CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2019-6296 Sql 2019-01-15 2019-01-15
0.0
None ??? ??? ??? ??? ??? ???
Cleanto 5.0 has SQL Injection via the assets/lib/export_ajax.php id parameter.
2 CVE-2019-6295 Sql 2019-01-15 2019-01-15
0.0
None ??? ??? ??? ??? ??? ???
Cleanto 5.0 has SQL Injection via the assets/lib/service_method_ajax.php service_id parameter.
3 CVE-2019-6294 CSRF 2019-01-15 2019-01-15
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in EasyCMS 1.5. There is CSRF via the index.php?s=/admin/articlem/insert/navTabId/listarticle/callbackType/closeCurrent URI.
4 CVE-2019-6293 2019-01-14 2019-01-14
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in the function mark_beginning_as_normal in nfa.c in flex 2.6.4. There is a stack exhaustion problem caused by the mark_beginning_as_normal function making recursive calls to itself in certain scenarios involving lots of '*' characters. Remote attackers could leverage this vulnerability to cause a denial-of-service.
5 CVE-2019-6292 2019-01-14 2019-01-14
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in singledocparser.cpp in yaml-cpp (aka LibYaml-C++) 0.6.2. Stack Exhaustion occurs in YAML::SingleDocParser, and there is a stack consumption problem caused by recursive stack frames: HandleCompactMap, HandleMap, HandleFlowSequence, HandleSequence, HandleNode. Remote attackers could leverage this vulnerability to cause a denial-of-service via a cpp file.
6 CVE-2019-6291 2019-01-14 2019-01-14
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in the function expr6 in eval.c in Netwide Assembler (NASM) through 2.14.02. There is a stack exhaustion problem caused by the expr6 function making recursive calls to itself in certain scenarios involving lots of '!' or '+' or '-' characters. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted asm file.
7 CVE-2019-6290 2019-01-14 2019-01-14
0.0
None ??? ??? ??? ??? ??? ???
An infinite recursion issue was discovered in eval.c in Netwide Assembler (NASM) through 2.14.02. There is a stack exhaustion problem resulting from infinite recursion in the functions expr, rexp, bexpr and cexpr in certain scenarios involving lots of '{' characters. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted asm file.
8 CVE-2019-6289 Exec Code 2019-01-15 2019-01-15
0.0
None ??? ??? ??? ??? ??? ???
uploads/include/dialog/select_soft.php in DedeCMS V57_UTF8_SP2 allows remote attackers to execute arbitrary PHP code by uploading with a safe file extension and then renaming with a mixed-case variation of the .php extension, as demonstrated by the 1.pHP filename.
9 CVE-2019-6286 2019-01-14 2019-01-14
0.0
None ??? ??? ??? ??? ??? ???
In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::skip_over_scopes in prelexer.hpp when called from Sass::Parser::parse_import(), a similar issue to CVE-2018-11693.
10 CVE-2019-6285 DoS 2019-01-14 2019-01-14
0.0
None ??? ??? ??? ??? ??? ???
The SingleDocParser::HandleFlowSequence function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.
11 CVE-2019-6284 2019-01-14 2019-01-14
0.0
None ??? ??? ??? ??? ??? ???
In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::alternatives in prelexer.hpp.
12 CVE-2019-6283 2019-01-14 2019-01-14
0.0
None ??? ??? ??? ??? ??? ???
In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::parenthese_scope in prelexer.hpp.
13 CVE-2019-6278 XSS 2019-01-14 2019-01-14
0.0
None ??? ??? ??? ??? ??? ???
XSS exists in JPress v1.0.4 via Markdown input, or Markdown input with the code input option.
14 CVE-2019-6267 XSS 2019-01-14 2019-01-14
0.0
None ??? ??? ??? ??? ??? ???
The Premium WP Suite Easy Redirect Manager plugin 28.07-17 for WordPress has XSS via a crafted GET request that is mishandled during log viewing at the templates/admin/redirect-log.php URI.
