Export limit exceeded: 363285 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363285 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-16746 | 6 Canonical, Debian, Fedoraproject and 3 more | 7 Ubuntu Linux, Debian Linux, Fedora and 4 more | 2024-11-21 | 9.8 Critical |
| An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not check the length of variable elements in a beacon head, leading to a buffer overflow. | ||||
| CVE-2019-16745 | 1 Ebrigade | 1 Ebrigade | 2024-11-21 | 8.8 High |
| eBrigade before 5.0 has evenement_choice.php chxCal SQL Injection. | ||||
| CVE-2019-16744 | 1 Ebrigade | 1 Ebrigade | 2024-11-21 | 8.8 High |
| eBrigade before 5.0 has evenements.php cid SQL Injection. | ||||
| CVE-2019-16743 | 1 Ebrigade | 1 Ebrigade | 2024-11-21 | 8.8 High |
| eBrigade before 5.0 has evenement_ical.php evenement SQL Injection. | ||||
| CVE-2019-16737 | 2 Petwant, Skymee | 4 Pf-103, Pf-103 Firmware, Petalk Ai and 1 more | 2024-11-21 | 9.8 Critical |
| The processCommandSetMac() function of libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to execute arbitrary system commands as the root user. | ||||
| CVE-2019-16736 | 2 Petwant, Skymee | 4 Pf-103, Pf-103 Firmware, Petalk Ai and 1 more | 2024-11-21 | 9.8 Critical |
| A stack-based buffer overflow in processCommandUploadSnapshot in libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to cause denial of service or run arbitrary code as the root user. | ||||
| CVE-2019-16735 | 2 Petwant, Skymee | 4 Pf-103, Pf-103 Firmware, Petalk Ai and 1 more | 2024-11-21 | 9.8 Critical |
| A stack-based buffer overflow in processCommandUploadLog in libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to cause denial of service or run arbitrary code as the root user. | ||||
| CVE-2019-16734 | 2 Petwant, Skymee | 4 Pf-103, Pf-103 Firmware, Petalk Ai and 1 more | 2024-11-21 | 9.8 Critical |
| Use of default credentials for the TELNET server in Petwant PF-103 firmware 4.3.2.50 and Petalk AI 3.2.2.30 allows remote attackers to execute arbitrary system commands as the root user. | ||||
| CVE-2019-16733 | 2 Petwant, Skymee | 4 Pf-103, Pf-103 Firmware, Petalk Ai and 1 more | 2024-11-21 | 9.8 Critical |
| processCommandSetUid() in libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to execute arbitrary system commands as the root user. | ||||
| CVE-2019-16732 | 2 Petwant, Skymee | 4 Pf-103, Pf-103 Firmware, Petalk Ai and 1 more | 2024-11-21 | 8.1 High |
| Unencrypted HTTP communications for firmware upgrades in Petalk AI and PF-103 allow man-in-the-middle attackers to run arbitrary code as the root user. | ||||
| CVE-2019-16731 | 2 Petwant, Skymee | 4 Pf-103, Pf-103 Firmware, Petalk Ai and 1 more | 2024-11-21 | 7.5 High |
| The udpServerSys service in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to initiate firmware upgrades and alter device settings. | ||||
| CVE-2019-16730 | 2 Petwant, Skymee | 4 Pf-103, Pf-103 Firmware, Petalk Ai and 1 more | 2024-11-21 | 9.8 Critical |
| processCommandUpgrade() in libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to execute arbitrary system commands as the root user. | ||||
| CVE-2019-16729 | 3 Canonical, Debian, Pam-python Project | 3 Ubuntu Linux, Debian Linux, Pam-python | 2024-11-21 | 7.8 High |
| pam-python before 1.0.7-1 has an issue in regard to the default environment variable handling of Python, which could allow for local root escalation in certain PAM setups. | ||||
| CVE-2019-16728 | 2 Cure53, Debian | 2 Dompurify, Debian Linux | 2024-11-21 | 6.1 Medium |
| DOMPurify before 2.0.1 allows XSS because of innerHTML mutation XSS (mXSS) for an SVG element or a MATH element, as demonstrated by Chrome and Safari. | ||||
| CVE-2019-16725 | 1 Joomla | 1 Joomla\! | 2024-11-21 | 6.1 Medium |
| In Joomla! 3.x before 3.9.12, inadequate escaping allowed XSS attacks using the logo parameter of the default templates. | ||||
| CVE-2019-16724 | 1 Upredsun | 1 File Sharing Wizard | 2024-11-21 | 9.8 Critical |
| File Sharing Wizard 1.5.0 allows a remote attacker to obtain arbitrary code execution by exploiting a Structured Exception Handler (SEH) based buffer overflow in an HTTP POST parameter, a similar issue to CVE-2010-2330 and CVE-2010-2331. | ||||
| CVE-2019-16723 | 1 Cacti | 1 Cacti | 2024-11-21 | 4.3 Medium |
| In Cacti through 1.2.6, authenticated users may bypass authorization checks (for viewing a graph) via a direct graph_json.php request with a modified local_graph_id parameter. | ||||
| CVE-2019-16722 | 1 Zzzcms | 1 Zzzphp | 2024-11-21 | 9.8 Critical |
| ZZZCMS zzzphp v1.7.2 has an insufficient protection mechanism against PHP Code Execution, because passthru bypasses an str_ireplace operation. | ||||
| CVE-2019-16721 | 1 5none | 1 Nonecms | 2024-11-21 | 6.5 Medium |
| NoneCMS v1.3 has CSRF in public/index.php/admin/admin/dele.html, as demonstrated by deleting the admin user. | ||||
| CVE-2019-16720 | 1 Zzzcms | 1 Zzzphp | 2024-11-21 | 7.5 High |
| ZZZCMS zzzphp v1.7.2 does not properly restrict file upload in plugins/ueditor/php/controller.php?upfolder=news&action=catchimage, as demonstrated by uploading a .htaccess or .php5 file. | ||||