| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| In SQLite 3.27.2, running fts5 prefix queries inside a transaction could trigger a heap-based buffer over-read in fts5HashEntrySort in sqlite3.c, which may lead to an information leak. This is related to ext/fts5/fts5_hash.c. |
| Various Lexmark products have Incorrect Access Control (issue 2 of 2). |
| Various Lexmark products have Incorrect Access Control (issue 1 of 2). |
| Various Lexmark products have a Buffer Overflow (issue 3 of 3). |
| Various Lexmark products have a Buffer Overflow (issue 2 of 3). |
| Various Lexmark printers contain a denial of service vulnerability in the SNMP service that can be exploited to crash the device. |
| Various Lexmark products have an Integer Overflow. |
| Northern.tech CFEngine Enterprise 3.12.1 has Insecure Permissions. |
| GStreamer before 1.16.0 has a heap-based buffer overflow in the RTSP connection parser via a crafted response from a server, potentially allowing remote code execution. |
| Caret before 2019-02-22 allows Remote Code Execution. |
| An issue was discovered in LabKey Server 19.1.0. It is possible to force a logged-in administrator to execute code through a /reports-viewScriptReport.view CSRF vulnerability. |
| S-CMS PHP v1.0 has XSS in 4.edu.php via the S_id parameter. |
| rbash in Bash before 4.4-beta2 did not prevent the shell user from modifying BASH_CMDS, thus allowing the user to execute any command with the permissions of the shell. |
| An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. Directory Traversal allows read access to arbitrary files. |
| An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. It is possible to read information that should only be accessible by a different user. |
| An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. It is possible to perform an action within the context of the account of another user. |
| An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. It is possible to craft messages in a way that JavaScript gets executed on the side of the receiving user when the message is opened, aka XSS. |
| An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. Input does not get validated and queries are not written in a way to prevent SQL injection. Therefore arbitrary SQL-Statements can be executed in the database. |
| ZNC before 1.7.3-rc1 allows an existing remote user to cause a Denial of Service (crash) via invalid encoding. |
| GetSimpleCMS 3.3.13 has an Open Redirect via the admin/index.php redirect parameter. |
