Export limit exceeded: 361517 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (361517 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-11684 | 1 Bosch | 4 Divar Ip 5000, Divar Ip 5000 Firmware, Video Management System and 1 more | 2024-11-21 | 9.9 Critical |
| Improper Access Control in the RCP+ server of the Bosch Video Recording Manager (VRM) component allows arbitrary and unauthenticated access to a limited subset of certificates, stored in the underlying Microsoft Windows operating system. The fixed versions implement modified authentication checks. Prior releases of VRM software version 3.70 are considered unaffected. This vulnerability affects VRM v3.70.x, v3.71 < v3.71.0034 and v3.81 < 3.81.0050; DIVAR IP 5000 3.80 < 3.80.0039; BVMS all versions using VRM. | ||||
| CVE-2019-11683 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2024-11-21 | 9.8 Critical |
| udp_gro_receive_segment in net/ipv4/udp_offload.c in the Linux kernel 5.x before 5.0.13 allows remote attackers to cause a denial of service (slab-out-of-bounds memory corruption) or possibly have unspecified other impact via UDP packets with a 0 payload, because of mishandling of padded packets, aka the "GRO packet of death" issue. | ||||
| CVE-2019-11682 | 1 Tabslab | 1 Mailcarrier | 2024-11-21 | N/A |
| A buffer overflow in the SMTP response service in MailCarrier 2.51 allows the attacker to execute arbitrary code remotely via a long HELP command, a related issue to CVE-2019-11395. | ||||
| CVE-2019-11680 | 1 Konakart | 1 Konakart | 2024-11-21 | N/A |
| KonaKart 8.9.0.0 is vulnerable to Remote Code Execution by uploading a web shell as a product category image. | ||||
| CVE-2019-11678 | 1 Zohocorp | 1 Manageengine Firewall Analyzer | 2024-11-21 | N/A |
| The "default reports" feature in Zoho ManageEngine Firewall Analyzer before 12.3 Build 123218 is vulnerable to SQL Injection. | ||||
| CVE-2019-11677 | 1 Zohocorp | 1 Manageengine Firewall Analyzer | 2024-11-21 | N/A |
| The Custom Report import function in Zoho ManageEngine Firewall Analyzer before 12.3 Build 123224 is vulnerable to XML External Entity (XXE) Injection. | ||||
| CVE-2019-11676 | 1 Zohocorp | 1 Manageengine Firewall Analyzer | 2024-11-21 | N/A |
| The user defined DNS name in Zoho ManageEngine Firewall Analyzer before 12.3 Build 123224 is vulnerable to stored XSS attacks. | ||||
| CVE-2019-11675 | 1 Groonga | 1 Groonga-httpd | 2024-11-21 | N/A |
| The groonga-httpd package 6.1.5-1 for Debian sets the /var/log/groonga ownership to the groonga account, which might let local users obtain root access because of unsafe interaction with logrotate. For example, an attacker can exploit a race condition to insert a symlink from /var/log/groonga/httpd to /etc/bash_completion.d. NOTE: this is an issue in the Debian packaging of the Groonga HTTP server. | ||||
| CVE-2019-11674 | 1 Microfocus | 1 Netiq Self Service Password Reset | 2024-11-21 | 5.9 Medium |
| Man-in-the-middle vulnerability in Micro Focus Self Service Password Reset, affecting all versions prior to 4.4.0.4. The vulnerability could exploit invalid certificate validation and may result in a man-in-the-middle attack. | ||||
| CVE-2019-11669 | 1 Microfocus | 1 Service Manager | 2024-11-21 | 7.5 High |
| Modifiable read only check box In Micro Focus Service Manager, versions 9.60p1, 9.61, 9.62. This vulnerability could be exploited to allow unauthorized modification of data. | ||||
| CVE-2019-11668 | 1 Microfocus | 3 Service Manager, Service Manager Chat Server, Service Manager Chat Service | 2024-11-21 | 7.5 High |
| HTTP cookie in Micro Focus Service manager, Versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. And Micro Focus Service Manager Chat Server, versions 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. And Micro Focus Service Manager Chat Service 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. | ||||
| CVE-2019-11667 | 1 Microfocus | 1 Service Manager | 2024-11-21 | 7.5 High |
| Unauthorized access to contact information in Micro Focus Service Manager, versions 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow unauthorized access to private data. | ||||
| CVE-2019-11666 | 1 Microfocus | 1 Service Manager | 2024-11-21 | 8.8 High |
| Insecure deserialization of untrusted data in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow insecure deserialization of untrusted data. | ||||
| CVE-2019-11665 | 1 Microfocus | 1 Service Manager | 2024-11-21 | 7.5 High |
| Data exposure in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow sensitive data exposure. | ||||
| CVE-2019-11664 | 1 Microfocus | 1 Service Manager | 2024-11-21 | 6.5 Medium |
| Clear text password in browser in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow sensitive data exposure. | ||||
| CVE-2019-11663 | 1 Microfocus | 1 Service Manager | 2024-11-21 | 6.5 Medium |
| Clear text credentials are used to access managers app in Tomcat in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow sensitive data exposure. | ||||
| CVE-2019-11662 | 1 Microfocus | 1 Service Manager | 2024-11-21 | 4.3 Medium |
| Class and method names in error message in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. This vulnerability could be exploited in some special cases to allow information exposure through an error message. | ||||
| CVE-2019-11661 | 1 Microfocus | 1 Service Manager | 2024-11-21 | 8.3 High |
| Allow changes to some table by non-SysAdmin in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. This vulnerability could be exploited to allow unauthorized access and modification of data. | ||||
| CVE-2019-11660 | 1 Microfocus | 1 Data Protector | 2024-11-21 | 7.8 High |
| Privileges manipulation in Micro Focus Data Protector, versions 10.00, 10.01, 10.02, 10.03, 10.04, 10.10, 10.20, 10.30, 10.40. This vulnerability could be exploited by a low-privileged user to execute a custom binary with higher privileges. | ||||
| CVE-2019-11658 | 1 Microfocus | 1 Content Manager | 2024-11-21 | N/A |
| Information exposure in Micro Focus Content Manager, versions 9.1, 9.2 and 9.3. This vulnerability when configured to use an Oracle database, allows valid system users to gain access to a limited subset of records they would not normally be able to access when the system is in an undisclosed abnormal state. | ||||