CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2019-6462 2019-01-16 2019-01-16
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in cairo 1.16.0. There is an infinite loop in the function _arc_error_normalized in the file cairo-arc.c, related to _arc_max_angle_for_tolerance_normalized.
2 CVE-2019-6461 2019-01-16 2019-01-16
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in cairo 1.16.0. There is an assertion problem in the function _cairo_arc_in_direction in the file cairo-arc.c.
3 CVE-2019-6447 2019-01-16 2019-01-16
0.0
None ??? ??? ??? ??? ??? ???
The ES File Explorer File Manager application through 4.1.9.7.4 for Android allows remote attackers to read arbitrary files or execute applications via TCP port 59777 requests on the local Wi-Fi network. This TCP port remains open after the ES application has been launched once, and responds to unauthenticated application/json data over HTTP.
4 CVE-2019-6446 Exec Code 2019-01-16 2019-01-16
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in NumPy 1.16.0 and earlier. It uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, as demonstrated by a numpy.load call.
5 CVE-2019-6445 2019-01-16 2019-01-17
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in NTPsec before 1.1.3. An authenticated attacker can cause a NULL pointer dereference and ntpd crash in ntp_control.c, related to ctl_getitem.
6 CVE-2019-6444 2019-01-16 2019-01-17
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in NTPsec before 1.1.3. process_control() in ntp_control.c has a stack-based buffer over-read because attacker-controlled data is dereferenced by ntohl() in ntpd.
7 CVE-2019-6443 2019-01-16 2019-01-17
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in NTPsec before 1.1.3. Because of a bug in ctl_getitem, there is a stack-based buffer over-read in read_sysvars in ntp_control.c in ntpd.
8 CVE-2019-6442 2019-01-16 2019-01-17
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in NTPsec before 1.1.3. An authenticated attacker can write one byte out of bounds in ntpd via a malformed config request, related to config_remotely in ntp_config.c, yyparse in ntp_parser.tab.c, and yyerror in ntp_parser.y.
9 CVE-2019-6440 2019-01-15 2019-01-15
0.0
None ??? ??? ??? ??? ??? ???
Zemana AntiMalware before 3.0.658 Beta mishandles update logic.
10 CVE-2019-6439 Overflow 2019-01-15 2019-01-15
0.0
None ??? ??? ??? ??? ??? ???
examples/benchmark/tls_bench.c in a benchmark tool in wolfSSL through 3.15.7 has a heap-based buffer overflow.
11 CVE-2019-6296 Sql 2019-01-15 2019-01-15
0.0
None ??? ??? ??? ??? ??? ???
Cleanto 5.0 has SQL Injection via the assets/lib/export_ajax.php id parameter.
12 CVE-2019-6295 Sql 2019-01-15 2019-01-15
0.0
None ??? ??? ??? ??? ??? ???
Cleanto 5.0 has SQL Injection via the assets/lib/service_method_ajax.php service_id parameter.
13 CVE-2019-6293 2019-01-14 2019-01-14
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in the function mark_beginning_as_normal in nfa.c in flex 2.6.4. There is a stack exhaustion problem caused by the mark_beginning_as_normal function making recursive calls to itself in certain scenarios involving lots of '*' characters. Remote attackers could leverage this vulnerability to cause a denial-of-service.
14 CVE-2019-6292 2019-01-14 2019-01-14
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in singledocparser.cpp in yaml-cpp (aka LibYaml-C++) 0.6.2. Stack Exhaustion occurs in YAML::SingleDocParser, and there is a stack consumption problem caused by recursive stack frames: HandleCompactMap, HandleMap, HandleFlowSequence, HandleSequence, HandleNode. Remote attackers could leverage this vulnerability to cause a denial-of-service via a cpp file.
15 CVE-2019-6291 2019-01-14 2019-01-14
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in the function expr6 in eval.c in Netwide Assembler (NASM) through 2.14.02. There is a stack exhaustion problem caused by the expr6 function making recursive calls to itself in certain scenarios involving lots of '!' or '+' or '-' characters. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted asm file.
16 CVE-2019-6290 2019-01-14 2019-01-14
0.0
None ??? ??? ??? ??? ??? ???
