Export limit exceeded: 346662 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 43285 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (43285 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-19196 | 1 Telink-semi | 10 Tlsr8232, Tlsr8232 Ble Sdk, Tlsr8251 and 7 more | 2024-11-21 | 6.5 Medium |
| The Bluetooth Low Energy Secure Manager Protocol (SMP) implementation on Telink Semiconductor BLE SDK versions before November 2019 for TLSR8x5x through 3.4.0, TLSR823x through 1.3.0, and TLSR826x through 3.3 devices accepts a pairing request with a key size greater than 16 bytes, allowing an attacker in radio range to cause a buffer overflow and denial of service (crash) via crafted packets. | ||||
| CVE-2019-19097 | 1 Hitachienergy | 1 Esoms | 2024-11-21 | 5.9 Medium |
| ABB eSOMS versions 4.0 to 6.0.3 accept connections using medium strength ciphers. If a connection is enabled using such a cipher, an attacker might be able to eavesdrop and/or intercept the connection. | ||||
| CVE-2019-19092 | 1 Hitachienergy | 1 Esoms | 2024-11-21 | 3.5 Low |
| ABB eSOMS versions 4.0 to 6.0.3 use ASP.NET Viewstate without Message Authentication Code (MAC). Alterations to Viewstate might thus not be noticed. | ||||
| CVE-2019-19091 | 1 Hitachienergy | 1 Esoms | 2024-11-21 | 4.3 Medium |
| For ABB eSOMS versions 4.0 to 6.0.3, HTTPS responses contain comments with sensitive information about the application. An attacker might use this detail information to specifically craft the attack. | ||||
| CVE-2019-19090 | 1 Hitachienergy | 1 Esoms | 2024-11-21 | 3.5 Low |
| For ABB eSOMS versions 4.0 to 6.0.2, the Secure Flag is not set in the HTTP response header. Unencrypted connections might access the cookie information, thus making it susceptible to eavesdropping. | ||||
| CVE-2019-19089 | 1 Hitachienergy | 1 Esoms | 2024-11-21 | 6.1 Medium |
| For ABB eSOMS versions 4.0 to 6.0.3, the X-Content-Type-Options Header is missing in the HTTP response, potentially causing the response body to be interpreted and displayed as different content type other than declared. A possible attack scenario would be unauthorized code execution via text interpreted as JavaScript. | ||||
| CVE-2019-19074 | 4 Canonical, Debian, Linux and 1 more | 4 Ubuntu Linux, Debian Linux, Linux Kernel and 1 more | 2024-11-21 | 7.5 High |
| A memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-728c1e2a05e4. | ||||
| CVE-2019-19035 | 1 Jhead Project | 1 Jhead | 2024-11-21 | 5.5 Medium |
| jhead 3.03 is affected by: heap-based buffer over-read. The impact is: Denial of service. The component is: ReadJpegSections and process_SOFn in jpgfile.c. The attack vector is: Open a specially crafted JPEG file. | ||||
| CVE-2019-19012 | 4 Debian, Fedoraproject, Oniguruma Project and 1 more | 5 Debian Linux, Fedora, Oniguruma and 2 more | 2024-11-21 | 9.8 Critical |
| An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker. (This only affects the 32-bit compiled version). Remote attackers can cause a denial-of-service or information disclosure, or possibly have unspecified other impact, via a crafted regular expression. | ||||
| CVE-2019-19004 | 3 Autotrace Project, Fedoraproject, Redhat | 3 Autotrace, Fedora, Enterprise Linux | 2024-11-21 | 3.3 Low |
| A biWidth*biBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image. | ||||
| CVE-2019-19003 | 1 Hitachienergy | 1 Esoms | 2024-11-21 | 5.3 Medium |
| For ABB eSOMS versions 4.0 to 6.0.2, the HTTPOnly flag is not set. This can allow Javascript to access the cookie contents, which in turn might enable Cross Site Scripting. | ||||
| CVE-2019-19002 | 1 Hitachienergy | 1 Esoms | 2024-11-21 | 6.3 Medium |
| For ABB eSOMS versions 4.0 to 6.0.2, the X-XSS-Protection HTTP response header is not set in responses from the web server. For older web browser not supporting Content Security Policy, this might increase the risk of Cross Site Scripting. | ||||
| CVE-2019-19001 | 1 Hitachienergy | 1 Esoms | 2024-11-21 | 6.5 Medium |
| For ABB eSOMS versions 4.0 to 6.0.2, the X-Frame-Options header is not configured in HTTP response. This can potentially allow 'ClickJacking' attacks where an attacker can frame parts of the application on a malicious web site, revealing sensitive user information such as authentication credentials. | ||||
| CVE-2019-19000 | 1 Hitachienergy | 1 Esoms | 2024-11-21 | 6.5 Medium |
| For ABB eSOMS 4.0 to 6.0.3, the Cache-Control and Pragma HTTP header(s) have not been properly configured within the application response. This can potentially allow browsers and proxies to cache sensitive information. | ||||
| CVE-2019-18960 | 1 Amazon | 1 Firecracker | 2024-11-21 | 9.8 Critical |
| Firecracker vsock implementation buffer overflow in versions 0.18.0 and 0.19.0. This can result in potentially exploitable crashes. | ||||
| CVE-2019-18931 | 1 Western Digital | 2 My Cloud Ex2 Ultra, My Cloud Ex2 Ultra Firmware | 2024-11-21 | 8.8 High |
| Western Digital My Cloud EX2 Ultra firmware 2.31.195 allows a Buffer Overflow with Extended Instruction Pointer (EIP) control via crafted GET/POST parameters. | ||||
| CVE-2019-18858 | 1 Codesys | 14 Control For Beaglebone, Control For Empc-a\/imx6, Control For Iot2000 and 11 more | 2024-11-21 | 9.8 Critical |
| CODESYS 3 web server before 3.5.15.20, as distributed with CODESYS Control runtime systems, has a Buffer Overflow. | ||||
| CVE-2019-18849 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2024-11-21 | 5.5 Medium |
| In tnef before 1.4.18, an attacker may be able to write to the victim's .ssh/authorized_keys file via an e-mail message with a crafted winmail.dat application/ms-tnef attachment, because of a heap-based buffer over-read involving strdup. | ||||
| CVE-2019-18805 | 5 Broadcom, Linux, Netapp and 2 more | 22 Fabric Operating System, Linux Kernel, Active Iq Unified Manager and 19 more | 2024-11-21 | 9.8 Critical |
| An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. There is a net/ipv4/tcp_input.c signed integer overflow in tcp_ack_update_rtt() when userspace writes a very large integer to /proc/sys/net/ipv4/tcp_min_rtt_wlen, leading to a denial of service or possibly unspecified other impact, aka CID-19fad20d15a6. | ||||
| CVE-2019-18801 | 2 Envoyproxy, Redhat | 2 Envoy, Service Mesh | 2024-11-21 | 9.8 Critical |
| An issue was discovered in Envoy 1.12.0. An untrusted remote client may send HTTP/2 requests that write to the heap outside of the request buffers when the upstream is HTTP/1. This may be used to corrupt nearby heap contents (leading to a query-of-death scenario) or may be used to bypass Envoy's access control mechanisms such as path based routing. An attacker can also modify requests from other users that happen to be proximal temporally and spatially. | ||||