CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 7 and 7.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
4651 CVE-2019-9348 20 DoS 2019-09-27 2019-09-30
7.1
None Remote Medium Not required None None Complete
In libstagefright, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-128431761
4652 CVE-2019-9345 2019-09-06 2020-08-24
7.2
None Local Low Not required Complete Complete Complete
In the Android kernel in sdcardfs there is a possible violation of the separation of data between profiles due to shared mapping of obb files. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.
4653 CVE-2019-9301 787 Exec Code Overflow 2019-09-27 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112663384
4654 CVE-2019-9275 416 2019-09-06 2019-09-09
7.5
None Remote Low Not required Partial Partial Partial
In the Android kernel in the mnh driver there is a use after free due to improper locking. This could lead to escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
4655 CVE-2019-9266 787 2019-09-27 2019-10-02
7.2
None Local Low Not required Complete Complete Complete
In sensorservice, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-119501435
4656 CVE-2019-9259 787 2019-09-27 2020-08-24
7.2
None Local Low Not required Complete Complete Complete
In the Bluetooth stack, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113575306
4657 CVE-2019-9254 20 Exec Code 2019-09-05 2019-09-06
7.2
None Local Low Not required Complete Complete Complete
In readArgumentList of zygote.java in Android 10, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
4658 CVE-2019-9227 94 Exec Code 2019-02-28 2019-02-28
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in baigo CMS 2.1.1. There is a vulnerability that allows remote attackers to execute arbitrary code. A BG_SITE_NAME parameter with malicious code can be written into the opt_base.inc.php file.
4659 CVE-2019-9218 2019-05-29 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control (issue 1 of 5).
4660 CVE-2019-9217 2019-04-17 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. Its User Interface has a Misrepresentation of Critical Information.
4661 CVE-2019-9215 20 2019-02-28 2020-07-07
7.5
None Remote Low Not required Partial Partial Partial
In Live555 before 2019.02.27, malformed headers lead to invalid memory access in the parseAuthorizationHeader function.
4662 CVE-2019-9212 184 Exec Code 2019-02-27 2020-02-10
7.5
None Remote Low Not required Partial Partial Partial
** DISPUTED ** SOFA-Hessian through 4.0.2 allows remote attackers to execute arbitrary commands via a crafted serialized Hessian object because blacklisting of com.caucho.naming.QName and com.sun.org.apache.xpath.internal.objects.XString is mishandled, related to Resin Gadget. NOTE: The vendor doesn’t consider this issue a vulnerability because the blacklist is being misused. SOFA Hessian supports custom blacklist and a disclaimer was posted encouraging users to update the blacklist or to use the whitelist feature for their specific needs since the blacklist is not being actively updated.
4663 CVE-2019-9204 89 Exec Code Sql 2019-03-28 2019-04-15
7.5
None Remote Low Not required Partial Partial Partial
SQL injection vulnerability in Nagios IM (component of Nagios XI) before 2.2.7 allows attackers to execute arbitrary SQL commands.
4664 CVE-2019-9203 Bypass 2019-03-28 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
Authorization bypass in Nagios IM (component of Nagios XI) before 2.2.7 allows closing incidents in IM via the API.
4665 CVE-2019-9195 22 Exec Code Dir. Trav. 2019-02-26 2020-01-28
7.5
None Remote Low Not required Partial Partial Partial
util/src/zip.rs in Grin before 1.0.2 mishandles suspicious files. An attacker can execute arbitrary code via directory traversal in a ZIP archive.
4666 CVE-2019-9194 78 2019-02-26 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
elFinder before 2.1.48 has a command injection vulnerability in the PHP connector.
4667 CVE-2019-9186 20 Exec Code 2019-07-03 2019-07-10
7.5
None Remote Low Not required Partial Partial Partial
In several JetBrains IntelliJ IDEA versions, a Spring Boot run configuration with the default setting allowed remote attackers to execute code when the configuration is running, because a JMX server listens on all interfaces (instead of listening on only the localhost interface). This issue has been fixed in the following versions: 2019.1, 2018.3.4, 2018.2.8, 2018.1.8, and 2017.3.7.
4668 CVE-2019-9184 89 Exec Code Sql 2019-02-26 2019-04-25
7.5
None Remote Low Not required Partial Partial Partial
SQL injection vulnerability in the J2Store plugin 3.x before 3.3.7 for Joomla! allows remote attackers to execute arbitrary SQL commands via the product_option[] parameter.
4669 CVE-2019-9177 400 2019-05-29 2019-05-29
7.8
None Remote Low Not required None None Complete
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It allows Uncontrolled Resource Consumption (issue 2 of 2).
4670 CVE-2019-9174 918 2019-04-17 2019-04-17
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It allows SSRF.
4671 CVE-2019-9169 125 2019-02-26 2020-07-09
7.5
None Remote Low Not required Partial Partial Partial
In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.
4672 CVE-2019-9166 732 2019-03-28 2020-08-24
7.2
None Local Low Not required Complete Complete Complete
Privilege escalation in Nagios XI before 5.5.11 allows local attackers to elevate privileges to root via write access to config.inc.php and import_xiconfig.php.