15 CVE-2019-6259 Sql 2019-01-14 2019-01-14
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in idreamsoft iCMS V7.0.13. There is SQL Injection via the app/article/article.admincp.php _data_id parameter.
16 CVE-2019-6257 2019-01-14 2019-01-14
0.0
None ??? ??? ??? ??? ??? ???
A Server Side Request Forgery (SSRF) vulnerability in elFinder before 2.1.46 could allow a malicious user to access the content of internal network resources. This occurs in get_remote_contents() in php/elFinder.class.php.
17 CVE-2019-6256 DoS 2019-01-14 2019-01-14
0.0
None ??? ??? ??? ??? ??? ???
A Denial of Service issue was discovered in the LIVE555 Streaming Media libraries as used in Live555 Media Server 0.93. It can cause an RTSPServer crash in handleHTTPCmd_TunnelingPOST, when RTSP-over-HTTP tunneling is supported, via x-sessioncookie HTTP headers in a GET request and a POST request within the same TCP session. This occurs because of a call to an incorrect virtual function pointer in the readSocket function in GroupsockHelper.cpp.
18 CVE-2019-6251 2019-01-14 2019-01-14
0.0
None ??? ??? ??? ??? ??? ???
embed/ephy-web-view.c in GNOME Web (aka Epiphany) through 3.31.4 allows address bar spoofing because a page load triggered by JavaScript leads to updating an address as if it were triggered by a safer visit type (e.g., VISIT_LINK, VISIT_TYPED, VISIT_BOOKMARK, or VISIT_HOMEPAGE). This is similar to the CVE-2018-8383 issue in Microsoft Edge.
19 CVE-2019-6250 Exec Code Overflow 2019-01-13 2019-01-15
0.0
None ??? ??? ??? ??? ??? ???
A pointer overflow, with code execution, was discovered in ZeroMQ libzmq (aka 0MQ) 4.2.x and 4.3.x before 4.3.1. A v2_decoder.cpp zmq::v2_decoder_t::size_ready integer overflow allows an authenticated attacker to overwrite an arbitrary amount of bytes beyond the bounds of a buffer, which can be leveraged to run arbitrary code on the target system. The memory layout allows the attacker to inject OS commands into a data structure located immediately after the problematic buffer (i.e., it is not necessary to use a typical buffer-overflow exploitation technique that changes the flow of control).
20 CVE-2019-6249 CSRF 2019-01-13 2019-01-15
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in HuCart v5.7.4. There is a CSRF vulnerability that can add an admin account via /adminsys/index.php?load=admins&act=edit_info&act_type=add.
21 CVE-2019-6248 XSS 2019-01-12 2019-01-12
0.0
None ??? ??? ??? ??? ??? ???
PHP Scripts Mall Citysearch / Hotfrog / Gelbeseiten Clone Script 2.0.1 has Reflected XSS via the srch parameter, as demonstrated by restaurants-details.php.
22 CVE-2019-6247 Exec Code Overflow 2019-01-12 2019-01-12
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used in SVG++ (aka svgpp) 1.2.3. A heap-based buffer overflow bug in svgpp_agg_render may lead to code execution. In the render_scanlines_aa_solid function, the blend_hline function is called repeatedly multiple times. blend_hline is equivalent to a loop containing write operations. Each call writes a piece of heap data, and multiple calls overwrite the data in the heap.
23 CVE-2019-6246 2019-01-12 2019-01-12
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in SVG++ (aka svgpp) 1.2.3. After calling the gil::get_color function in Generic Image Library in Boost, the return code is used as an address, leading to an Access Violation because of an out-of-bounds read.
24 CVE-2019-6245 2019-01-12 2019-01-12
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used in SVG++ (aka svgpp) 1.2.3. In the function agg::cell_aa::not_equal, dx is assigned to (x2 - x1). If dx >= dx_limit, which is (16384 << poly_subpixel_shift), this function will call itself recursively. There can be a situation where (x2 - x1) is always bigger than dx_limit during the recursion, leading to continual stack consumption.
