| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| In params.c in zsh through 5.4.2, there is a crash during a copy of an empty hash table, as demonstrated by typeset -p. |
| In subst.c in zsh through 5.4.2, there is a NULL pointer dereference when using ${(PA)...} on an empty array result. |
| lyadmin 1.x has XSS via the config[WEB_SITE_TITLE] parameter to the /admin.php?s=/admin/config/groupsave.html URI. |
| wpsmain.dll in Kingsoft WPS Office 2016 and Jinshan PDF 10.1.0.6621 allows remote attackers to cause a denial of service via a crafted pdf file. |
| A cross-protocol scripting issue was discovered in the management interface in OpenVPN through 2.4.5. When this interface is enabled over TCP without a password, and when no other clients are connected to this interface, attackers can execute arbitrary management commands, obtain sensitive information, or cause a denial of service (SIGTERM) by triggering XMLHttpRequest actions in a web browser. This is demonstrated by a multipart/form-data POST to http://localhost:23000 with a "signal SIGTERM" command in a TEXTAREA element. NOTE: The vendor disputes that this is a vulnerability. They state that this is the result of improper configuration of the OpenVPN instance rather than an intrinsic vulnerability, and now more explicitly warn against such configurations in both the management-interface documentation, and with a runtime warning |
| Cross-site scripting (XSS) vulnerability in installer/build/view.step4.php of the SnapCreek Duplicator plugin 1.2.32 for WordPress allows remote attackers to inject arbitrary JavaScript or HTML via the json parameter. |
| An issue was discovered in Xen 4.8.x through 4.10.x allowing x86 PVH guest OS users to cause a denial of service (NULL pointer dereference and hypervisor crash) by leveraging the mishandling of configurations that lack a Local APIC. |
| An issue was discovered in Xen through 4.10.x allowing guest OS users to cause a denial of service (hypervisor crash) or gain privileges by triggering a grant-table transition from v2 to v1. |
| An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS users to cause a denial of service (host OS CPU hang) via non-preemptable L3/L4 pagetable freeing. |
| On Appear TV XC5000 and XC5100 devices with firmware 3.26.217, it is possible to read OS files with a specially crafted HTTP request (such as GET /../../../../../../../../../../../../etc/passwd) to the web server (fuzzd/0.1.1) running the Maintenance Center on port TCP/8088. This can lead to full compromise of the device. |
| A SQL injection vulnerability in the tracker functionality of Enalean Tuleap software engineering platform before 9.18 allows attackers to execute arbitrary SQL commands. |
| An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. If django.utils.text.Truncator's chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a regular expression. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which were thus vulnerable. |
| An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. The django.utils.html.urlize() function was extremely slow to evaluate certain inputs due to catastrophic backtracking vulnerabilities in two regular expressions (only one regular expression for Django 1.8.x). The urlize() function is used to implement the urlize and urlizetrunc template filters, which were thus vulnerable. |
| An issue was discovered in TotalAV v4.1.7. An unprivileged user could modify or overwrite all of the product's files because of weak permissions (Everyone:F) under %PROGRAMFILES%, which allows local users to gain privileges or obtain maximum control over the product. |
| In Stealth Authorization Server before 3.3.017.0 in Unisys Stealth Solution, an encryption key may be left in memory. |
| An Incorrect Default Permissions issue was discovered in OSIsoft PI Data Archive versions 2017 and prior. Insecure default configuration may allow escalation of privileges that gives the actor full control over the system. |
| Unauthentication vulnerabilities have been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version 3.15.1 IP cameras, which may allow remote code execution. |
| An Improper Input Validation issue was discovered in OSIsoft PI Data Archive versions 2017 and prior. Unauthenticated users may use unvalidated custom requests to crash the server. |
| Parsing malformed project files in Omron CX-One versions 4.42 and prior, including the following applications: CX-FLnet versions 1.00 and prior, CX-Protocol versions 1.992 and prior, CX-Programmer versions 9.65 and prior, CX-Server versions 5.0.22 and prior, Network Configurator versions 3.63 and prior, and Switch Box Utility versions 1.68 and prior, may allow the pointer to call an incorrect object resulting in an access of resource using incompatible type condition. |
| A Deserialization of Untrusted Data issue was discovered in OSIsoft PI Data Archive versions 2017 and prior. Unauthenticated users may modify deserialized data to send custom requests that crash the server. |
