| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Curl versions 7.14.1 through 7.61.1 are vulnerable to a heap-based buffer over-read in the tool_msgs.c:voutf() function that may result in information exposure and denial of service. |
| Samba from version 4.3.0 and before versions 4.7.12, 4.8.7 and 4.9.3 are vulnerable to a denial of service. When configured to accept smart-card authentication, Samba's KDC will call talloc_free() twice on the same memory if the principal in a validly signed certificate does not match the principal in the AS-REQ. This is only possible after authentication with a trusted certificate. talloc is robust against further corruption from a double-free with talloc_free() and directly calls abort(), terminating the KDC process. |
| Curl versions 7.33.0 through 7.61.1 are vulnerable to a buffer overrun in the SASL authentication code that may lead to denial of service. |
| Ansible "User" module leaks any data which is passed on as a parameter to ssh-keygen. This could lean in undesirable situations such as passphrases credentials passed as a parameter for the ssh-keygen executable. Showing those credentials in clear text form for every user which have access just to the process list. |
| Rubedo through 3.4.0 contains a Directory Traversal vulnerability in the theme component, allowing unauthenticated attackers to read and execute arbitrary files outside of the service root path, as demonstrated by a /theme/default/img/%2e%2e/..//etc/passwd URI. |
| Zoho ManageEngine Desktop Central 10.0.271 has XSS via the "Features & Articles" search field to the /advsearch.do?SUBREQUEST=XMLHTTP URI. |
| CSRF in the anti-csrf decorator in xunfeng 0.2.0 allows an attacker to modify the configuration via a Flash file because views/lib/AntiCSRF.py can overwrite the request.host value with the content of the X-Forwarded-Host HTTP header. |
| Smarty before 3.1.33-dev-4 allows attackers to bypass the trusted_dir protection mechanism via a file:./../ substring in an include statement. |
| SeaCMS 6.64 allows SQL Injection via the upload/admin/admin_video.php order parameter. |
| SeaCMS 6.64 allows arbitrary directory listing via upload/admin/admin_template.php?path=../templets/../../ requests. |
| admin/index.php in Monstra CMS 3.0.4 allows arbitrary directory listing via id=filesmanager&path=uploads/.......//./.......//./ requests. |
| admin/index.php in Monstra CMS 3.0.4 allows arbitrary file deletion via id=filesmanager&path=uploads/.......//./.......//./&delete_file= requests. |
| An issue was discovered in Dolibarr through 7.0.0. expensereport/card.php in the expense reports module allows SQL injection via the integer parameters qty and value_unit. |
| An issue was discovered in Dolibarr through 7.0.0. There is Stored XSS in expensereport/card.php in the expense reports plugin via the comments parameter, or a public or private note. |
| In Bro through 2.5.5, there is a memory leak potentially leading to DoS in scripts/base/protocols/krb/main.bro in the Kerberos protocol parser. |
| A Pektron Passive Keyless Entry and Start (PKES) system, as used on the Tesla Model S and possibly other vehicles, relies on the DST40 cipher, which makes it easier for attackers to obtain access via an approach involving a 5.4 TB precomputation, followed by wake-frame reception and two challenge/response operations, to clone a key fob within a few seconds. |
| In b3log Solo 2.9.3, XSS in the Input page under the Publish Articles menu, with an ID of linkAddress stored in the link JSON field, allows remote attackers to inject arbitrary Web scripts or HTML via a crafted site name provided by an administrator. |
| An issue was discovered in UCMS 1.4.6. There is XSS in the title bar, as demonstrated by a do=list request. |
| In CIMTechniques CIMScan 6.x through 6.2, the SOAP WSDL parser allows attackers to execute SQL code. |
| An issue was discovered in Artifex Ghostscript before 9.25. Incorrect "restoration of privilege" checking when running out of stack during exception handling could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction. This is due to an incomplete fix for CVE-2018-16509. |
