Export limit exceeded: 359669 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (359669 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-10669 | 1 Librenms | 1 Librenms | 2024-11-21 | 7.2 High |
| An issue was discovered in LibreNMS through 1.47. There is a command injection vulnerability in html/includes/graphs/device/collectd.inc.php where user supplied parameters are filtered with the mysqli_escape_real_string function. This function is not the appropriate function to sanitize command arguments as it does not escape a number of command line syntax characters such as ` (backtick), allowing an attacker to inject commands into the variable $rrd_cmd, which gets executed via passthru(). | ||||
| CVE-2019-10668 | 1 Librenms | 1 Librenms | 2024-11-21 | 9.1 Critical |
| An issue was discovered in LibreNMS through 1.47. A number of scripts import the Authentication libraries, but do not enforce an actual authentication check. Several of these scripts disclose information or expose functions that are of a sensitive nature and are not expected to be publicly accessible. | ||||
| CVE-2019-10667 | 1 Librenms | 1 Librenms | 2024-11-21 | 5.3 Medium |
| An issue was discovered in LibreNMS through 1.47. Information disclosure can occur: an attacker can fingerprint the exact code version installed and disclose local file paths. | ||||
| CVE-2019-10666 | 1 Librenms | 1 Librenms | 2024-11-21 | 8.1 High |
| An issue was discovered in LibreNMS through 1.47. Several of the scripts perform dynamic script inclusion via the include() function on user supplied input without sanitizing the values by calling basename() or a similar function. An attacker can leverage this to execute PHP code from the included file. Exploitation of these scripts is made difficult by additional text being appended (typically .inc.php), which means an attacker would need to be able to control both a filename and its content on the server. However, exploitation can be achieved as demonstrated by the csv.php?report=../ substring. | ||||
| CVE-2019-10665 | 1 Librenms | 1 Librenms | 2024-11-21 | 9.8 Critical |
| An issue was discovered in LibreNMS through 1.47. The scripts that handle the graphing options (html/includes/graphs/common.inc.php and html/includes/graphs/graphs.inc.php) do not sufficiently validate or encode several fields of user supplied input. Some parameters are filtered with mysqli_real_escape_string, which is only useful for preventing SQL injection attacks; other parameters are unfiltered. This allows an attacker to inject RRDtool syntax with newline characters via the html/graph.php script. RRDtool syntax is quite versatile and an attacker could leverage this to perform a number of attacks, including disclosing directory structure and filenames, file content, denial of service, or writing arbitrary files. | ||||
| CVE-2019-10664 | 1 Domoticz | 1 Domoticz | 2024-11-21 | N/A |
| Domoticz before 4.10578 allows SQL Injection via the idx parameter in CWebServer::GetFloorplanImage in WebServer.cpp. | ||||
| CVE-2019-10663 | 1 Grandstream | 2 Ucm6204, Ucm6204 Firmware | 2024-11-21 | N/A |
| Grandstream UCM6204 before 1.0.19.20 devices allow remote authenticated users to conduct SQL injection attacks via the sord parameter in a listCodeblueGroup API call to the /cgi? URI. | ||||
| CVE-2019-10662 | 1 Grandstream | 2 Ucm6204, Ucm6204 Firmware | 2024-11-21 | 8.8 High |
| Grandstream UCM6204 before 1.0.19.20 devices allow remote authenticated users to execute arbitrary code via shell metacharacters in the backupUCMConfig file-backup parameter to the /cgi? URI. | ||||