4673 CVE-2019-9165 89 Exec Code Sql 2019-03-28 2019-04-15
7.5
None Remote Low Not required Partial Partial Partial
SQL injection vulnerability in Nagios XI before 5.5.11 allows attackers to execute arbitrary SQL commands via the API when using fusekeys and malicious user id.
4674 CVE-2019-9163 94 Exec Code 2020-04-01 2020-04-03
7.5
None Remote Low Not required Partial Partial Partial
The connection initiation process in March Networks Command Client before 2.7.2 allows remote attackers to execute arbitrary code via crafted XAML objects.
4675 CVE-2019-9146 2019-02-25 2020-08-24
7.9
None Local Network Medium Not required Complete Complete Complete
Jamf Self Service 10.9.0 allows man-in-the-middle attackers to obtain a root shell by leveraging the "publish Bash shell scripts" feature to insert "/Applications/Utilities/Terminal app/Contents/MacOS/Terminal" into the TCP data stream.
4676 CVE-2019-9141 20 Exec Code 2019-08-02 2019-10-09
7.5
None Remote Low Not required Partial Partial Partial
ZInsVX.dll ActiveX Control 2018.02 and earlier in Zoneplayer contains a vulnerability that could allow remote attackers to execute arbitrary files by setting the arguments to the ActiveX method. This can be leveraged for remote code execution.
4677 CVE-2019-9134 787 Exec Code Overflow 2019-04-09 2020-10-22
7.5
None Remote Low Not required Partial Partial Partial
Architectural Information System 1.0 and earlier versions have a Stack-based buffer overflow, allows remote attackers to execute arbitrary code.
4678 CVE-2019-9125 787 Overflow 2019-02-25 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered on D-Link DIR-878 1.12B01 devices. Because strncpy is misused, there is a stack-based buffer overflow vulnerability that does not require authentication via the HNAP_AUTH HTTP header.
4679 CVE-2019-9124 287 2019-02-25 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered on D-Link DIR-878 1.12B01 devices. At the /HNAP1 URI, an attacker can log in with a blank password.
4680 CVE-2019-9123 521 2019-02-25 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. The "user" account has a blank password.
4681 CVE-2019-9115 20 Exec Code 2019-02-25 2019-02-25
7.5
None Remote Low Not required Partial Partial Partial
In irisnet-crypto before 1.1.7 for IRISnet, the util/utils.js file allows code execution because of unsafe eval usage.
4682 CVE-2019-9112 190 Overflow 2019-02-25 2019-02-26
7.1
None Remote Medium Not required None None Complete
The msm gpu driver for custom Linux kernels on the Xiaomi perseus-p-oss MIX 3 device through 2018-11-26 has an integer overflow and OOPS because of missing checks of the count argument in _sde_debugfs_conn_cmd_tx_write in drivers/gpu/drm/msm/sde/sde_connector.c. This is exploitable for a device crash via a syscall by a crafted application on a rooted device.
4683 CVE-2019-9111 190 Overflow 2019-02-25 2019-02-26
7.1
None Remote Medium Not required None None Complete
The msm gpu driver for custom Linux kernels on the Xiaomi perseus-p-oss MIX 3 device through 2018-11-26 has an integer overflow and OOPS because of missing checks of the count argument in sde_evtlog_filter_write in drivers/gpu/drm/msm/sde_dbg.c. This is exploitable for a device crash via a syscall by a crafted application on a rooted device.
4684 CVE-2019-9106 22 Exec Code Dir. Trav. 2019-05-31 2019-06-03
7.5
None Remote Low Not required Partial Partial Partial
The WebApp v04.68 in the supervisor on SAET Impianti Speciali TEBE Small 05.01 build 1137 devices allows remote attackers to execute or include local .php files, as demonstrated by menu=php://filter/convert.base64-encode/resource=index.php to read index.php.
4685 CVE-2019-9099 120 Exec Code Overflow 2020-03-11 2020-03-17
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. A Buffer overflow in the built-in web server allows remote attackers to initiate DoS, and probably to execute arbitrary code (issue 1 of 2).
4686 CVE-2019-9087 89 Sql 2019-06-07 2019-07-01
7.5
None Remote Low Not required Partial Partial Partial
HotelDruid before v2.3.1 has SQL Injection via the /tab_tariffe.php numtariffa1 parameter.
4687 CVE-2019-9086 89 Sql 2019-06-07 2019-07-01
7.5
None Remote Low Not required Partial Partial Partial
HotelDruid before v2.3.1 has SQL Injection via the /visualizza_tabelle.php anno parameter.
4688 CVE-2019-9083 89 Sql 2019-03-21 2019-03-25
7.5
None Remote Low Not required Partial Partial Partial
SQLiteManager 1.20 and 1.24 allows SQL injection via the /sqlitemanager/main.php dbsel parameter. NOTE: This product is discontinued.
4689 CVE-2019-9081 502 Exec Code 2019-02-24 2019-02-26
7.5
None Remote Low Not required Partial Partial Partial
The Illuminate component of Laravel Framework 5.7.x has a deserialization vulnerability that can lead to remote code execution if the content is controllable, related to the __destruct method of the PendingCommand class in PendingCommand.php.
