Export limit exceeded: 361804 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (361804 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-14663 | 1 Brandy Project | 1 Brandy | 2024-11-21 | N/A |
| Brandy 1.20.1 has a stack-based buffer overflow in fileio_openin in fileio.c via crafted BASIC source code. | ||||
| CVE-2019-14662 | 1 Brandy Project | 1 Brandy | 2024-11-21 | N/A |
| Brandy 1.20.1 has a stack-based buffer overflow in fileio_openout in fileio.c via crafted BASIC source code. | ||||
| CVE-2019-14657 | 1 Yeahlink | 6 T49g, T49g Firmware, T58v and 3 more | 2024-11-21 | 8.8 High |
| Yealink phones through 2019-08-04 have an issue with OpenVPN file upload. They execute tar as root to extract files, but do not validate the extraction directory. Creating a tar file with ../../../../ allows replacement of almost any file on a phone. This leads to password replacement and arbitrary code execution as root. | ||||
| CVE-2019-14656 | 1 Yeahlink | 6 T49g, T49g Firmware, T58v and 3 more | 2024-11-21 | 8.8 High |
| Yealink phones through 2019-08-04 do not properly check user roles in POST requests. Consequently, the default User account (with a password of user) can make admin requests via HTTP. | ||||
| CVE-2019-14654 | 1 Joomla | 1 Joomla\! | 2024-11-21 | N/A |
| In Joomla! 3.9.7 and 3.9.8, inadequate filtering allows users authorised to create custom fields to manipulate the filtering options and inject an unvalidated option. In other words, the filter attribute in subform fields allows remote code execution. This is fixed in 3.9.9. | ||||
| CVE-2019-14653 | 1 Ipandao | 1 Editor.md | 2024-11-21 | N/A |
| pandao Editor.md 1.5.0 allows XSS via an attribute of an ABBR or SUP element. | ||||
| CVE-2019-14652 | 1 Amazon | 1 Aws Javascript S3 Explorer | 2024-11-21 | 6.1 Medium |
| explorer.js in Amazon AWS JavaScript S3 Explorer (aka aws-js-s3-explorer) v2 alpha before 2019-08-02 allows XSS in certain circumstances. | ||||
| CVE-2019-14630 | 1 Intel | 26 Dsl3310 Thunderbolt, Dsl3310 Thunderbolt Firmware, Dsl3510 Thunderbolt and 23 more | 2024-11-21 | 4.6 Medium |
| Reliance on untrusted inputs in a security decision in some Intel(R) Thunderbolt(TM) controllers may allow unauthenticated user to potentially enable information disclosure via physical access. | ||||
| CVE-2019-14629 | 1 Intel | 1 Data Analytics Acceleration Library | 2024-11-21 | 5.5 Medium |
| Improper permissions in Intel(R) DAAL before version 2020 Gold may allow an authenticated user to potentially enable information disclosure via local access. | ||||
| CVE-2019-14626 | 1 Intel | 2 Field Programmable Gate Array Programmable Acceleration Card N3000, Field Programmable Gate Array Programmable Acceleration Card N3000 Firmware | 2024-11-21 | 6.7 Medium |
| Improper access control in PCIe function for the Intel® FPGA Programmable Acceleration Card N3000, all versions, may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2019-14625 | 1 Intel | 2 Field Programmable Gate Array Programmable Acceleration Card N3000, Field Programmable Gate Array Programmable Acceleration Card N3000 Firmware | 2024-11-21 | 4.4 Medium |
| Improper access control in on-card storage for the Intel® FPGA Programmable Acceleration Card N3000, all versions, may allow a privileged user to potentially enable denial of service via local access. | ||||
| CVE-2019-14620 | 1 Intel | 22 Ac 3165, Ac 3165 Firmware, Ac 3168 and 19 more | 2024-11-21 | 6.5 Medium |
| Insufficient control flow management for some Intel(R) Wireless Bluetooth(R) products may allow an unprivileged user to potentially enable denial of service via adjacent access. | ||||
| CVE-2019-14615 | 3 Canonical, Intel, Redhat | 710 Ubuntu Linux, Atom E3805, Atom E3805 Firmware and 707 more | 2024-11-21 | 5.5 Medium |
| Insufficient control flow in certain data structures for some Intel(R) Processors with Intel(R) Processor Graphics may allow an unauthenticated user to potentially enable information disclosure via local access. | ||||
| CVE-2019-14613 | 1 Intel | 1 Vtune Profiler | 2024-11-21 | 7.8 High |
| Improper access control in driver for Intel(R) VTune(TM) Amplifier for Windows* before update 8 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2019-14612 | 1 Intel | 38 Cd1iv128mk, Cd1iv128mk Firmware, Cd1m3128mk and 35 more | 2024-11-21 | 6.7 Medium |
| Out of bounds write in firmware for Intel(R) NUC(R) may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2019-14611 | 1 Intel | 38 Cd1iv128mk, Cd1iv128mk Firmware, Cd1m3128mk and 35 more | 2024-11-21 | 6.7 Medium |
| Integer overflow in firmware for Intel(R) NUC(R) may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2019-14610 | 1 Intel | 38 Cd1iv128mk, Cd1iv128mk Firmware, Cd1m3128mk and 35 more | 2024-11-21 | 7.8 High |
| Improper access control in firmware for Intel(R) NUC(R) may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2019-14609 | 1 Intel | 38 Cd1iv128mk, Cd1iv128mk Firmware, Cd1m3128mk and 35 more | 2024-11-21 | 6.7 Medium |
| Improper input validation in firmware for Intel(R) NUC(R) may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2019-14608 | 1 Intel | 38 Cd1iv128mk, Cd1iv128mk Firmware, Cd1m3128mk and 35 more | 2024-11-21 | 7.8 High |
| Improper buffer restrictions in firmware for Intel(R) NUC(R) may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2019-14607 | 1 Intel | 756 Core I3-1000g1, Core I3-1000g1 Firmware, Core I3-1000g4 and 753 more | 2024-11-21 | 5.3 Medium |
| Improper conditions check in multiple Intel® Processors may allow an authenticated user to potentially enable partial escalation of privilege, denial of service and/or information disclosure via local access. | ||||