Export limit exceeded: 361045 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 361045 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (361045 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-14566 | 3 Intel, Linux, Microsoft | 3 Software Guard Extensions Sdk, Linux Kernel, Windows | 2024-11-21 | 7.8 High |
| Insufficient input validation in Intel(R) SGX SDK multiple Linux and Windows versions may allow an authenticated user to enable information disclosure, escalation of privilege or denial of service via local access. | ||||
| CVE-2019-14565 | 3 Intel, Linux, Microsoft | 3 Software Guard Extensions Sdk, Linux Kernel, Windows | 2024-11-21 | 7.8 High |
| Insufficient initialization in Intel(R) SGX SDK Windows versions 2.4.100.51291 and earlier, and Linux versions 2.6.100.51363 and earlier, may allow an authenticated user to enable information disclosure, escalation of privilege or denial of service via local access. | ||||
| CVE-2019-14563 | 3 Debian, Redhat, Tianocore | 3 Debian Linux, Enterprise Linux, Edk2 | 2024-11-21 | 7.8 High |
| Integer truncation in EDK II may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2019-14562 | 2 Debian, Tianocore | 2 Debian Linux, Edk2 | 2024-11-21 | 5.5 Medium |
| Integer overflow in DxeImageVerificationHandler() EDK II may allow an authenticated user to potentially enable denial of service via local access. | ||||
| CVE-2019-14559 | 2 Redhat, Tianocore | 2 Enterprise Linux, Edk2 | 2024-11-21 | 7.5 High |
| Uncontrolled resource consumption in EDK II may allow an unauthenticated user to potentially enable denial of service via network access. | ||||
| CVE-2019-14558 | 2 Debian, Intel | 56 Debian Linux, Bios, Celeron 4205u and 53 more | 2024-11-21 | 5.7 Medium |
| Insufficient control flow management in BIOS firmware for 8th, 9th, 10th Generation Intel(R) Core(TM), Intel(R) Celeron(R) Processor 4000 & 5000 Series Processors may allow an authenticated user to potentially enable denial of service via adjacent access. | ||||
| CVE-2019-14557 | 1 Intel | 55 Bios, Celeron 4205u, Celeron 4305u and 52 more | 2024-11-21 | 8.0 High |
| Buffer overflow in BIOS firmware for 8th, 9th, 10th Generation Intel(R) Core(TM), Intel(R) Celeron(R) Processor 4000 & 5000 Series Processors may allow an authenticated user to potentially enable elevation of privilege or denial of service via adjacent access. | ||||
| CVE-2019-14556 | 1 Intel | 55 Bios, Celeron 4205u, Celeron 4305u and 52 more | 2024-11-21 | 4.4 Medium |
| Improper initialization in BIOS firmware for 8th, 9th, 10th Generation Intel(R) Core(TM), Intel(R) Celeron(R) Processor 4000 & 5000 Series Processors may allow a privileged user to potentially enable denial of service via local access. | ||||
| CVE-2019-14553 | 1 Tianocore | 1 Edk2 | 2024-11-21 | 4.9 Medium |
| Improper authentication in EDK II may allow a privileged user to potentially enable information disclosure via network access. | ||||
| CVE-2019-14551 | 1 Daskeyboard | 4 Das Keyboard 4q, Das Keyboard 5q, Das Keyboard X50q and 1 more | 2024-11-21 | N/A |
| Das Q before 2019-08-02 allows web sites to execute arbitrary code on client machines, as demonstrated by a cross-origin /install request with an attacker-controlled releaseUrl, which triggers download and execution of code within a ZIP archive. | ||||
| CVE-2019-14550 | 1 Espocrm | 1 Espocrm | 2024-11-21 | N/A |
| An issue was discovered in EspoCRM before 5.6.9. Stored XSS was executed when a victim clicks on the Edit Dashboard feature present on the Homepage. An attacker can load malicious JavaScript inside the add tab list feature, which would fire when a user clicks on the Edit Dashboard button, thus helping him steal victims' cookies (hence compromising their accounts). | ||||
| CVE-2019-14549 | 1 Espocrm | 1 Espocrm | 2024-11-21 | N/A |
| An issue was discovered in EspoCRM before 5.6.9. Stored XSS was executed inside the title and breadcrumb of a newly formed entity available to all the users. A malicious user can inject JavaScript in these values of an entity, thus stealing user cookies when someone visits the publicly accessible link. | ||||
| CVE-2019-14548 | 1 Espocrm | 1 Espocrm | 2024-11-21 | N/A |
| An issue was discovered in EspoCRM before 5.6.9. Stored XSS in the body of an Article was executed when a victim opens articles received through mail. This Article can be formed by an attacker using the Knowledge Base feature in the tab list. The attacker could inject malicious JavaScript inside the body of the article, thus helping him steal victims' cookies (hence compromising their accounts). | ||||
| CVE-2019-14547 | 1 Espocrm | 1 Espocrm | 2024-11-21 | N/A |
| An issue was discovered in EspoCRM before 5.6.9. Stored XSS was executed when a attacker sends an attachment to admin with malicious JavaScript in the filename. This JavaScript executed when an admin selects the particular file from the list of all attachments. The attacker could inject the JavaScript inside the filename and send it to users, thus helping him steal victims' cookies (hence compromising their accounts). | ||||
| CVE-2019-14546 | 1 Espocrm | 1 Espocrm | 2024-11-21 | N/A |
| An issue was discovered in EspoCRM before 5.6.9. Stored XSS was executed on the Preference page as well as while sending an email when a malicious payload was inserted inside the Email Signature in the Preference page. The attacker could insert malicious JavaScript inside his email signature, which fires when the victim replies or forwards the mail, thus helping him steal victims' cookies (hence compromising their accounts). | ||||
| CVE-2019-14544 | 1 Gogs | 1 Gogs | 2024-11-21 | N/A |
| routes/api/v1/api.go in Gogs 0.11.86 lacks permission checks for routes: deploy keys, collaborators, and hooks. | ||||
| CVE-2019-14541 | 1 Gnucobol Project | 1 Gnucobol | 2024-11-21 | N/A |
| GnuCOBOL 2.2 has a stack-based buffer overflow in cb_encode_program_id in cobc/typeck.c via crafted COBOL source code. | ||||
| CVE-2019-14540 | 6 Debian, Fasterxml, Fedoraproject and 3 more | 28 Debian Linux, Jackson-databind, Fedora and 25 more | 2024-11-21 | 9.8 Critical |
| A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariConfig. | ||||
| CVE-2019-14537 | 1 Yourls | 1 Yourls | 2024-11-21 | N/A |
| YOURLS through 1.7.3 is affected by a type juggling vulnerability in the api component that can result in login bypass. | ||||
| CVE-2019-14535 | 2 Debian, Videolan | 2 Debian Linux, Vlc Media Player | 2024-11-21 | N/A |
| A divide-by-zero error exists in the SeekIndex function of demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1. As a result, an FPE can be triggered via a crafted WMV file. | ||||