4690 CVE-2019-9047 89 Sql 2019-02-23 2019-02-25
7.5
None Remote Low Not required Partial Partial Partial
GoRose v1.0.4 has SQL Injection when the order_by or group_by parameter can be controlled.
4691 CVE-2019-9039 89 DoS Sql 2019-06-26 2020-02-10
7.5
None Remote Low Not required Partial Partial Partial
In Couchbase Sync Gateway 2.1.2, an attacker with access to the Sync Gateway’s public REST API was able to issue additional N1QL statements and extract sensitive data or call arbitrary N1QL functions through the parameters "startkey" and "endkey" on the "_all_docs" endpoint. By issuing nested queries with CPU-intensive operations they may have been able to cause increased resource usage and denial of service conditions. The _all_docs endpoint is not required for Couchbase Mobile replication and external access to this REST endpoint has been blocked to mitigate this issue. This issue has been fixed in versions 2.5.0 and 2.1.3.
4692 CVE-2019-9025 119 Overflow 2019-02-22 2019-04-17
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in PHP 7.3.x before 7.3.1. An invalid multibyte string supplied as an argument to the mb_split() function in ext/mbstring/php_mbregex.c can cause PHP to execute memcpy() with a negative argument, which could read and write past buffers allocated for the data.
4693 CVE-2019-9023 125 2019-02-22 2019-06-18
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A number of heap-based buffer over-read instances are present in mbstring regular expression functions when supplied with invalid multibyte data. These occur in ext/mbstring/oniguruma/regcomp.c, ext/mbstring/oniguruma/regexec.c, ext/mbstring/oniguruma/regparse.c, ext/mbstring/oniguruma/enc/unicode.c, and ext/mbstring/oniguruma/src/utf32_be.c when a multibyte regular expression pattern contains invalid multibyte sequences.
4694 CVE-2019-9021 125 2019-02-22 2019-06-18
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A heap-based buffer over-read in PHAR reading functions in the PHAR extension may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse the file name, a different vulnerability than CVE-2018-20783. This is related to phar_detect_phar_fname_ext in ext/phar/phar.c.
4695 CVE-2019-9020 125 2019-02-22 2019-06-18
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. Invalid input to the function xmlrpc_decode() can lead to an invalid memory access (heap out of bounds read or read after free). This is related to xml_elem_parse_buf in ext/xmlrpc/libxmlrpc/xml_element.c.
4696 CVE-2019-9012 770 2019-08-15 2020-08-24
7.8
None Remote Low Not required None None Complete
An issue was discovered in 3S-Smart CODESYS V3 products. A crafted communication request may cause uncontrolled memory allocations in the affected CODESYS products and may result in a denial-of-service condition. All variants of the following CODESYS V3 products in all versions prior to v3.5.14.20 that contain the CmpGateway component are affected, regardless of the CPU type or operating system: CODESYS Control for BeagleBone, CODESYS Control for emPC-A/iMX6, CODESYS Control for IOT2000, CODESYS Control for Linux, CODESYS Control for PFC100, CODESYS Control for PFC200, CODESYS Control for Raspberry Pi, CODESYS Control V3 Runtime System Toolkit, CODESYS Gateway V3, CODESYS V3 Development System.
4697 CVE-2019-9010 2019-08-15 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in 3S-Smart CODESYS V3 products. The CODESYS Gateway does not correctly verify the ownership of a communication channel. All variants of the following CODESYS V3 products in all versions prior to v3.5.14.20 that contain the CmpGateway component are affected, regardless of the CPU type or operating system: CODESYS Control for BeagleBone, CODESYS Control for emPC-A/iMX6, CODESYS Control for IOT2000, CODESYS Control for Linux, CODESYS Control for PFC100, CODESYS Control for PFC200, CODESYS Control for Raspberry Pi, CODESYS Control V3 Runtime System Toolkit, CODESYS Gateway V3, CODESYS V3 Development System.
4698 CVE-2019-9003 416 Exec Code 2019-02-22 2021-06-02
7.8
None Remote Low Not required None None Complete
In the Linux kernel before 4.20.5, attackers can trigger a drivers/char/ipmi/ipmi_msghandler.c use-after-free and OOPS by arranging for certain simultaneous execution of the code, as demonstrated by a "service ipmievd restart" loop.
4699 CVE-2019-9002 94 Exec Code 2019-02-22 2019-02-22
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in Tiny Issue 1.3.1 and pixeline Bugs through 1.3.2c. install/config-setup.php allows remote attackers to execute arbitrary PHP code via the database_host parameter if the installer remains present in its original directory after installation is completed.
4700 CVE-2019-8996 119 Overflow 2019-02-21 2019-02-22
7.5
None Remote Low Not required Partial Partial Partial
In Signiant Manager+Agents before 13.5, the implementation of the set command has a Buffer Overflow.
Total number of vulnerabilities : 32054   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 (This Page)95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 635 636 637 638 639 640 641 642
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.