Export limit exceeded: 361859 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (361859 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-14221 | 1 1crm | 1 1crm On-premise | 2024-11-21 | N/A |
| 1CRM On-Premise Software 8.5.7 allows XSS via a payload that is mishandled during a Run Report operation. | ||||
| CVE-2019-14220 | 3 Apple, Bluestacks, Microsoft | 3 Macos, Bluestacks, Windows | 2024-11-21 | 6.5 Medium |
| An issue was discovered in BlueStacks 4.110 and below on macOS and on 4.120 and below on Windows. BlueStacks employs Android running in a virtual machine (VM) to enable Android apps to run on Windows or MacOS. Bug is in a local arbitrary file read through a system service call. The impacted method runs with System admin privilege and if given the file name as parameter returns you the content of file. A malicious app using the affected method can then read the content of any system file which it is not authorized to read | ||||
| CVE-2019-14216 | 1 Wp Svg Icons Project | 1 Wp Svg Icons | 2024-11-21 | N/A |
| An issue was discovered in the svg-vector-icon-plugin (aka WP SVG Icons) plugin through 3.2.1 for WordPress. wp-admin/admin.php?page=wp-svg-icons-custom-set mishandles Custom Icon uploads. CSRF leads to upload of a ZIP archive containing a .php file. | ||||
| CVE-2019-14215 | 2 Foxitsoftware, Microsoft | 2 Phantompdf, Windows | 2024-11-21 | N/A |
| An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash when calling xfa.event.rest XFA JavaScript due to accessing a wild pointer. | ||||
| CVE-2019-14214 | 2 Foxitsoftware, Microsoft | 2 Phantompdf, Windows | 2024-11-21 | N/A |
| An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to a JavaScript Denial of Service when deleting pages in a document that contains only one page by calling a "t.hidden = true" function. | ||||
| CVE-2019-14213 | 2 Foxitsoftware, Microsoft | 2 Phantompdf, Windows | 2024-11-21 | 7.5 High |
| An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash due to the repeated release of the signature dictionary during CSG_SignatureF and CPDF_Document destruction. | ||||
| CVE-2019-14212 | 2 Foxitsoftware, Microsoft | 2 Phantompdf, Windows | 2024-11-21 | N/A |
| An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash when calling certain XFA JavaScript due to the use of, or access to, a NULL pointer without proper validation on the object. | ||||
| CVE-2019-14211 | 2 Foxitsoftware, Microsoft | 2 Phantompdf, Windows | 2024-11-21 | 7.5 High |
| An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash due to the lack of proper validation of the existence of an object prior to performing operations on that object when executing JavaScript. | ||||
| CVE-2019-14210 | 2 Foxitsoftware, Microsoft | 2 Phantompdf, Windows | 2024-11-21 | N/A |
| An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to Memory Corruption due to the use of an invalid pointer copy, resulting from a destructed string object. | ||||
| CVE-2019-14209 | 2 Foxitsoftware, Microsoft | 2 Phantompdf, Windows | 2024-11-21 | N/A |
| An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to Heap Corruption due to data desynchrony when adding AcroForm. | ||||
| CVE-2019-14208 | 2 Foxitsoftware, Microsoft | 2 Phantompdf, Windows | 2024-11-21 | N/A |
| An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to a NULL pointer dereference and crash when getting a PDF object from a document, or parsing a certain portfolio that contains a null dictionary. | ||||
| CVE-2019-14207 | 2 Foxitsoftware, Microsoft | 2 Phantompdf, Windows | 2024-11-21 | N/A |
| An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash when calling the clone function due to an endless loop resulting from confusing relationships between a child and parent object (caused by an append error). | ||||
| CVE-2019-14206 | 1 Nevma | 1 Adaptive Images | 2024-11-21 | 7.5 High |
| An Arbitrary File Deletion vulnerability in the Nevma Adaptive Images plugin before 0.6.67 for WordPress allows remote attackers to delete arbitrary files via the $REQUEST['adaptive-images-settings'] parameter in adaptive-images-script.php. | ||||
| CVE-2019-14205 | 1 Nevma | 1 Adaptive Images | 2024-11-21 | 7.5 High |
| A Local File Inclusion vulnerability in the Nevma Adaptive Images plugin before 0.6.67 for WordPress allows remote attackers to retrieve arbitrary files via the $REQUEST['adaptive-images-settings']['source_file'] parameter in adaptive-images-script.php. | ||||
| CVE-2019-14135 | 1 Qualcomm | 72 Apq8009, Apq8009 Firmware, Apq8017 and 69 more | 2024-11-21 | 7.8 High |
| Possible integer overflow to buffer overflow in WLAN while parsing nonstandard NAN IE messages. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA4010, QCA6174A, QCA6574AU, QCA6584AU, QCA8081, QCA9377, QCA9379, QCA9886, QCN7605, QCS405, QCS605, SA6155P, Saipan, SDA845, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130 | ||||
| CVE-2019-14134 | 1 Qualcomm | 24 Ipq8074, Ipq8074 Firmware, Qca8081 and 21 more | 2024-11-21 | 9.8 Critical |
| Possible out of bound access in WLAN handler when the received value of length in rx path is shorter than the expected value of country IE in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ8074, QCA8081, QCS605, SDA845, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SXR1130 | ||||
| CVE-2019-14132 | 1 Qualcomm | 6 Qcs605, Qcs605 Firmware, Sa6155p and 3 more | 2024-11-21 | 9.8 Critical |
| Buffer over-write when this 0-byte buffer is typecasted to some other structure and hence memory corruption in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile in QCS605, SA6155P, SM8150 | ||||
| CVE-2019-14131 | 1 Qualcomm | 42 Apq8053, Apq8053 Firmware, Apq8096au and 39 more | 2024-11-21 | 9.8 Critical |
| Out of bound write can occur in radio measurement request if STA receives multiple invalid rrm measurement request from AP in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8053, APQ8096AU, MSM8998, Nicobar, QCA6574AU, QCS605, Rennell, SA6155P, Saipan, SC8180X, SDM660, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130 | ||||
| CVE-2019-14130 | 1 Qualcomm | 18 Kamorta, Kamorta Firmware, Qcs404 and 15 more | 2024-11-21 | 7.8 High |
| Memory corruption can occurs in trusted application if offset size from HLOS is more than actual mapped buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404, Rennell, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130 | ||||
| CVE-2019-14127 | 1 Qualcomm | 86 Apq8009, Apq8009 Firmware, Apq8017 and 83 more | 2024-11-21 | 9.8 Critical |
| Possible buffer overflow while playing mkv clip due to lack of validation of atom size buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCS605, QM215, Rennell, SA6155P, Saipan, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 | ||||