Export limit exceeded: 335868 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19321 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-12987 | 1 Citrix | 2 Netscaler Sd-wan, Sd-wan | 2024-11-21 | N/A |
| Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 3 of 6). | ||||
| CVE-2019-12986 | 1 Citrix | 2 Netscaler Sd-wan, Sd-wan | 2024-11-21 | N/A |
| Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 2 of 6). | ||||
| CVE-2019-12985 | 1 Citrix | 2 Netscaler Sd-wan, Sd-wan | 2024-11-21 | N/A |
| Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 1 of 6). | ||||
| CVE-2019-12951 | 1 Cesanta | 1 Mongoose | 2024-11-21 | N/A |
| An issue was discovered in Mongoose before 6.15. The parse_mqtt() function in mg_mqtt.c has a critical heap-based buffer overflow. | ||||
| CVE-2019-12937 | 1 Toaruos Project | 1 Toaruos | 2024-11-21 | N/A |
| apps/gsudo.c in gsudo in ToaruOS through 1.10.9 has a buffer overflow allowing local privilege escalation to the root user via the DISPLAY environment variable. | ||||
| CVE-2019-12929 | 1 Qemu | 1 Qemu | 2024-11-21 | N/A |
| The QMP guest_exec command in QEMU 4.0.0 and earlier is prone to OS command injection, which allows the attacker to achieve code execution, denial of service, or information disclosure by sending a crafted QMP command to the listening server. Note: This has been disputed as a non-issue since QEMU's -qmp interface is meant to be used by trusted users. If one is able to access this interface via a tcp socket open to the internet, then it is an insecure configuration issue | ||||
| CVE-2019-12928 | 1 Qemu | 1 Qemu | 2024-11-21 | N/A |
| The QMP migrate command in QEMU version 4.0.0 and earlier is vulnerable to OS command injection, which allows the remote attacker to achieve code execution, denial of service, or information disclosure by sending a crafted QMP command to the listening server. Note: This has been disputed as a non-issue since QEMU's -qmp interface is meant to be used by trusted users. If one is able to access this interface via a tcp socket open to the internet, then it is an insecure configuration issue | ||||
| CVE-2019-12899 | 1 Deltaww | 1 Devicenet Builder | 2024-11-21 | N/A |
| Delta Electronics DeviceNet Builder 2.04 has a User Mode Write AV starting at ntdll!RtlQueueWorkItem+0x00000000000005e3. | ||||
| CVE-2019-12898 | 1 Deltaww | 1 Devicenet Builder | 2024-11-21 | N/A |
| Delta Electronics DeviceNet Builder 2.04 has a User Mode Write AV starting at image00400000+0x000000000017a45e. | ||||
| CVE-2019-12896 | 1 Edrawsoft | 1 Edraw Max | 2024-11-21 | N/A |
| Edraw Max 7.9.3 has Heap Corruption starting at ntdll!RtlpNtMakeTemporaryKey+0x0000000000001a77. | ||||
| CVE-2019-12895 | 1 Alternate-tools | 1 Alternate Pic View | 2024-11-21 | N/A |
| In Alternate Pic View 2.600, the Exception Handler Chain is Corrupted starting at PicViewer!PerfgrapFinalize+0x00000000000b916d. | ||||
| CVE-2019-12893 | 1 Alternate-tools | 1 Alternate Pic View | 2024-11-21 | N/A |
| Alternate Pic View 2.600 has a User Mode Write AV starting at PicViewer!PerfgrapFinalize+0x00000000000a8868. | ||||
| CVE-2019-12840 | 1 Webmin | 1 Webmin | 2024-11-21 | N/A |
| In Webmin through 1.910, any user authorized to the "Package Updates" module can execute arbitrary commands with root privileges via the data parameter to update.cgi. | ||||
| CVE-2019-12839 | 1 Orangehrm | 1 Orangehrm | 2024-11-21 | N/A |
| In OrangeHRM 4.3.1 and before, there is an input validation error within admin/listMailConfiguration (txtSendmailPath parameter) that allows authenticated attackers to achieve arbitrary command execution. | ||||
| CVE-2019-12835 | 1 Leanify Project | 1 Leanify | 2024-11-21 | N/A |
| formats/xml.cpp in Leanify 0.4.3 allows for a controlled out-of-bounds write in xml_memory_writer::write via characters that require escaping. | ||||
| CVE-2019-12829 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A |
| radare2 through 3.5.1 mishandles the RParse API, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact, as demonstrated by newstr buffer overflows during replace operations. This affects libr/asm/asm.c and libr/parse/parse.c. | ||||
| CVE-2019-12827 | 1 Digium | 2 Asterisk, Certified Asterisk | 2024-11-21 | N/A |
| Buffer overflow in res_pjsip_messaging in Digium Asterisk versions 13.21-cert3, 13.27.0, 15.7.2, 16.4.0 and earlier allows remote authenticated users to crash Asterisk by sending a specially crafted SIP MESSAGE message. | ||||
| CVE-2019-12817 | 6 Canonical, Debian, Fedoraproject and 3 more | 9 Ubuntu Linux, Debian Linux, Fedora and 6 more | 2024-11-21 | 7.0 High |
| arch/powerpc/mm/mmu_context_book3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB. Only a subset of powerpc systems are affected. | ||||
| CVE-2019-12812 | 2 Activesoft, Microsoft | 2 Mybuilder, Windows | 2024-11-21 | 9.8 Critical |
| MyBuilder viewer before 6.2.2019.814 allow an attacker to execute arbitrary command via specifically crafted configuration file. This can be leveraged for code execution. | ||||
| CVE-2019-12811 | 2 Activesoft, Microsoft | 2 Mybuilder, Windows | 2024-11-21 | 9.8 Critical |
| ActiveX Control in MyBuilder before 6.2.2019.814 allow an attacker to execute arbitrary command via the ShellOpen method. This can be leveraged for code execution | ||||