Export limit exceeded: 338378 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 338378 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 76014 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (76014 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-5436 | 8 Debian, F5, Fedoraproject and 5 more | 15 Debian Linux, Traffix Signaling Delivery Controller, Fedora and 12 more | 2024-11-21 | 7.8 High |
| A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1. | ||||
| CVE-2019-5432 | 1 Mqtt-packet Project | 1 Mqtt-packet | 2024-11-21 | 7.5 High |
| A specifically malformed MQTT Subscribe packet crashes MQTT Brokers using the mqtt-packet module versions < 3.5.1, 4.0.0 - 4.1.3, 5.0.0 - 5.6.1, 6.0.0 - 6.1.2 for decoding. | ||||
| CVE-2019-5429 | 3 Debian, Fedoraproject, Filezilla-project | 3 Debian Linux, Fedora, Filezilla Client | 2024-11-21 | 7.8 High |
| Untrusted search path in FileZilla before 3.41.0-rc1 allows an attacker to gain privileges via a malicious 'fzsftp' binary in the user's home directory. | ||||
| CVE-2019-5424 | 1 Ui | 1 Edgeswitch X | 2024-11-21 | 8.8 High |
| In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, a privileged user can execute arbitrary shell commands over the SSH CLI interface. This allows to execute shell commands under the root user. | ||||
| CVE-2019-5419 | 5 Debian, Fedoraproject, Opensuse and 2 more | 8 Debian Linux, Fedora, Leap and 5 more | 2024-11-21 | 7.5 High |
| There is a possible denial of service vulnerability in Action View (Rails) <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 where specially crafted accept headers can cause action view to consume 100% cpu and make the server unresponsive. | ||||
| CVE-2019-5415 | 1 Zeit | 1 Serve | 2024-11-21 | 7.5 High |
| A bug in handling the ignore files and directories feature in serve 6.5.3 allows an attacker to read a file or list the directory that the victim has not allowed access to. | ||||
| CVE-2019-5326 | 1 Arubanetworks | 1 Airwave | 2024-11-21 | 7.2 High |
| An administrative application user of or application user with write access to Aruba Airwave VisualRF is able to obtain code execution on the AMP platform. This is possible due to the ability to overwrite a file on disk which is subsequently deserialized by the Java application component. | ||||
| CVE-2019-5323 | 1 Arubanetworks | 1 Airwave | 2024-11-21 | 7.2 High |
| There are command injection vulnerabilities present in the AirWave application. Certain input fields controlled by an administrative user are not properly sanitized before being parsed by AirWave. If conditions are met, an attacker can obtain command execution on the host. | ||||
| CVE-2019-5322 | 1 Arubanetworks | 14 2530 10\/100 Port, 2530 10\/100 Port Firmware, 2530 With Gigt Port and 11 more | 2024-11-21 | 7.5 High |
| A remotely exploitable information disclosure vulnerability is present in Aruba Intelligent Edge Switch models 5400, 3810, 2920, 2930, 2530 with GigT port, 2530 10/100 port, or 2540. The vulnerability impacts firmware 16.08.* before 16.08.0009, 16.09.* before 16.09.0007 and 16.10.* before 16.10.0003. The vulnerability allows an attacker to retrieve sensitive system information. This attack can be carried out without user authentication under very specific conditions. | ||||
| CVE-2019-5321 | 1 Arubanetworks | 12 2530, 2530 Firmware, 2540 and 9 more | 2024-11-21 | 8.8 High |
| Aruba Intelligent Edge Switch Series 2540, 2530, 2930F, 2930M, 2920, 5400R, and 3810M with firmware 16.08.* before 16.08.0009, 16.09.* before 16.09.0007, 16.10.* before 16.10.0003 are vulnerable to Remote Unauthorized Access in the WebUI. | ||||
| CVE-2019-5315 | 1 Arubanetworks | 1 Arubaos | 2024-11-21 | 7.2 High |
| A command injection vulnerability is present in the web management interface of ArubaOS that permits an authenticated user to execute arbitrary commands on the underlying operating system. A malicious administrator could use this ability to install backdoors or change system configuration in a way that would not be logged. This vulnerability only affects ArubaOS 8.x. | ||||