An infinite recursion issue was discovered in eval.c in Netwide Assembler (NASM) through 2.14.02. There is a stack exhaustion problem resulting from infinite recursion in the functions expr, rexp, bexpr and cexpr in certain scenarios involving lots of '{' characters. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted asm file.
17 CVE-2019-6289 Exec Code 2019-01-15 2019-01-15
0.0
None ??? ??? ??? ??? ??? ???
uploads/include/dialog/select_soft.php in DedeCMS V57_UTF8_SP2 allows remote attackers to execute arbitrary PHP code by uploading with a safe file extension and then renaming with a mixed-case variation of the .php extension, as demonstrated by the 1.pHP filename.
18 CVE-2019-6286 2019-01-14 2019-01-14
0.0
None ??? ??? ??? ??? ??? ???
In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::skip_over_scopes in prelexer.hpp when called from Sass::Parser::parse_import(), a similar issue to CVE-2018-11693.
19 CVE-2019-6285 DoS 2019-01-14 2019-01-14
0.0
None ??? ??? ??? ??? ??? ???
The SingleDocParser::HandleFlowSequence function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.
20 CVE-2019-6284 2019-01-14 2019-01-14
0.0
None ??? ??? ??? ??? ??? ???
In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::alternatives in prelexer.hpp.
21 CVE-2019-6283 2019-01-14 2019-01-14
0.0
None ??? ??? ??? ??? ??? ???
In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::parenthese_scope in prelexer.hpp.
22 CVE-2019-6278 XSS 2019-01-14 2019-01-14
0.0
None ??? ??? ??? ??? ??? ???
XSS exists in JPress v1.0.4 via Markdown input, or Markdown input with the code input option.
23 CVE-2019-6257 2019-01-14 2019-01-14
0.0
None ??? ??? ??? ??? ??? ???
A Server Side Request Forgery (SSRF) vulnerability in elFinder before 2.1.46 could allow a malicious user to access the content of internal network resources. This occurs in get_remote_contents() in php/elFinder.class.php.
24 CVE-2019-6256 DoS 2019-01-14 2019-01-14
0.0
None ??? ??? ??? ??? ??? ???
A Denial of Service issue was discovered in the LIVE555 Streaming Media libraries as used in Live555 Media Server 0.93. It can cause an RTSPServer crash in handleHTTPCmd_TunnelingPOST, when RTSP-over-HTTP tunneling is supported, via x-sessioncookie HTTP headers in a GET request and a POST request within the same TCP session. This occurs because of a call to an incorrect virtual function pointer in the readSocket function in GroupsockHelper.cpp.
25 CVE-2019-6251 2019-01-14 2019-01-14
0.0
None ??? ??? ??? ??? ??? ???
embed/ephy-web-view.c in GNOME Web (aka Epiphany) through 3.31.4 allows address bar spoofing because a page load triggered by JavaScript leads to updating an address as if it were triggered by a safer visit type (e.g., VISIT_LINK, VISIT_TYPED, VISIT_BOOKMARK, or VISIT_HOMEPAGE). This is similar to the CVE-2018-8383 issue in Microsoft Edge.
26 CVE-2019-6250 Exec Code Overflow 2019-01-13 2019-01-15
0.0
None ??? ??? ??? ??? ??? ???
A pointer overflow, with code execution, was discovered in ZeroMQ libzmq (aka 0MQ) 4.2.x and 4.3.x before 4.3.1. A v2_decoder.cpp zmq::v2_decoder_t::size_ready integer overflow allows an authenticated attacker to overwrite an arbitrary amount of bytes beyond the bounds of a buffer, which can be leveraged to run arbitrary code on the target system. The memory layout allows the attacker to inject OS commands into a data structure located immediately after the problematic buffer (i.e., it is not necessary to use a typical buffer-overflow exploitation technique that changes the flow of control).
