Export limit exceeded: 359560 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (359560 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-10039 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2024-11-21 | N/A |
| The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request. An attacker can get this token from dir_login.asp and use an API URL /goform/setSysAdm to edit the web or system account without authentication. | ||||
| CVE-2019-10038 | 1 Evernote | 1 Evernote | 2024-11-21 | N/A |
| Evernote 7.9 on macOS allows attackers to execute arbitrary programs by embedding a reference to a local executable file such as the /Applications/Calculator.app/Contents/MacOS/Calculator file. | ||||
| CVE-2019-10028 | 1 Netflix | 1 Dial Reference | 2024-11-21 | N/A |
| Denial of Service (DOS) in Dial Reference Source Code Used before June 18th, 2019. | ||||
| CVE-2019-10027 | 1 Phpcms | 1 Phpcms | 2024-11-21 | N/A |
| PHPCMS 9.6.x through 9.6.3 has XSS via the mailbox (aka E-mail) field on the personal information screen. | ||||
| CVE-2019-10026 | 1 Xpdfreader | 1 Xpdf | 2024-11-21 | N/A |
| An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec in Function.cc for the psOpRoll case. | ||||
| CVE-2019-10025 | 1 Xpdfreader | 1 Xpdf | 2024-11-21 | N/A |
| An issue was discovered in Xpdf 4.01.01. There is an FPE in the function ImageStream::ImageStream at Stream.cc for nBits. | ||||
| CVE-2019-10024 | 1 Xpdfreader | 1 Xpdf | 2024-11-21 | N/A |
| An issue was discovered in Xpdf 4.01.01. There is an FPE in the function Splash::scaleImageYuXu at Splash.cc for y Bresenham parameters. | ||||
| CVE-2019-10023 | 1 Xpdfreader | 1 Xpdf | 2024-11-21 | N/A |
| An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpMod case. | ||||
| CVE-2019-10022 | 1 Xpdfreader | 1 Xpdf | 2024-11-21 | N/A |
| An issue was discovered in Xpdf 4.01.01. There is a NULL pointer dereference in the function Gfx::opSetExtGState in Gfx.cc. | ||||
| CVE-2019-10021 | 1 Xpdfreader | 1 Xpdf | 2024-11-21 | N/A |
| An issue was discovered in Xpdf 4.01.01. There is an FPE in the function ImageStream::ImageStream at Stream.cc for nComps. | ||||
| CVE-2019-10020 | 1 Xpdfreader | 1 Xpdf | 2024-11-21 | N/A |
| An issue was discovered in Xpdf 4.01.01. There is an FPE in the function Splash::scaleImageYuXu at Splash.cc for x Bresenham parameters. | ||||
| CVE-2019-10019 | 1 Xpdfreader | 1 Xpdf | 2024-11-21 | N/A |
| An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PSOutputDev::checkPageSlice at PSOutputDev.cc for nStripes. | ||||
| CVE-2019-10018 | 3 Canonical, Debian, Xpdfreader | 3 Ubuntu Linux, Debian Linux, Xpdf | 2024-11-21 | 5.5 Medium |
| An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpIdiv case. | ||||
| CVE-2019-10017 | 1 Cmsmadesimple | 1 Cms Made Simple | 2024-11-21 | N/A |
| CMS Made Simple 2.2.10 has XSS via the moduleinterface.php Name field, which is reachable via an "Add a new Profile" action to the File Picker. | ||||
| CVE-2019-10016 | 1 Gforge | 1 Advanced Server | 2024-11-21 | N/A |
| GForge Advanced Server 6.4.4 allows XSS via the commonsearch.php words parameter, as demonstrated by a snippet/search/?words= substring. | ||||
| CVE-2019-10015 | 1 Baigo | 1 Baigo Sso | 2024-11-21 | N/A |
| baigoStudio baigoSSO v3.0.1 allows remote attackers to execute arbitrary PHP code via the first form field of a configuration screen, because this code is written to the BG_SITE_NAME field in the opt_base.inc.php file. | ||||
| CVE-2019-10014 | 1 Dedecms | 1 Dedecms | 2024-11-21 | N/A |
| In DedeCMS 5.7SP2, member/resetpassword.php allows remote authenticated users to reset the passwords of arbitrary users via a modified id parameter, because the key parameter is not properly validated. | ||||
| CVE-2019-10013 | 1 Axtls Project | 1 Axtls | 2024-11-21 | 7.5 High |
| The asn1_signature function in asn1.c in Cameron Hamilton-Rich axTLS through 2.1.5 has a Buffer Overflow that allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted certificate in the TLS certificate handshake message, because the result of get_asn1_length() is not checked for a minimum or maximum size. | ||||
| CVE-2019-10012 | 2 Jenzabar, Tiny | 2 Internet Campus Solution, Moxiemanager | 2024-11-21 | 7.5 High |
| Jenzabar JICS (aka Internet Campus Solution) before 9 allows remote attackers to upload and execute arbitrary .aspx code by placing it in a ZIP archive and using the MoxieManager (for .NET) plugin before 2.1.4 in the moxiemanager directory within the installation folder ICS\ICS.NET\ICSFileServer. | ||||
| CVE-2019-10011 | 1 Jenzabar | 1 Internet Campus Solution | 2024-11-21 | N/A |
| ICS/StaticPages/AddTestUsers.aspx in Jenzabar JICS (aka Internet Campus Solution) before 2019-02-06 allows remote attackers to create an arbitrary number of accounts with a password of 1234. | ||||