Total
232 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-0157 | 1 Cisco | 1 Ios Xe | 2024-08-05 | 8.6 High |
| A vulnerability in the Zone-Based Firewall code of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a device to reload. The vulnerability is due to the way fragmented packets are handled in the firewall code. An attacker could exploit this vulnerability by sending fragmented IP Version 4 or IP Version 6 packets through an affected device. An exploit could allow the attacker to cause the device to crash, resulting in a denial of service (DoS) condition. The following releases of Cisco IOS XE Software are vulnerable: Everest-16.4.1, Everest-16.4.2, Everest-16.5.1, Everest-16.5.1b, Everest-16.6.1, Everest-16.6.1a. Cisco Bug IDs: CSCvf60296. | ||||
| CVE-2018-0203 | 1 Cisco | 1 Unity Connection | 2024-08-05 | N/A |
| A vulnerability in the SMTP relay of Cisco Unity Connection could allow an unauthenticated, remote attacker to send unsolicited email messages, aka a Mail Relay Vulnerability. The vulnerability is due to improper handling of domain information in the affected software. An unauthenticated, remote attacker could exploit this vulnerability by sending crafted requests to the targeted application. A successful exploit could allow the attacker to send email messages to arbitrary addresses. Cisco Bug IDs: CSCvg62215. | ||||
| CVE-2019-14794 | 1 Metabox | 1 Meta Box | 2024-08-05 | N/A |
| The Meta Box plugin before 4.16.2 for WordPress mishandles the uploading of files to custom folders. | ||||
| CVE-2019-13917 | 2 Debian, Exim | 2 Debian Linux, Exim | 2024-08-05 | N/A |
| Exim 4.85 through 4.92 (fixed in 4.92.1) allows remote code execution as root in some unusual configurations that use the ${sort } expansion for items that can be controlled by an attacker (e.g., $local_part or $domain). | ||||
| CVE-2019-13624 | 1 Onosproject | 1 Onos | 2024-08-04 | N/A |
| In ONOS 1.15.0, apps/yang/web/src/main/java/org/onosproject/yang/web/YangWebResource.java mishandles backquote characters within strings that can be used in a shell command. | ||||
| CVE-2019-12828 | 1 Ea | 1 Origin | 2024-08-04 | N/A |
| An issue was discovered in Electronic Arts Origin before 10.5.39. Due to improper sanitization of the origin:// and origin2:// URI schemes, it is possible to inject additional arguments into the Origin process and ultimately leverage code execution by loading a backdoored Qt plugin remotely via the platformpluginpath argument supplied with a Windows network share. | ||||
| CVE-2019-11070 | 3 Redhat, Webkitgtk, Wpewebkit | 3 Enterprise Linux, Webkitgtk, Wpe Webkit | 2024-08-04 | N/A |
| WebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly apply configured HTTP proxy settings when downloading livestream video (HLS, DASH, or Smooth Streaming), an error resulting in deanonymization. This issue was corrected by changing the way livestreams are downloaded. | ||||
| CVE-2019-10477 | 2 Fusioninventory, Glpi-project | 2 Fusioninventory, Glpi | 2024-08-04 | N/A |
| The FusionInventory plugin before 1.4 for GLPI 9.3.x and before 1.1 for GLPI 9.4.x mishandles sendXML actions. | ||||
| CVE-2019-9870 | 1 Oembed Project | 1 Oembed | 2024-08-04 | N/A |
| plugin.js in the w8tcha oEmbed plugin before 2019-03-14 for CKEditor mishandles SCRIPT elements. | ||||
| CVE-2019-9673 | 1 Freenetproject | 1 Freenet | 2024-08-04 | N/A |
| Freenet 1483 has a MIME type bypass that allows arbitrary JavaScript execution via a crafted Freenet URI. | ||||
| CVE-2019-9573 | 1 Mishubd | 1 Wp Human Resource Management | 2024-08-04 | N/A |
| The WP Human Resource Management plugin before 2.2.6 for WordPress mishandles leave applications. | ||||
| CVE-2019-9563 | 1 Bluemind | 1 Bluemind | 2024-08-04 | N/A |
| In BlueMind 3.5.x before 3.5.11 Hotfix 7 and 4.x before 4.0-beta3, the contact application mishandles temporary uploads. | ||||
| CVE-2019-3554 | 1 Facebook | 1 Wangle | 2024-08-04 | N/A |
| Wangle's AcceptRoutingHandler incorrectly casts a socket when accepting a TLS 1.3 connection, leading to a potential denial of service attack against systems accepting such connections. This affects versions of Wangle prior to v2019.01.14.00 | ||||
| CVE-2019-1083 | 1 Microsoft | 9 .net Framework, Windows 10, Windows 7 and 6 more | 2024-08-04 | N/A |
| A denial of service vulnerability exists when Microsoft Common Object Runtime Library improperly handles web requests, aka '.NET Denial of Service Vulnerability'. | ||||
| CVE-2019-0982 | 1 Microsoft | 1 Asp.net Core | 2024-08-04 | N/A |
| A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'. | ||||
| CVE-2019-0981 | 2 Microsoft, Redhat | 12 .net Core, .net Framework, Windows 10 and 9 more | 2024-08-04 | N/A |
| A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests, aka '.Net Framework and .Net Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0820, CVE-2019-0980. | ||||
| CVE-2019-0980 | 2 Microsoft, Redhat | 12 .net Core, .net Framework, Windows 10 and 9 more | 2024-08-04 | N/A |
| A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests, aka '.Net Framework and .Net Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0820, CVE-2019-0981. | ||||
| CVE-2019-0945 | 1 Microsoft | 2 Office, Office 365 | 2024-08-04 | N/A |
| A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka 'Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0946, CVE-2019-0947. | ||||
| CVE-2019-0946 | 1 Microsoft | 2 Office, Office 365 Proplus | 2024-08-04 | N/A |
| A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka 'Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0945, CVE-2019-0947. | ||||
| CVE-2019-0947 | 1 Microsoft | 1 Office | 2024-08-04 | N/A |
| A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka 'Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0945, CVE-2019-0946. | ||||