| CVE-2019-10661 | 1 Grandstream | 2 Gxv3611ir Hd, Gxv3611ir Hd Firmware | 2024-11-21 | 9.8 Critical |
| On Grandstream GXV3611IR_HD before 1.0.3.23 devices, the root account lacks a password. | ||||
| CVE-2019-10660 | 1 Grandstream | 2 Gxv3611ir Hd, Gxv3611ir Hd Firmware | 2024-11-21 | 8.8 High |
| Grandstream GXV3611IR_HD before 1.0.3.23 devices allow remote authenticated users to execute arbitrary code via shell metacharacters in the /goform/systemlog?cmd=set logserver field. | ||||
| CVE-2019-10659 | 1 Grandstream | 4 Gxv3370, Gxv3370 Firmware, Wp820 and 1 more | 2024-11-21 | 8.8 High |
| Grandstream GXV3370 before 1.0.1.41 and WP820 before 1.0.3.6 devices allow remote authenticated users to execute arbitrary code via shell metacharacters in a /manager?action=getlogcat priority field. | ||||
| CVE-2019-10658 | 1 Grandstream | 2 Gwn7610, Gwn7610 Firmware | 2024-11-21 | 8.8 High |
| Grandstream GWN7610 before 1.0.8.18 devices allow remote authenticated users to execute arbitrary code via shell metacharacters in the filename in a /ubus/controller.icc.update_nds_webroot_from_tmp update_nds_webroot_from_tmp API call. | ||||
| CVE-2019-10657 | 1 Grandstream | 4 Gwn7000, Gwn7000 Firmware, Gwn7610 and 1 more | 2024-11-21 | 6.5 Medium |
| Grandstream GWN7000 before 1.0.6.32 and GWN7610 before 1.0.8.18 devices allow remote authenticated users to discover passwords via a /ubus/uci.apply config request. | ||||
| CVE-2019-10656 | 1 Grandstream | 2 Gwn7000, Gwn7000 Firmware | 2024-11-21 | 8.8 High |
| Grandstream GWN7000 before 1.0.6.32 devices allow remote authenticated users to execute arbitrary code via shell metacharacters in the filename in a /ubus/uci.apply update_nds_webroot_from_tmp API call. | ||||
| CVE-2019-10655 | 1 Grandstream | 10 Gac2500, Gac2500 Firmware, Gvc3202 and 7 more | 2024-11-21 | 9.8 Critical |
| Grandstream GAC2500 1.0.3.35, GXP2200 1.0.3.27, GVC3202 1.0.3.51, GXV3275 before 1.0.3.219 Beta, and GXV3240 before 1.0.3.219 Beta devices allow unauthenticated remote code execution via shell metacharacters in a /manager?action=getlogcat priority field, in conjunction with a buffer overflow (via the phonecookie cookie) to overwrite a data structure and consequently bypass authentication. This can be exploited remotely or via CSRF because the cookie can be placed in an Accept HTTP header in an XMLHttpRequest call to lighttpd. | ||||
| CVE-2019-10654 | 1 Long Range Zip Project | 1 Long Range Zip | 2024-11-21 | N/A |
| The lzo1x_decompress function in liblzo2.so.2 in LZO 2.10, as used in Long Range Zip (aka lrzip) 0.631, allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted archive, a different vulnerability than CVE-2017-8845. | ||||
| CVE-2019-10653 | 1 Hsycms | 1 Hsycms | 2024-11-21 | N/A |
| An issue was discovered in Hsycms V1.1. There is a SQL injection vulnerability via a /news/*.html page. | ||||
| CVE-2019-10652 | 1 Flatcore | 1 Flatcore | 2024-11-21 | N/A |
| An issue was discovered in flatCore 1.4.7. acp/acp.php allows remote authenticated administrators to upload arbitrary .php files, related to the addons feature. | ||||
| CVE-2019-10651 | 1 Ivanti | 1 Endpoint Manager | 2024-11-21 | N/A |
| An issue was discovered in the Core Server in Ivanti Endpoint Manager (EPM) 2017.3 before SU7 and 2018.x before 2018.3 SU3, with remote code execution. In other words, the issue affects 2017.3, 2018.1, and 2018.3 installations that lack the April 2019 update. | ||||
| CVE-2019-10650 | 3 Debian, Imagemagick, Redhat | 3 Debian Linux, Imagemagick, Enterprise Linux | 2024-11-21 | N/A |
| In ImageMagick 7.0.8-36 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or information disclosure via a crafted image file. | ||||