Search Results (83478 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2019-8938 1 Vertrigoserv Project 1 Vertrigoserv 2024-11-21 N/A
VertrigoServ 2.17 allows XSS via the /inc/extensions.php ext parameter.
CVE-2019-8937 1 Digitaldruid 1 Hoteldruid 2024-11-21 N/A
HotelDruid 2.3.0 has XSS affecting the nsextt, cambia1, mese_fine, origine, and anno parameters in creaprezzi.php, tabella3.php, personalizza.php, and visualizza_tabelle.php.
CVE-2019-8935 1 O-dyn 1 Collabtive 2024-11-21 N/A
Collabtive 3.1 allows XSS via the manageuser.php?action=profile id parameter.
CVE-2019-8929 1 Zohocorp 1 Manageengine Netflow Analyzer 2024-11-21 N/A
An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in the Administration zone /netflow/jspui/selectDevice.jsp file in these GET parameters: param and rtype.
CVE-2019-8928 1 Zohocorp 1 Manageengine Netflow Analyzer 2024-11-21 N/A
An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in /netflow/jspui/userManagementForm.jsp via these GET parameters: authMeth, passWord, pwd1, and userName.
CVE-2019-8927 1 Zohocorp 1 Manageengine Netflow Analyzer 2024-11-21 N/A
An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in the Administration zone /netflow/jspui/scheduleConfig.jsp file via these GET parameters: devSrc, emailId, excWeekModify, filterFlag, getFilter, mailReport, mset, popup, rep_schedule, rep_Type, schDesc, schName, schSource, selectDeviceDone, task, val10, and val11.
CVE-2019-8926 1 Zohocorp 1 Manageengine Netflow Analyzer 2024-11-21 N/A
An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in the Administration zone /netflow/jspui/popup1.jsp file via these GET parameters: bussAlert, customDev, and selSource.
CVE-2019-8924 1 Apachefriends 1 Xampp 2024-11-21 N/A
XAMPP through 5.6.8 allows XSS via the cds-fpdf.php interpret or titel parameter. NOTE: This product is discontinued.
CVE-2019-8920 1 Apachefriends 1 Xampp 2024-11-21 N/A
iart.php in XAMPP 1.7.0 has XSS, a related issue to CVE-2008-3569.
CVE-2019-8911 1 Wtcms Project 1 Wtcms 2024-11-21 N/A
An issue was discovered in WTCMS 1.0. It has stored XSS via the third text box (for the website statistics code).
CVE-2019-8908 1 Wtcms Project 1 Wtcms 2024-11-21 N/A
An issue was discovered in WTCMS 1.0. It allows remote attackers to execute arbitrary PHP code by going to the "Setting -> Mailbox configuration -> Registration email template" screen, and uploading an image file, as demonstrated by a .php filename and the "Content-Type: image/gif" header.
CVE-2019-8907 4 Canonical, Debian, File Project and 1 more 4 Ubuntu Linux, Debian Linux, File and 1 more 2024-11-21 N/A
do_core_note in readelf.c in libmagic.a in file 5.35 allows remote attackers to cause a denial of service (stack corruption and application crash) or possibly have unspecified other impact.
CVE-2019-8852 1 Apple 1 Mac Os X 2024-11-21 7.8 High
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. An application may be able to execute arbitrary code with kernel privileges.
CVE-2019-8847 1 Apple 1 Mac Os X 2024-11-21 7.8 High
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. An application may be able to execute arbitrary code with kernel privileges.
CVE-2019-8844 2 Apple, Redhat 11 Icloud, Ipados, Iphone Os and 8 more 2024-11-21 8.8 High
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2019-8838 1 Apple 5 Ipados, Iphone Os, Mac Os X and 2 more 2024-11-21 7.8 High
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3 and iPadOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, tvOS 13.3. An application may be able to execute arbitrary code with kernel privileges.
CVE-2019-8836 1 Apple 4 Ipados, Iphone Os, Tvos and 1 more 2024-11-21 7.8 High
A memory corruption issue was addressed with improved memory handling. This issue is fixed in watchOS 6.1.2, iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1. An application may be able to execute arbitrary code with kernel privileges.
CVE-2019-8835 2 Apple, Redhat 10 Icloud, Ipados, Iphone Os and 7 more 2024-11-21 8.8 High
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2019-8833 1 Apple 5 Ipados, Iphone Os, Mac Os X and 2 more 2024-11-21 7.8 High
A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS 13.3 and iPadOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, tvOS 13.3. An application may be able to execute arbitrary code with kernel privileges.
CVE-2019-8832 1 Apple 5 Ipados, Iphone Os, Mac Os X and 2 more 2024-11-21 7.8 High
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3 and iPadOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, tvOS 13.3. An application may be able to execute arbitrary code with system privileges.