Export limit exceeded: 361517 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (361517 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-12978 | 2 Imagemagick, Redhat | 2 Imagemagick, Enterprise Linux | 2024-11-21 | N/A |
| ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the ReadPANGOImage function in coders/pango.c. | ||||
| CVE-2019-12977 | 1 Imagemagick | 1 Imagemagick | 2024-11-21 | N/A |
| ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the WriteJP2Image function in coders/jp2.c. | ||||
| CVE-2019-12976 | 5 Canonical, Debian, Imagemagick and 2 more | 5 Ubuntu Linux, Debian Linux, Imagemagick and 2 more | 2024-11-21 | 5.5 Medium |
| ImageMagick 7.0.8-34 has a memory leak in the ReadPCLImage function in coders/pcl.c. | ||||
| CVE-2019-12975 | 5 Canonical, Debian, Imagemagick and 2 more | 5 Ubuntu Linux, Debian Linux, Imagemagick and 2 more | 2024-11-21 | 5.5 Medium |
| ImageMagick 7.0.8-34 has a memory leak vulnerability in the WriteDPXImage function in coders/dpx.c. | ||||
| CVE-2019-12974 | 2 Imagemagick, Redhat | 2 Imagemagick, Enterprise Linux | 2024-11-21 | N/A |
| A NULL pointer dereference in the function ReadPANGOImage in coders/pango.c and the function ReadVIDImage in coders/vid.c in ImageMagick 7.0.8-34 allows remote attackers to cause a denial of service via a crafted image. | ||||
| CVE-2019-12973 | 5 Debian, Opensuse, Oracle and 2 more | 6 Debian Linux, Leap, Database Server and 3 more | 2024-11-21 | 5.5 Medium |
| In OpenJPEG 2.3.1, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. This issue is similar to CVE-2018-6616. | ||||
| CVE-2019-12972 | 3 Canonical, Gnu, Opensuse | 3 Ubuntu Linux, Binutils, Leap | 2024-11-21 | 5.5 Medium |
| An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in _bfd_doprnt in bfd.c because elf_object_p in elfcode.h mishandles an e_shstrndx section of type SHT_GROUP by omitting a trailing '\0' character. | ||||
| CVE-2019-12971 | 1 G-u | 2 Bks Ebk Ethernet-buskoppler Pro, Bks Ebk Ethernet-buskoppler Pro Firmware | 2024-11-21 | N/A |
| BKS EBK Ethernet-Buskoppler Pro before 3.01 allows Unrestricted Upload of a File with a Dangerous Type. | ||||
| CVE-2019-12970 | 1 Squirrelmail | 1 Squirrelmail | 2024-11-21 | N/A |
| XSS was discovered in SquirrelMail through 1.4.22 and 1.5.x through 1.5.2. Due to improper handling of RCDATA and RAWTEXT type elements, the built-in sanitization mechanism can be bypassed. Malicious script content from HTML e-mail can be executed within the application context via crafted use of (for example) a NOEMBED, NOFRAMES, NOSCRIPT, or TEXTAREA element. | ||||
| CVE-2019-12968 | 1 Drdteam | 1 Doomseeker | 2024-11-21 | N/A |
| A vulnerability was found in the Sonic Robo Blast 2 (SRB2) plugin (EP_Versions 9 to 11 inclusive) distributed with Doomseeker 1.1 and 1.2. Affected plugin versions did not discard IP packets with an unnaturally long response length from a Sonic Robo Blast 2 master server, allowing a remote attacker to cause a potential crash / denial of service in Doomseeker. The issue has been remediated in the Doomseeker 1.3 release with source code patches to the SRB2 plugin. | ||||
| CVE-2019-12967 | 1 Themooltipass | 1 Moolticute | 2024-11-21 | 6.5 Medium |
| Stephan Mooltipass Moolticute through 0.42.1 (and possibly earlier versions) has Incorrect Access Control. | ||||
| CVE-2019-12966 | 1 Fehelper Project | 1 Fehelper | 2024-11-21 | N/A |
| FeHelper through 2019-06-19 allows arbitrary code execution during a JSON format operation, as demonstrated by the {"a":(function(){confirm(1)})()} input. | ||||
| CVE-2019-12964 | 1 Livezilla | 1 Livezilla | 2024-11-21 | N/A |
| LiveZilla Server before 8.0.1.1 is vulnerable to XSS in the ticket.php Subject. | ||||
| CVE-2019-12963 | 1 Livezilla | 1 Livezilla | 2024-11-21 | N/A |
| LiveZilla Server before 8.0.1.1 is vulnerable to XSS in the chat.php Create Ticket Action. | ||||
| CVE-2019-12962 | 1 Livezilla | 1 Livezilla | 2024-11-21 | 6.1 Medium |
| LiveZilla Server before 8.0.1.1 is vulnerable to XSS in mobile/index.php via the Accept-Language HTTP header. | ||||
| CVE-2019-12961 | 1 Livezilla | 1 Livezilla | 2024-11-21 | N/A |
| LiveZilla Server before 8.0.1.1 is vulnerable to CSV Injection in the Export Function. | ||||
| CVE-2019-12960 | 1 Livezilla | 1 Livezilla | 2024-11-21 | N/A |
| LiveZilla Server before 8.0.1.1 is vulnerable to SQL Injection in functions.internal.build.inc.php via the parameter p_dt_s_d. | ||||
| CVE-2019-12959 | 1 Zohocorp | 1 Manageengine Assetexplorer | 2024-11-21 | N/A |
| Server Side Request Forgery (SSRF) exists in Zoho ManageEngine AssetExplorer 6.2.0 and before for the ClientUtilServlet servlet via a URL in a parameter. | ||||
| CVE-2019-12958 | 1 Glyphandcog | 1 Xpdfreader | 2024-11-21 | N/A |
| In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in FoFiType1C::convertToType0 in fofi/FoFiType1C.cc when it is trying to access the second privateDicts array element, because the privateDicts array has only one element allocated. | ||||
| CVE-2019-12957 | 2 Fedoraproject, Glyphandcog | 2 Fedora, Xpdfreader | 2024-11-21 | 7.8 High |
| In Xpdf 4.01.01, a buffer over-read could be triggered in FoFiType1C::convertToType1 in fofi/FoFiType1C.cc when the index number is larger than the charset array bounds. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It allows an attacker to use a crafted pdf file to cause Denial of Service or an information leak, or possibly have unspecified other impact. | ||||