Export limit exceeded: 19334 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19334 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-19948 | 5 Canonical, Debian, Imagemagick and 2 more | 5 Ubuntu Linux, Debian Linux, Imagemagick and 2 more | 2024-11-21 | 9.8 Critical |
| In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c. | ||||
| CVE-2019-19943 | 1 Pablosoftwaresolutions | 1 Quick \'n Easy Web Server | 2024-11-21 | 7.5 High |
| The HTTP service in quickweb.exe in Pablo Quick 'n Easy Web Server 3.3.8 allows Remote Unauthenticated Heap Memory Corruption via a large host or domain parameter. It may be possible to achieve remote code execution because of a double free. | ||||
| CVE-2019-19940 | 1 Swisscom | 2 Centro Grande, Centro Grande Firmware | 2024-11-21 | 7.2 High |
| Incorrect input sanitation in text-oriented user interfaces (telnet, ssh) in Swisscom Centro Grande before 6.16.12 allows remote authenticated users to execute arbitrary commands via command injection. | ||||
| CVE-2019-19931 | 1 Mz-automation | 1 Libiec61850 | 2024-11-21 | 8.8 High |
| In libIEC61850 1.4.0, MmsValue_decodeMmsData in mms/iso_mms/server/mms_access_result.c has a heap-based buffer overflow. | ||||
| CVE-2019-19920 | 3 Canonical, Debian, Sa-exim Project | 3 Ubuntu Linux, Debian Linux, Sa-exim | 2024-11-21 | 8.8 High |
| sa-exim 4.2.1 allows attackers to execute arbitrary code if they can write a .cf file or a rule. This occurs because Greylisting.pm relies on eval (rather than direct parsing and/or use of the taint feature). This issue is similar to CVE-2018-11805. | ||||
| CVE-2019-19918 | 3 Fedoraproject, Lout Project, Opensuse | 4 Fedora, Lout, Backports Sle and 1 more | 2024-11-21 | 7.8 High |
| Lout 3.40 has a heap-based buffer overflow in the srcnext() function in z02.c. | ||||
| CVE-2019-19906 | 8 Apache, Apple, Canonical and 5 more | 20 Bookkeeper, Ipados, Iphone Os and 17 more | 2024-11-21 | 7.5 High |
| cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by an off-by-one error in _sasl_add_string in common.c in cyrus-sasl. | ||||
| CVE-2019-19897 | 1 Ixpdata | 1 Easyinstall | 2024-11-21 | 9.8 Critical |
| In IXP EasyInstall 6.2.13723, there is Remote Code Execution via the Agent Service. An unauthenticated attacker can communicate with the Agent Service over TCP port 20051, and execute code in the NT AUTHORITY\SYSTEM context of the target system by using the Execute Command Line function. | ||||
| CVE-2019-19847 | 1 Libspiro Project | 1 Libspiro | 2024-11-21 | 8.1 High |
| Libspiro through 20190731 has a stack-based buffer overflow in the spiro_to_bpath0() function in spiro.c. | ||||
| CVE-2019-19842 | 1 Ruckuswireless | 17 C110, E510, H320 and 14 more | 2024-11-21 | 9.8 Critical |
| emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=spectra-analysis to admin/_cmdstat.jsp via the mac attribute. | ||||
| CVE-2019-19841 | 1 Ruckuswireless | 17 C110, E510, H320 and 14 more | 2024-11-21 | 9.8 Critical |
| emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=packet-capture to admin/_cmdstat.jsp via the mac attribute. | ||||
| CVE-2019-19840 | 1 Ruckuswireless | 17 C110, E510, H320 and 14 more | 2024-11-21 | 9.8 Critical |
| A stack-based buffer overflow in zap_parse_args in zap.c in zap in Ruckus Unleashed through 200.7.10.102.64 allows remote code execution via an unauthenticated HTTP request. | ||||
| CVE-2019-19839 | 1 Ruckuswireless | 17 C110, E510, H320 and 14 more | 2024-11-21 | 9.8 Critical |
| emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=import-category to admin/_cmdstat.jsp via the uploadFile attribute. | ||||
| CVE-2019-19838 | 1 Ruckuswireless | 17 C110, E510, H320 and 14 more | 2024-11-21 | 9.8 Critical |
| emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=get-platform-depends to admin/_cmdstat.jsp via the uploadFile attribute. | ||||
| CVE-2019-19824 | 1 Totolink | 17 A3002ru, A3002ru Firmware, A702r and 14 more | 2024-11-21 | 8.8 High |
| On certain TOTOLINK Realtek SDK based routers, an authenticated attacker may execute arbitrary OS commands via the sysCmd parameter to the boafrm/formSysCmd URI, even if the GUI (syscmd.htm) is not available. This allows for full control over the device's internals. This affects A3002RU through 2.0.0, A702R through 2.1.3, N301RT through 2.1.6, N302R through 3.4.0, N300RT through 3.4.0, N200RE through 4.0.0, N150RT through 3.4.0, N100RE through 3.4.0, and N302RE 2.0.2. | ||||
| CVE-2019-19816 | 4 Canonical, Debian, Linux and 1 more | 18 Ubuntu Linux, Debian Linux, Linux Kernel and 15 more | 2024-11-21 | 7.8 High |
| In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image and performing some operations can cause slab-out-of-bounds write access in __btrfs_map_block in fs/btrfs/volumes.c, because a value of 1 for the number of data stripes is mishandled. | ||||
| CVE-2019-19814 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 7.8 High |
| In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause __remove_dirty_segment slab-out-of-bounds write access because an array is bounded by the number of dirty types (8) but the array index can exceed this. | ||||
| CVE-2019-19797 | 3 Debian, Fedoraproject, Xfig Project | 3 Debian Linux, Fedora, Fig2dev | 2024-11-21 | 5.5 Medium |
| read_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write. | ||||
| CVE-2019-19796 | 1 Yabasic | 1 Yabasic | 2024-11-21 | 7.8 High |
| Yabasic 2.86.2 has a heap-based buffer overflow in myformat in function.c via a crafted BASIC source file. | ||||
| CVE-2019-19795 | 1 Samurai Project | 1 Samurai | 2024-11-21 | 7.8 High |
| samurai 0.7 has a heap-based buffer overflow in canonpath in util.c via a crafted build file. | ||||