Export limit exceeded: 362748 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 362752 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (362753 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-15893 | 1 Sonatype | 1 Nexus Repository Manager | 2024-11-21 | 7.2 High |
| Sonatype Nexus Repository Manager 2.x before 2.14.15 allows Remote Code Execution. | ||||
| CVE-2019-15892 | 4 Debian, Redhat, Varnish-software and 1 more | 5 Debian Linux, Enterprise Linux, Rhel Software Collections and 2 more | 2024-11-21 | N/A |
| An issue was discovered in Varnish Cache before 6.0.4 LTS, and 6.1.x and 6.2.x before 6.2.1. An HTTP/1 parsing failure allows a remote attacker to trigger an assert by sending crafted HTTP/1 requests. The assert will cause an automatic restart with a clean cache, which makes it a Denial of Service attack. | ||||
| CVE-2019-15891 | 1 Cksource | 1 Ckfinder | 2024-11-21 | 5.3 Medium |
| An issue was discovered in CKFinder through 2.6.2.1 and 3.x through 3.5.0. The documentation has misleading information that could lead to a conclusion that the application has a built-in bulletproof content sniffing protection. | ||||
| CVE-2019-15890 | 3 Libslirp Project, Qemu, Redhat | 5 Libslirp, Qemu, Advanced Virtualization and 2 more | 2024-11-21 | 7.5 High |
| libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c. | ||||
| CVE-2019-15880 | 1 Freebsd | 1 Freebsd | 2024-11-21 | 9.8 Critical |
| In FreeBSD 12.1-STABLE before r356911, and 12.1-RELEASE before p5, insufficient checking in the cryptodev module allocated the size of a kernel buffer based on a user-supplied length allowing an unprivileged process to trigger a kernel panic. | ||||
| CVE-2019-15879 | 1 Freebsd | 1 Freebsd | 2024-11-21 | 7.4 High |
| In FreeBSD 12.1-STABLE before r356908, 12.1-RELEASE before p5, 11.3-STABLE before r356908, and 11.3-RELEASE before p9, a race condition in the cryptodev module permitted a data structure in the kernel to be used after it was freed, allowing an unprivileged process can overwrite arbitrary kernel memory. | ||||
| CVE-2019-15878 | 1 Freebsd | 1 Freebsd | 2024-11-21 | 7.8 High |
| In FreeBSD 12.1-STABLE before r352509, 11.3-STABLE before r352509, and 11.3-RELEASE before p9, an unprivileged local user can trigger a use-after-free situation due to improper checking in SCTP when an application tries to update an SCTP-AUTH shared key. | ||||
| CVE-2019-15877 | 1 Freebsd | 1 Freebsd | 2024-11-21 | 5.5 Medium |
| In FreeBSD 12.1-STABLE before r356606 and 12.1-RELEASE before 12.1-RELEASE-p3, driver specific ioctl command handlers in the ixl network driver failed to check whether the caller has sufficient privileges allowing unprivileged users to trigger updates to the device's non-volatile memory. | ||||
| CVE-2019-15876 | 1 Freebsd | 1 Freebsd | 2024-11-21 | 5.5 Medium |
| In FreeBSD 12.1-STABLE before r356089, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before r356090, and 11.3-RELEASE before 11.3-RELEASE-p7, driver specific ioctl command handlers in the oce network driver failed to check whether the caller has sufficient privileges allowing unprivileged users to send passthrough commands to the device firmware. | ||||
| CVE-2019-15875 | 1 Freebsd | 1 Freebsd | 2024-11-21 | 3.3 Low |
| In FreeBSD 12.1-STABLE before r354734, 12.1-RELEASE before 12.1-RELEASE-p2, 12.0-RELEASE before 12.0-RELEASE-p13, 11.3-STABLE before r354735, and 11.3-RELEASE before 11.3-RELEASE-p6, due to incorrect initialization of a stack data structure, core dump files may contain up to 20 bytes of kernel data previously stored on the stack. | ||||
| CVE-2019-15874 | 2 Freebsd, Netapp | 2 Freebsd, Clustered Data Ontap | 2024-11-21 | 9.8 Critical |
| In FreeBSD 12.1-STABLE before r356035, 12.1-RELEASE before 12.1-RELEASE-p4, 11.3-STABLE before r356036, and 11.3-RELEASE before 11.3-RELEASE-p8, incomplete packet data validation may result in memory access after it has been freed leading to a kernel panic or other unpredictable results. | ||||
| CVE-2019-15873 | 1 Metagauss | 1 Profilegrid | 2024-11-21 | N/A |
| The profilegrid-user-profiles-groups-and-communities plugin before 2.8.6 for WordPress has remote code execution via an wp-admin/admin-ajax.php request with the action=pm_template_preview&html=<?php substring followed by PHP code. | ||||
| CVE-2019-15872 | 1 Wpbrigade | 1 Loginpress | 2024-11-21 | N/A |
| The LoginPress plugin before 1.1.4 for WordPress has SQL injection via an import of settings. | ||||
| CVE-2019-15871 | 1 Wpbrigade | 1 Loginpress | 2024-11-21 | N/A |
| The LoginPress plugin before 1.1.4 for WordPress has no capability check for updates to settings. | ||||
| CVE-2019-15869 | 1 Jobcareer Project | 1 Jobcareer | 2024-11-21 | N/A |
| The JobCareer theme before 2.5.1 for WordPress has stored XSS. | ||||
| CVE-2019-15868 | 1 Wpaffiliatemanager | 1 Affiliates Manager | 2024-11-21 | N/A |
| The affiliates-manager plugin before 2.6.6 for WordPress has CSRF. | ||||
| CVE-2019-15867 | 1 Omaksolutions | 1 Slick-popup | 2024-11-21 | N/A |
| The slick-popup plugin before 1.7.2 for WordPress has a hardcoded OmakPass13# password for the slickpopupteam account, after a Subscriber calls a certain AJAX action. | ||||
| CVE-2019-15866 | 1 Crelly Slider Project | 1 Crelly Slider | 2024-11-21 | N/A |
| The crelly-slider plugin before 1.3.5 for WordPress has arbitrary file upload via a PHP file inside a ZIP archive to wp_ajax_crellyslider_importSlider. | ||||
| CVE-2019-15865 | 1 Holest | 1 Breadcrumbs By Menu | 2024-11-21 | N/A |
| The breadcrumbs-by-menu plugin before 1.0.3 for WordPress has CSRF. | ||||
| CVE-2019-15864 | 1 Holest | 1 Breadcrumbs By Menu | 2024-11-21 | N/A |
| The breadcrumbs-by-menu plugin before 1.0.3 for WordPress has XSS. | ||||