| CVE-2019-5304 | 1 Huawei | 52 Ar120-s, Ar120-s Firmware, Ar1200 and 49 more | 2024-11-21 | 7.5 High |
| Some Huawei products have a buffer error vulnerability. An unauthenticated, remote attacker could send specific MPLS Echo Request messages to the target products. Due to insufficient input validation of some parameters in the messages, successful exploit may cause the device to reset. | ||||
| CVE-2019-5294 | 1 Huawei | 32 Ar120-s, Ar120-s Firmware, Ar1200 and 29 more | 2024-11-21 | 7.5 High |
| There is an out of bound read vulnerability in some Huawei products. A remote, unauthenticated attacker may send a corrupt or crafted message to the affected products. Due to a buffer read overflow error when parsing the message, successful exploit may cause some service to be abnormal. | ||||
| CVE-2019-5289 | 1 Huawei | 1 Manageone | 2024-11-21 | 7.5 High |
| Gauss100 OLTP database in ManageOne with versions of 6.5.0 have an out-of-bounds read vulnerability due to the insufficient checks of the specific packet length. Attackers can construct invalid packets to attack the active and standby communication channels. Successful exploit of this vulnerability could allow the attacker to crash the database on the standby node. | ||||
| CVE-2019-5288 | 1 Huawei | 2 P30, P30 Firmware | 2024-11-21 | 7.8 High |
| P30 smart phones with versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1) have an integer overflow vulnerability due to insufficient check on specific parameters. An attacker tricks the user into installing a malicious application, obtains the root permission and constructs specific parameters to the camera program to exploit this vulnerability. Successful exploit could cause the program to break down or allow for arbitrary code execution. | ||||
| CVE-2019-5287 | 1 Huawei | 2 P30, P30 Firmware | 2024-11-21 | 7.8 High |
| P30 smart phones with versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1) have an integer overflow vulnerability due to insufficient check on specific parameters. An attacker tricks the user into installing a malicious application, obtains the root permission and constructs specific parameters to the camera program to exploit this vulnerability. Successful exploit could cause the program to break down or allow for arbitrary code execution. | ||||
| CVE-2019-5282 | 1 Huawei | 14 Emily-al00a, Emily-al00a Firmware, Emily-l09c and 11 more | 2024-11-21 | 7.8 High |
| Bastet module of some Huawei smartphones with Versions earlier than Emily-AL00A 9.0.0.182(C00E82R1P21), Versions earlier than Emily-TL00B 9.0.0.182(C01E82R1P21), Versions earlier than Emily-L09C 9.0.0.203(C432E7R1P11), Versions earlier than Emily-L29C 9.0.0.203(C432E7R1P11), Versions earlier than Emily-L29C 9.0.0.202(C185E2R1P12) have a double free vulnerability. An attacker tricks the user into installing a malicious application, which frees on the same memory address twice. Successful exploit could result in malicious code execution. | ||||
| CVE-2019-5277 | 1 Huawei | 2 Cloudusm-eua, Cloudusm-eua Firmware | 2024-11-21 | 7.5 High |
| Huawei CloudUSM-EUA V600R006C10;V600R019C00 have an information leak vulnerability. Due to improper configuration, the attacker may cause information leak by successful exploitation. | ||||
| CVE-2019-5276 | 1 Huawei | 2 Elle-al00b, Elle-al00b Firmware | 2024-11-21 | 8.8 High |
| Huawei smart phones with earlier versions than ELLE-AL00B 9.1.0.222(C00E220R2P1) have a buffer overflow vulnerability. An attacker may intercept and tamper with the packet in the local area network (LAN) to exploit this vulnerability. Successful exploitation may cause the affected phone abnormal. | ||||
| CVE-2019-5275 | 1 Huawei | 2 Usg9500, Usg9500 Firmware | 2024-11-21 | 7.5 High |
| USG9500 with versions of V500R001C30;V500R001C60 have a denial of service vulnerability. Due to a flaw in the X.509 implementation in the affected products which can result in a heap buffer overflow when decoding a certificate, an attacker may exploit the vulnerability by a malicious certificate to perform a denial of service attack on the affected products. | ||||