Search Results (83230 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2019-17351 2 Linux, Xen 2 Linux Kernel, Xen 2024-11-21 6.5 Medium
An issue was discovered in drivers/xen/balloon.c in the Linux kernel before 5.2.3, as used in Xen through 4.12.x, allowing guest OS users to cause a denial of service because of unrestricted resource consumption during the mapping of guest memory, aka CID-6ef36ab967c7.
CVE-2019-17338 1 Tibco 1 Patterns - Search 2024-11-21 5.4 Medium
The user interface component of TIBCO Software Inc.'s TIBCO Patterns - Search contains multiple vulnerabilities that theoretically allow authenticated users to perform persistent cross-site scripting (XSS) attacks. Affected releases are TIBCO Software Inc.'s TIBCO Patterns - Search: versions 5.4.0 and below.
CVE-2019-17337 1 Tibco 2 Spotfire Analytics Platform For Aws, Spotfire Server 2024-11-21 5.4 Medium
The Spotfire library component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace and TIBCO Spotfire Server contains a vulnerability that theoretically allows an attacker to perform a reflected cross-site scripting (XSS) attack. Affected releases are TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace: version 10.6.0 and TIBCO Spotfire Server: versions 7.11.7 and below, versions 7.12.0, 7.13.0, 7.14.0, 10.0.0, 10.0.1, 10.1.0, 10.2.0, 10.2.1, 10.3.0, 10.3.1, 10.3.2, 10.3.3, and 10.3.4, versions 10.4.0, 10.5.0, and 10.6.0.
CVE-2019-17333 1 Tibco 1 Ebx 2024-11-21 5.4 Medium
The Web server component of TIBCO Software Inc.'s TIBCO EBX contains a vulnerability that theoretically allows authenticated users to perform stored cross-site scripting (XSS) attacks. Affected releases are TIBCO Software Inc.'s TIBCO EBX: versions 5.8.1.fixS and below, versions 5.9.3, 5.9.4, 5.9.5, 5.9.6, and 5.9.7.
CVE-2019-17332 1 Tibco 1 Ebx Add-ons 2024-11-21 5.4 Medium
The Digital Asset Manager Web Interface component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains a vulnerability that theoretically allows authenticated users to perform stored cross-site scripting (XSS) attacks. Affected releases are TIBCO Software Inc.'s TIBCO EBX Add-ons: versions up to and including 3.20.13, versions 4.1.0, 4.2.0, 4.2.1, and 4.2.2.
CVE-2019-17331 1 Tibco 1 Ebx Add-ons 2024-11-21 5.4 Medium
The Data Exchange Web Interface component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains a vulnerability that theoretically allows authenticated users to perform stored cross-site scripting (XSS) attacks. Affected releases are TIBCO Software Inc.'s TIBCO EBX Add-ons: versions up to and including 3.20.13, version 4.1.0.
CVE-2019-17330 1 Tibco 1 Ebx 2024-11-21 9.6 Critical
The Web server component of TIBCO Software Inc.'s TIBCO EBX contains multiple vulnerabilities that theoretically allow authenticated users to perform stored cross-site scripting (XSS) attacks, and unauthenticated users to perform reflected cross-site scripting attacks. Affected releases are TIBCO Software Inc.'s TIBCO EBX: versions up to and including 5.8.1.fixR, versions 5.9.3, 5.9.4, 5.9.5, and 5.9.6.
CVE-2019-17276 1 Netapp 1 Oncommand System Manager 2024-11-21 5.4 Medium
OnCommand System Manager versions 9.3 prior to 9.3P18 and 9.4 prior to 9.4P2 are susceptible to a cross site scripting vulnerability that could allow an authenticated attacker to inject arbitrary scripts into the SNMP Community Names label field.
CVE-2019-17270 1 Yachtcontrol 1 Yachtcontrol 2024-11-21 9.8 Critical
Yachtcontrol through 2019-10-06: It's possible to perform direct Operating System commands as an unauthenticated user via the "/pages/systemcall.php?command={COMMAND}" page and parameter, where {COMMAND} will be executed and returning the results to the client. Affects Yachtcontrol webservers disclosed via Dutch GPRS/4G mobile IP-ranges. IP addresses vary due to DHCP client leasing of telco's.
CVE-2019-17269 1 Intelliantech 1 Remote Access 2024-11-21 9.8 Critical
Intellian Remote Access 3.18 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the Ping Test field.
CVE-2019-17262 1 Xnview 1 Xnview 2024-11-21 7.8 High
XnView Classic 2.49.1 allows a User Mode Write AV starting at Xwsq+0x0000000000001fc0.
CVE-2019-17261 1 Xnview 1 Xnview 2024-11-21 7.8 High
XnView Classic 2.49.1 allows a User Mode Write AV starting at Xwsq+0x0000000000001e51.
CVE-2019-17259 1 Kmplayer 1 Kmplayer 2024-11-21 7.8 High
KMPlayer 4.2.2.31 allows a User Mode Write AV starting at utils!src_new+0x000000000014d6ee.
CVE-2019-17258 1 Irfanview 1 Irfanview 2024-11-21 7.8 High
IrfanView 4.53 allows Data from a Faulting Address to control a subsequent Write Address starting at JPEG_LS+0x000000000000839c.
CVE-2019-17257 1 Irfanview 1 Irfanview 2024-11-21 5.5 Medium
IrfanView 4.53 allows a Exception Handler Chain to be Corrupted starting at EXR!ReadEXR+0x000000000002af80.
CVE-2019-17256 1 Irfanview 1 Irfanview 2024-11-21 7.8 High
IrfanView 4.53 allows a User Mode Write AV starting at DPX!ReadDPX_W+0x0000000000001203.
CVE-2019-17255 1 Irfanview 1 Irfanview 2024-11-21 7.8 High
IrfanView 4.53 allows a User Mode Write AV starting at EXR!ReadEXR+0x0000000000010836.
CVE-2019-17254 1 Irfanview 1 Irfanview 2024-11-21 7.8 High
IrfanView 4.53 allows Data from a Faulting Address to control a subsequent Write Address starting at FORMATS!Read_BadPNG+0x0000000000000101.
CVE-2019-17253 1 Irfanview 1 Irfanview 2024-11-21 7.8 High
IrfanView 4.53 allows a User Mode Write AV starting at JPEG_LS+0x000000000000a6b8.
CVE-2019-17252 1 Irfanview 1 Irfanview 2024-11-21 7.8 High
IrfanView 4.53 allows a User Mode Write AV starting at FORMATS!Read_BadPNG+0x0000000000000115.