Search Results (83388 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2019-6263 1 Joomla 1 Joomla\! 2024-11-21 N/A
An issue was discovered in Joomla! before 3.9.2. Inadequate checks of the Global Configuration Text Filter settings allowed stored XSS.
CVE-2019-6262 1 Joomla 1 Joomla\! 2024-11-21 N/A
An issue was discovered in Joomla! before 3.9.2. Inadequate checks of the Global Configuration helpurl settings allowed stored XSS.
CVE-2019-6261 1 Joomla 1 Joomla\! 2024-11-21 N/A
An issue was discovered in Joomla! before 3.9.2. Inadequate escaping in com_contact leads to a stored XSS vulnerability.
CVE-2019-6256 2 Debian, Live555 2 Debian Linux, Live555 Media Server 2024-11-21 N/A
A Denial of Service issue was discovered in the LIVE555 Streaming Media libraries as used in Live555 Media Server 0.93. It can cause an RTSPServer crash in handleHTTPCmd_TunnelingPOST, when RTSP-over-HTTP tunneling is supported, via x-sessioncookie HTTP headers in a GET request and a POST request within the same TCP session. This occurs because of a call to an incorrect virtual function pointer in the readSocket function in GroupsockHelper.cpp.
CVE-2019-6248 1 Citysearch \/ Hotfrog \/ Gelbeseiten Clone Script Project 1 Citysearch \/ Hotfrog \/ Gelbeseiten Clone Script 2024-11-21 N/A
PHP Scripts Mall Citysearch / Hotfrog / Gelbeseiten Clone Script 2.0.1 has Reflected XSS via the srch parameter, as demonstrated by restaurants-details.php.
CVE-2019-6247 2 Antigrain, Svgpp 2 Agg, Svgpp 2024-11-21 N/A
An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used in SVG++ (aka svgpp) 1.2.3. A heap-based buffer overflow bug in svgpp_agg_render may lead to code execution. In the render_scanlines_aa_solid function, the blend_hline function is called repeatedly multiple times. blend_hline is equivalent to a loop containing write operations. Each call writes a piece of heap data, and multiple calls overwrite the data in the heap.
CVE-2019-6245 3 Antigrain, Debian, Svgpp 3 Agg, Debian Linux, Svgpp 2024-11-21 8.8 High
An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used in SVG++ (aka svgpp) 1.2.3. In the function agg::cell_aa::not_equal, dx is assigned to (x2 - x1). If dx >= dx_limit, which is (16384 << poly_subpixel_shift), this function will call itself recursively. There can be a situation where (x2 - x1) is always bigger than dx_limit during the recursion, leading to continual stack consumption.
CVE-2019-6243 1 Frog Cms Project 1 Frog Cms 2024-11-21 N/A
Frog CMS 0.9.5 allows XSS via the forgot password page (aka the /admin/?/login/forgot URI).
CVE-2019-6237 2 Apple, Redhat 7 Icloud, Iphone Os, Itunes and 4 more 2024-11-21 8.8 High
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2019-6235 1 Apple 5 Iphone Os, Itunes, Mac Os X and 2 more 2024-11-21 N/A
A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3, iTunes 12.9.3 for Windows. A sandboxed process may be able to circumvent sandbox restrictions.
CVE-2019-6234 3 Apple, Microsoft, Webkitgtk 7 Icloud, Iphone Os, Itunes and 4 more 2024-11-21 N/A
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2019-6233 2 Apple, Microsoft 6 Icloud, Iphone Os, Itunes and 3 more 2024-11-21 N/A
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2019-6229 2 Apple, Microsoft 6 Icloud, Iphone Os, Itunes and 3 more 2024-11-21 N/A
A logic issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to universal cross site scripting.
CVE-2019-6228 1 Apple 2 Iphone Os, Safari 2024-11-21 N/A
A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. This issue is fixed in iOS 12.1.3, Safari 12.0.3. Processing maliciously crafted web content may lead to a cross site scripting attack.
CVE-2019-6227 2 Apple, Microsoft 7 Icloud, Iphone Os, Itunes and 4 more 2024-11-21 N/A
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2019-6226 2 Apple, Microsoft 7 Icloud, Iphone Os, Itunes and 4 more 2024-11-21 N/A
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2019-6225 1 Apple 3 Iphone Os, Mac Os X, Tvos 2024-11-21 N/A
A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may be able to elevate privileges.
CVE-2019-6218 1 Apple 3 Iphone Os, Mac Os X, Tvos 2024-11-21 N/A
A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may be able to execute arbitrary code with kernel privileges.
CVE-2019-6217 2 Apple, Microsoft 7 Icloud, Iphone Os, Itunes and 4 more 2024-11-21 N/A
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2019-6216 2 Apple, Microsoft 7 Icloud, Iphone Os, Itunes and 4 more 2024-11-21 N/A
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.