25 CVE-2019-6244 Exec Code CSRF 2019-01-11 2019-01-11
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in UsualToolCMS 8.0. cmsadmin/a_sqlbackx.php?t=sql allows CSRF attacks that can execute SQL statements, and consequently execute arbitrary PHP code by writing that code into a .php file.
26 CVE-2019-6243 XSS 2019-01-11 2019-01-11
0.0
None ??? ??? ??? ??? ??? ???
Frog CMS 0.9.5 allows XSS via the forgot password page (aka the /admin/?/login/forgot URI).
27 CVE-2019-6138 2019-01-11 2019-01-11
0.0
None ??? ??? ??? ??? ??? ???
An issue has been found in libIEC61850 v1.3.1. Memory_malloc and Memory_calloc in hal/memory/lib_memory.c have memory leaks when called from mms/iso_mms/common/mms_value.c, server/mms_mapping/mms_mapping.c, and server/mms_mapping/mms_sv.c (via common/string_utilities.c), as demonstrated by iec61850_9_2_LE_example.c.
28 CVE-2019-6137 2019-01-11 2019-01-11
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in lib60870 2.1.1. LinkLayer_setAddress in link_layer/link_layer.c has a NULL pointer dereference.
29 CVE-2019-6136 2019-01-11 2019-01-11
0.0
None ??? ??? ??? ??? ??? ???
An issue has been found in libIEC61850 v1.3.1. Ethernet_setProtocolFilter in hal/ethernet/linux/ethernet_linux.c has a SEGV, as demonstrated by sv_subscriber_example.c and sv_subscriber.c.
30 CVE-2019-6135 2019-01-11 2019-01-11
0.0
None ??? ??? ??? ??? ??? ???
An issue has been found in libIEC61850 v1.3.1. Memory_malloc in hal/memory/lib_memory.c has a memory leak when called from Asn1PrimitiveValue_create in mms/asn1/asn1_ber_primitive_value.c, as demonstrated by goose_publisher_example.c and iec61850_9_2_LE_example.c.
31 CVE-2019-6133 Bypass 2019-01-11 2019-01-15
0.0
None ??? ??? ??? ??? ??? ???
In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c.
32 CVE-2019-6132 2019-01-11 2019-01-11
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in Bento4 v1.5.1-627. There is a memory leak in AP4_DescriptorFactory::CreateDescriptorFromStream in Core/Ap4DescriptorFactory.cpp when called from the AP4_EsdsAtom class in Core/Ap4EsdsAtom.cpp, as demonstrated by mp42aac.
33 CVE-2019-6131 2019-01-11 2019-01-11
0.0
None ??? ??? ??? ??? ??? ???
svg-run.c in Artifex MuPDF 1.14.0 has infinite recursion with stack consumption in svg_run_use_symbol, svg_run_element, and svg_run_use, as demonstrated by mutool.
34 CVE-2019-6130 2019-01-11 2019-01-11
0.0
None ??? ??? ??? ??? ??? ???
Artifex MuPDF 1.14.0 has a SEGV in the function fz_load_page of the fitz/document.c file, as demonstrated by mutool. This is related to page-number mishandling in cbz/mucbz.c, cbz/muimg.c, and svg/svg-doc.c.
35 CVE-2019-6129 2019-01-11 2019-01-11
0.0
None ??? ??? ??? ??? ??? ???
png_create_info_struct in png.c in libpng 1.6.36 has a memory leak, as demonstrated by pngcp.
36 CVE-2019-6128 2019-01-11 2019-01-11
0.0
None ??? ??? ??? ??? ??? ???
The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak, as demonstrated by pal2rgb.
37 CVE-2019-6127 Exec Code Sql 2019-01-11 2019-01-11
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in XiaoCms 20141229. It allows admin/index.php?c=database table[] SQL injection. This can be used for PHP code execution via "INTO OUTFILE" with a .php filename.
38 CVE-2019-6126 Bypass 2019-01-11 2019-01-11
0.0
None ??? ??? ??? ??? ??? ???
