack vector, but it might result as well in remote DoS if the XFS filesystem is exported for instance via NFS. | ||||
| CVE-2019-15537 | 1 Cesnet | 1 Proxystatistics | 2024-11-21 | N/A |
| The proxystatistics module before 3.1.0 for SimpleSAMLphp allows SQL Injection in lib/Auth/Process/DatabaseCommand.php. | ||||
| CVE-2019-15536 | 1 Youracclaim | 1 Acclaim | 2024-11-21 | N/A |
| The Acclaim block plugin before 2019-06-26 for Moodle allows SQL Injection via delete_records. | ||||