Export limit exceeded: 75899 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (75899 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-19382 | 1 Maxpcsecure | 1 Anti Virus Plus | 2024-11-21 | 7.8 High |
| Max Secure Anti Virus Plus 19.0.4.020 has Insecure Permissions on the installation directory. Local attackers can replace a .exe or .dll file to achieve privilege escalation. | ||||
| CVE-2019-19378 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 7.8 High |
| In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image can lead to slab-out-of-bounds write access in index_rbio_pages in fs/btrfs/raid56.c. | ||||
| CVE-2019-19377 | 2 Linux, Netapp | 5 Linux Kernel, Active Iq Unified Manager, Cloud Backup and 2 more | 2024-11-21 | 7.8 High |
| In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfs_queue_work in fs/btrfs/async-thread.c. | ||||
| CVE-2019-19373 | 1 Squiz | 1 Matrix | 2024-11-21 | 7.5 High |
| An issue was discovered in Squiz Matrix CMS 5.5.0 prior to 5.5.0.3, 5.5.1 prior to 5.5.1.8, 5.5.2 prior to 5.5.2.4, and 5.5.3 prior to 5.5.3.3 where a user can trigger arbitrary unserialization of a PHP object from a packages/cms/page_templates/page_remote_content/page_remote_content.inc POST parameter during processing of a Remote Content page type. This unserialization can be used to trigger the inclusion of arbitrary files on the filesystem (local file inclusion), and results in remote code execution. | ||||
| CVE-2019-19372 | 1 Rconfig | 1 Rconfig | 2024-11-21 | 7.5 High |
| A downloadFile.php download_file path traversal vulnerability in rConfig through 3.9.3 allows attackers to list files in arbitrary folders and potentially download files. NOTE: the discoverer later reported that there was not a "fully working exploit. | ||||
| CVE-2019-19364 | 1 Sony | 2 Catalyst Browse, Catalyst Production Suite | 2024-11-21 | 7.8 High |
| A weak malicious user can escalate its privilege whenever CatalystProductionSuite.2019.1.exe (version 1.1.0.21) and CatalystBrowseSuite.2019.1.exe (version 1.1.0.21) installers run. The vulnerability is in the form of DLL Hijacking. The installers try to load DLLs that don’t exist from its current directory; by doing so, an attacker can quickly escalate its privileges. | ||||
| CVE-2019-19363 | 1 Ricoh | 8 Generic Pcl5 Driver, Pc Fax Generic Driver, Pcl6 \(pcl Xl\) Driver and 5 more | 2024-11-21 | 7.8 High |
| An issue was discovered in Ricoh (including Savin and Lanier) Windows printer drivers prior to 2020 that allows attackers local privilege escalation. Affected drivers and versions are: PCL6 Driver for Universal Print - Version 4.0 or later PS Driver for Universal Print - Version 4.0 or later PC FAX Generic Driver - All versions Generic PCL5 Driver - All versions RPCS Driver - All versions PostScript3 Driver - All versions PCL6 (PCL XL) Driver - All versions RPCS Raster Driver - All version | ||||
| CVE-2019-19355 | 1 Redhat | 1 Openshift | 2024-11-21 | 7 High |
| An insecure modification vulnerability in the /etc/passwd file was found in the openshift/ocp-release-operator-sdk. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges. This CVE is specific to the openshift/ansible-operator-container as shipped in Openshift 4. | ||||
| CVE-2019-19354 | 1 Redhat | 3 Enterprise Linux, Openshift, Openshift Container Platform | 2024-11-21 | 7.8 High |
| An insecure modification vulnerability in the /etc/passwd file was found in the operator-framework/hadoop as shipped in Red Hat Openshift 4. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges. | ||||
| CVE-2019-19353 | 1 Redhat | 1 Openshift Container Platform | 2024-11-21 | 7.0 High |
| An insecure modification vulnerability in the /etc/passwd file was found in the operator-framework/hive as shipped in Red Hat Openshift 4. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges. | ||||
| CVE-2019-19352 | 1 Redhat | 2 Openshift, Openshift Container Platform | 2024-11-21 | 7.0 High |
| An insecure modification vulnerability in the /etc/passwd file was found in the operator-framework/presto as shipped in Red Hat Openshift 4. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges. | ||||
| CVE-2019-19351 | 1 Redhat | 1 Openshift | 2024-11-21 | 7 High |
| An insecure modification vulnerability in the /etc/passwd file was found in the container openshift/jenkins. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges. This CVE is specific to the openshift/jenkins-slave-base-rhel7-containera as shipped in Openshift 4 and 3.11. | ||||
| CVE-2019-19350 | 1 Redhat | 1 Openshift | 2024-11-21 | 7.8 High |
| An insecure modification vulnerability in the /etc/passwd file was found in the openshift/ansible-service-broker as shipped in Red Hat Openshift 4 and 3.11. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges. | ||||
| CVE-2019-19349 | 1 Redhat | 1 Openshift | 2024-11-21 | 7.8 High |
| An insecure modification vulnerability in the /etc/passwd file was found in the container operator-framework/operator-metering as shipped in Red Hat Openshift 4. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges. | ||||
| CVE-2019-19348 | 1 Redhat | 1 Openshift | 2024-11-21 | 7 High |
| An insecure modification vulnerability in the /etc/passwd file was found in the container openshift/apb-base, affecting versions before the following 4.3.5, 4.2.21, 4.1.37, and 3.11.188-4. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges. | ||||
| CVE-2019-19346 | 1 Redhat | 1 Openshift | 2024-11-21 | 7 High |
| An insecure modification vulnerability in the /etc/passwd file was found in the container openshift/mariadb-apb, affecting versions before the following 4.3.5, 4.2.21, 4.1.37, and 3.11.188-4 . An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges. | ||||
| CVE-2019-19345 | 1 Redhat | 1 Openshift | 2024-11-21 | 7 High |
| A vulnerability was found in all openshift/mediawiki-apb 4.x.x versions prior to 4.3.0, where an insecure modification vulnerability in the /etc/passwd file was found in the container openshift/mediawiki-apb. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges. | ||||
| CVE-2019-19343 | 2 Netapp, Redhat | 6 Active Iq Unified Manager, Jboss-remoting, Jboss Enterprise Application Platform and 3 more | 2024-11-21 | 7.5 High |
| A flaw was found in Undertow when using Remoting as shipped in Red Hat Jboss EAP before version 7.2.4. A memory leak in HttpOpenListener due to holding remote connections indefinitely may lead to denial of service. Versions before undertow 2.0.25.SP1 and jboss-remoting 5.0.14.SP1 are believed to be vulnerable. | ||||
| CVE-2019-19340 | 1 Redhat | 2 Ansible Tower, Enterprise Linux | 2024-11-21 | 8.2 High |
| A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2 and 3.5.x before 3.5.3, where enabling RabbitMQ manager by setting it with '-e rabbitmq_enable_manager=true' exposes the RabbitMQ management interface publicly, as expected. If the default admin user is still active, an attacker could guess the password and gain access to the system. | ||||
| CVE-2019-19331 | 2 Debian, Nic | 2 Debian Linux, Knot Resolver | 2024-11-21 | 7.5 High |
| knot-resolver before version 4.3.0 is vulnerable to denial of service through high CPU utilization. DNS replies with very many resource records might be processed very inefficiently, in extreme cases taking even several CPU seconds for each such uncached message. For example, a few thousand A records can be squashed into one DNS message (limit is 64kB). | ||||