The Admin Panel of PHP Scripts Mall Advance Peer to Peer MLM Script v1.7.0 allows remote attackers to bypass intended access restrictions by directly navigating to admin/dashboard.php or admin/user.php, as demonstrated by disclosure of information about users and staff.
39 CVE-2019-5893 Sql 2019-01-10 2019-01-11
0.0
None ??? ??? ??? ??? ??? ???
Nelson Open Source ERP v6.3.1 allows SQL Injection via the db/utils/query/data.xml query parameter.
40 CVE-2019-5892 DoS 2019-01-10 2019-01-11
0.0
None ??? ??? ??? ??? ??? ???
bgpd in FRRouting FRR (aka Free Range Routing) 2.x and 3.x before 3.0.4, 4.x before 4.0.1, 5.x before 5.0.2, and 6.x before 6.0.2 (not affecting Cumulus Linux or VyOS), when ENABLE_BGP_VNC is used for Virtual Network Control, allows remote attackers to cause a denial of service (peering session flap) via attribute 255 in a BGP UPDATE packet. This occurred during Disco in January 2019 because FRR does not implement RFC 7606, and therefore the packets with 255 were considered invalid VNC data and the BGP session was closed.
41 CVE-2019-5887 Dir. Trav. 2019-01-10 2019-01-10
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in ShopXO 1.2.0. In the UnlinkDir method of the FileUtil.php file, the input parameters are not checked, resulting in input mishandling by the rmdir method. Attackers can delete arbitrary files by using "../" directory traversal.
42 CVE-2019-5886 2019-01-10 2019-01-10
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in ShopXO 1.2.0. In the application\install\controller\Index.php file, there is no validation lock file in the Add method, which allows an attacker to reinstall the database. The attacker can write arbitrary code to database.php during system reinstallation.
43 CVE-2019-5884 +Info 2019-01-10 2019-01-10
0.0
None ??? ??? ??? ??? ??? ???
php/elFinder.class.php in elFinder before 2.1.45 leaks information if PHP's curl extension is enabled and safe_mode or open_basedir is not set.
44 CVE-2019-5882 2019-01-09 2019-01-09
0.0
None ??? ??? ??? ??? ??? ???
Irssi 1.1.x before 1.1.2 has a use after free when hidden lines are expired from the scroll buffer.
45 CVE-2019-5748 2019-01-09 2019-01-09
0.0
None ??? ??? ??? ??? ??? ???
In Traccar Server version 4.2, protocol/SpotProtocolDecoder.java might allow XXE attacks.
46 CVE-2019-5747 +Info 2019-01-09 2019-01-09
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in BusyBox through 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP server, client, and/or relay) might allow a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to assurance of a 4-byte length when decoding DHCP_SUBNET. NOTE: this issue exists because of an incomplete fix for CVE-2018-20679.
47 CVE-2019-5725 2019-01-08 2019-01-08
0.0
None ??? ??? ??? ??? ??? ???
qibosoft through V7 allows remote attackers to read arbitrary files via the member/index.php main parameter, as demonstrated by SSRF to a URL on the same web site to read a .sql file.
48 CVE-2019-5720 Sql 2019-01-08 2019-01-08
0.0
None ??? ??? ??? ??? ??? ???
includes/db/class.reflines_db.inc in FrontAccounting 2.4.6 contains a SQL Injection vulnerability in the reference field that can allow the attacker to grab the entire database of the application via the void_transaction.php filterType parameter.
49 CVE-2019-5489 2019-01-07 2019-01-09
0.0
None ??? ??? ??? ??? ??? ???
The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server.
50 CVE-2019-5488 Sql 2019-01-07 2019-01-07
0.0
None ??? ??? ??? ??? ??? ???
EARCLINK ESPCMS-P8 has SQL injection in the install_pack/index.php?ac=Member&at=verifyAccount verify_key parameter. install_pack/espcms_public/espcms_db.php may allow retrieving sensitive information from the ESPCMS database.
Total number of vulnerabilities : 6333   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.