Export limit exceeded: 10068 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 10050 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10050 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-6291 | 1 Nasm | 1 Netwide Assembler | 2024-11-21 | N/A |
| An issue was discovered in the function expr6 in eval.c in Netwide Assembler (NASM) through 2.14.02. There is a stack exhaustion problem caused by the expr6 function making recursive calls to itself in certain scenarios involving lots of '!' or '+' or '-' characters. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted asm file. | ||||
| CVE-2019-6290 | 1 Nasm | 1 Netwide Assembler | 2024-11-21 | N/A |
| An infinite recursion issue was discovered in eval.c in Netwide Assembler (NASM) through 2.14.02. There is a stack exhaustion problem resulting from infinite recursion in the functions expr, rexp, bexpr and cexpr in certain scenarios involving lots of '{' characters. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted asm file. | ||||
| CVE-2019-6230 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2024-11-21 | N/A |
| A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3,macOS Mojave 10.14.3,tvOS 12.1.2,watchOS 5.1.3. A malicious application may be able to break out of its sandbox. | ||||
| CVE-2019-6208 | 1 Apple | 3 Iphone Os, Mac Os X, Tv Os | 2024-11-21 | N/A |
| A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may cause unexpected changes in memory shared between processes. | ||||
| CVE-2019-6194 | 1 Lenovo | 1 Xclarity Administrator | 2024-11-21 | 5.7 Medium |
| An XML External Entity (XXE) processing vulnerability was reported in Lenovo XClarity Administrator (LXCA) versions prior to 2.6.6 that could allow information disclosure. | ||||
| CVE-2019-6190 | 1 Lenovo | 364 510-15ikl, 510-15ikl Firmware, 510s-08ikl and 361 more | 2024-11-21 | 5 Medium |
| Lenovo was notified of a potential denial of service vulnerability, affecting various versions of BIOS for Lenovo Desktop, Desktop - All in One, and ThinkStation, that could cause PCRs to be cleared intermittently after resuming from sleep (S3) on systems with Intel TXT enabled. | ||||
| CVE-2019-6179 | 1 Lenovo | 2 Xclarity Administrator, Xclarity Integrator | 2024-11-21 | 7.5 High |
| An XML External Entity (XXE) processing vulnerability was reported in Lenovo XClarity Administrator (LXCA) prior to version 2.5.0 , Lenovo XClarity Integrator (LXCI) for Microsoft System Center prior to version 7.7.0, and Lenovo XClarity Integrator (LXCI) for VMWare vCenter prior to version 6.1.0 that could allow information disclosure. | ||||
| CVE-2019-6156 | 1 Lenovo | 354 330-14igm, 330-14igm Firmware, 330-15igm and 351 more | 2024-11-21 | N/A |
| In Lenovo systems, SMM BIOS Write Protection is used to prevent writes to SPI Flash. While this provides sufficient protection, an additional layer of protection is provided by SPI Protected Range Registers (PRx). Lenovo was notified that after resuming from S3 sleep mode in various versions of BIOS for Lenovo systems, the PRx is not set. This does not impact the SMM BIOS Write Protection, which keeps systems protected. | ||||
| CVE-2019-6133 | 4 Canonical, Debian, Polkit Project and 1 more | 12 Ubuntu Linux, Debian Linux, Polkit and 9 more | 2024-11-21 | N/A |
| In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c. | ||||
| CVE-2019-6131 | 1 Artifex | 1 Mupdf | 2024-11-21 | N/A |
| svg-run.c in Artifex MuPDF 1.14.0 has infinite recursion with stack consumption in svg_run_use_symbol, svg_run_element, and svg_run_use, as demonstrated by mutool. | ||||
| CVE-2019-6035 | 1 Yahoo | 1 Athenz | 2024-11-21 | 6.1 Medium |
| Open redirect vulnerability in Athenz v1.8.24 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted page. | ||||
| CVE-2019-6025 | 1 Sixapart | 1 Movable Type | 2024-11-21 | 6.1 Medium |
| Open redirect vulnerability in Movable Type series Movable Type 7 r.4602 (7.1.3) and earlier (Movable Type 7), Movable Type 6.5.0 and 6.5.1 (Movable Type 6.5), Movable Type 6.3.9 and earlier (Movable Type 6.3.x, 6.2.x, 6.1.x, 6.0.x), Movable Type Advanced 7 r.4602 (7.1.3) and earlier (Movable Type 7), Movable Type Advanced 6.5.0 and 6.5.1 (Movable Type 6.5), Movable Type Advanced 6.3.9 and earlier (Movable Type 6.3.x, 6.2.x, 6.1.x, 6.0.x), Movable Type Premium 1.24 and earlier (Movable Type Premium), and Movable Type Premium (Advanced Edition) 1.24 and earlier (Movable Type Premium) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted URL. | ||||
| CVE-2019-6021 | 1 Ricoh | 1 Limedio | 2024-11-21 | 6.1 Medium |
| Open redirect vulnerability in Library Information Management System LIMEDIO all versions allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted URL. | ||||
| CVE-2019-6020 | 1 Alfasado | 1 Powercms | 2024-11-21 | 6.1 Medium |
| Open redirect vulnerability in PowerCMS 5.12 and earlier (PowerCMS 5.x), 4.42 and earlier (PowerCMS 4.x), and 3.293 and earlier (PowerCMS 3.x) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted URL. | ||||
| CVE-2019-6009 | 1 Ss-proj | 1 Shirasagi | 2024-11-21 | 6.1 Medium |
| Open redirect vulnerability in SHIRASAGI v1.7.0 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | ||||
| CVE-2019-6004 | 1 Fujixerox | 2 Apeosware Management Suite, Apeosware Management Suite 2 | 2024-11-21 | 6.1 Medium |
| Open redirect vulnerability in ApeosWare Management Suite Ver.1.4.0.18 and earlier, and ApeosWare Management Suite 2 Ver.2.1.2.4 and earlier allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | ||||
| CVE-2019-5978 | 1 Cybozu | 1 Garoon | 2024-11-21 | 6.1 Medium |
| Open redirect vulnerability in Cybozu Garoon 4.0.0 to 4.10.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the application 'Scheduler'. | ||||
| CVE-2019-5969 | 1 Weseek | 1 Growi | 2024-11-21 | N/A |
| Open redirect vulnerability in GROWI v3.4.6 and earlier allows remote attackersto redirect users to arbitrary web sites and conduct phishing attacks via the process of login. | ||||
| CVE-2019-5966 | 1 Joruri | 1 Joruri Mail | 2024-11-21 | N/A |
| Joruri Mail 2.1.4 and earlier does not properly manage sessions, which allows remote attackers to impersonate an arbitrary user and alter/disclose the information via unspecified vectors. | ||||
| CVE-2019-5965 | 1 Joruri | 1 Joruri Mail | 2024-11-21 | N/A |
| Open redirect vulnerability in Joruri Mail 2.1.4 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | ||||