Export limit exceeded: 19322 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19322 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-13706 | 3 Google, Opensuse, Redhat | 3 Chrome, Backports Sle, Rhel Extras | 2024-11-21 | 7.8 High |
| Out of bounds memory access in PDFium in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | ||||
| CVE-2019-13700 | 3 Google, Opensuse, Redhat | 3 Chrome, Backports Sle, Rhel Extras | 2024-11-21 | 8.8 High |
| Out of bounds memory access in the gamepad API in Google Chrome prior to 78.0.3904.70 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2019-13698 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Out of bounds memory access in JavaScript in Google Chrome prior to 73.0.3683.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2019-13670 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-11-21 | 6.5 Medium |
| Insufficient data validation in JavaScript in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2019-13653 | 1 Tp-link | 2 M7350, M7350 Firmware | 2024-11-21 | 9.8 Critical |
| TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow triggerPort OS Command Injection (issue 5 of 5). | ||||
| CVE-2019-13652 | 1 Tp-link | 2 M7350, M7350 Firmware | 2024-11-21 | 9.8 Critical |
| TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow serviceName OS Command Injection (issue 4 of 5). | ||||
| CVE-2019-13651 | 1 Tp-link | 2 M7350, M7350 Firmware | 2024-11-21 | 9.8 Critical |
| TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow portMappingProtocol OS Command Injection (issue 3 of 5). | ||||
| CVE-2019-13650 | 1 Tp-link | 2 M7350, M7350 Firmware | 2024-11-21 | 9.8 Critical |
| TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow internalPort OS Command Injection (issue 2 of 5). | ||||
| CVE-2019-13649 | 1 Tp-link | 2 M7350, M7350 Firmware | 2024-11-21 | 9.8 Critical |
| TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow externalPort OS Command Injection (issue 1 of 5). | ||||
| CVE-2019-13640 | 1 Qbittorrent | 1 Qbittorrent | 2024-11-21 | N/A |
| In qBittorrent before 4.1.7, the function Application::runExternalProgram() located in app/application.cpp allows command injection via shell metacharacters in the torrent name parameter or current tracker parameter, as demonstrated by remote command execution via a crafted name within an RSS feed. | ||||
| CVE-2019-13638 | 3 Debian, Gnu, Redhat | 7 Debian Linux, Patch, Enterprise Linux and 4 more | 2024-11-21 | N/A |
| GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156. | ||||
| CVE-2019-13631 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-11-21 | N/A |
| In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel through 5.2.1, a malicious USB device can send an HID report that triggers an out-of-bounds write during generation of debugging messages. | ||||
| CVE-2019-13616 | 6 Canonical, Debian, Fedoraproject and 3 more | 14 Ubuntu Linux, Debian Linux, Fedora and 11 more | 2024-11-21 | 8.1 High |
| SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c. | ||||
| CVE-2019-13614 | 1 Tp-link | 2 Archer C1200, Archer C1200 Firmware | 2024-11-21 | N/A |
| CMD_SET_CONFIG_COUNTRY in the TP-Link Device Debug protocol in TP-Link Archer C1200 1.0.0 Build 20180502 rel.45702 and earlier is prone to a stack-based buffer overflow, which allows a remote attacker to achieve code execution or denial of service by sending a crafted payload to the listening server. | ||||
| CVE-2019-13613 | 1 Tp-link | 2 Archer C1200, Archer C1200 Firmware | 2024-11-21 | N/A |
| CMD_FTEST_CONFIG in the TP-Link Device Debug protocol in TP-Link Wireless Router Archer Router version 1.0.0 Build 20180502 rel.45702 (EU) and earlier is prone to a stack-based buffer overflow, which allows a remote attacker to achieve code execution or denial of service by sending a crafted payload to the listening server. | ||||
| CVE-2019-13602 | 4 Canonical, Debian, Opensuse and 1 more | 5 Ubuntu Linux, Debian Linux, Backports Sle and 2 more | 2024-11-21 | 7.8 High |
| An Integer Underflow in MP4_EIA608_Convert() in modules/demux/mp4/mp4.c in VideoLAN VLC media player through 3.0.7.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and crash) or possibly have unspecified other impact via a crafted .mp4 file. | ||||
| CVE-2019-13598 | 1 Getvera | 2 Vera Edge, Vera Edge Firmware | 2024-11-21 | N/A |
| LuaUPnP in Vera Edge Home Controller 1.7.4452 allows remote unauthenticated users to execute arbitrary OS commands via the code parameter to /port_3480/data_request because the "No unsafe lua allowed" code block is skipped. | ||||
| CVE-2019-13597 | 1 Sahipro | 1 Sahi Pro | 2024-11-21 | N/A |
| _s_/sprm/_s_/dyn/Player_setScriptFile in Sahi Pro 8.0.0 allows command execution. It allows one to run ".sah" scripts via Sahi Launcher. Also, one can create a new script with an editor. It is possible to execute commands on the server using the _execute() function. | ||||
| CVE-2019-13585 | 1 Fanucamerica | 1 Robotics Virtual Robot Controller | 2024-11-21 | 9.8 Critical |
| The remote admin webserver on FANUC Robotics Virtual Robot Controller 8.23 has a Buffer Overflow via a forged HTTP request. | ||||
| CVE-2019-13582 | 1 Marvell | 2 88w8688, 88w8688 Firmware | 2024-11-21 | 9.8 Critical |
| An issue was discovered in Marvell 88W8688 Wi-Fi firmware before version p52, as used on Tesla Model S/X vehicles manufactured before March 2018, via the Parrot Faurecia Automotive FC6050W module. A stack overflow could lead to denial of service or arbitrary code execution. | ||||