27 CVE-2019-6247 Exec Code Overflow 2019-01-12 2019-01-12
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used in SVG++ (aka svgpp) 1.2.3. A heap-based buffer overflow bug in svgpp_agg_render may lead to code execution. In the render_scanlines_aa_solid function, the blend_hline function is called repeatedly multiple times. blend_hline is equivalent to a loop containing write operations. Each call writes a piece of heap data, and multiple calls overwrite the data in the heap.
28 CVE-2019-6246 2019-01-12 2019-01-12
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in SVG++ (aka svgpp) 1.2.3. After calling the gil::get_color function in Generic Image Library in Boost, the return code is used as an address, leading to an Access Violation because of an out-of-bounds read.
29 CVE-2019-6245 2019-01-12 2019-01-12
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used in SVG++ (aka svgpp) 1.2.3. In the function agg::cell_aa::not_equal, dx is assigned to (x2 - x1). If dx >= dx_limit, which is (16384 << poly_subpixel_shift), this function will call itself recursively. There can be a situation where (x2 - x1) is always bigger than dx_limit during the recursion, leading to continual stack consumption.
30 CVE-2019-6244 Exec Code CSRF 2019-01-11 2019-01-11
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in UsualToolCMS 8.0. cmsadmin/a_sqlbackx.php?t=sql allows CSRF attacks that can execute SQL statements, and consequently execute arbitrary PHP code by writing that code into a .php file.
31 CVE-2019-6138 2019-01-11 2019-01-11
0.0
None ??? ??? ??? ??? ??? ???
An issue has been found in libIEC61850 v1.3.1. Memory_malloc and Memory_calloc in hal/memory/lib_memory.c have memory leaks when called from mms/iso_mms/common/mms_value.c, server/mms_mapping/mms_mapping.c, and server/mms_mapping/mms_sv.c (via common/string_utilities.c), as demonstrated by iec61850_9_2_LE_example.c.
32 CVE-2019-6137 2019-01-11 2019-01-11
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in lib60870 2.1.1. LinkLayer_setAddress in link_layer/link_layer.c has a NULL pointer dereference.
33 CVE-2019-6136 2019-01-11 2019-01-11
0.0
None ??? ??? ??? ??? ??? ???
An issue has been found in libIEC61850 v1.3.1. Ethernet_setProtocolFilter in hal/ethernet/linux/ethernet_linux.c has a SEGV, as demonstrated by sv_subscriber_example.c and sv_subscriber.c.
34 CVE-2019-6135 2019-01-11 2019-01-11
0.0
None ??? ??? ??? ??? ??? ???
An issue has been found in libIEC61850 v1.3.1. Memory_malloc in hal/memory/lib_memory.c has a memory leak when called from Asn1PrimitiveValue_create in mms/asn1/asn1_ber_primitive_value.c, as demonstrated by goose_publisher_example.c and iec61850_9_2_LE_example.c.
35 CVE-2019-6133 Bypass 2019-01-11 2019-01-15
0.0
None ??? ??? ??? ??? ??? ???
In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c.
36 CVE-2019-6132 2019-01-11 2019-01-11
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in Bento4 v1.5.1-627. There is a memory leak in AP4_DescriptorFactory::CreateDescriptorFromStream in Core/Ap4DescriptorFactory.cpp when called from the AP4_EsdsAtom class in Core/Ap4EsdsAtom.cpp, as demonstrated by mp42aac.
37 CVE-2019-6131 2019-01-11 2019-01-16
0.0
None ??? ??? ??? ??? ??? ???
svg-run.c in Artifex MuPDF 1.14.0 has infinite recursion with stack consumption in svg_run_use_symbol, svg_run_element, and svg_run_use, as demonstrated by mutool.
38 CVE-2019-6130 2019-01-11 2019-01-16
0.0
None ??? ??? ??? ??? ??? ???
Artifex MuPDF 1.14.0 has a SEGV in the function fz_load_page of the fitz/document.c file, as demonstrated by mutool. This is related to page-number mishandling in cbz/mucbz.c, cbz/muimg.c, and svg/svg-doc.c.
39 CVE-2019-6127 Exec Code Sql 2019-01-11 2019-01-11
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in XiaoCms 20141229. It allows admin/index.php?c=database table[] SQL injection. This can be used for PHP code execution via "INTO OUTFILE" with a .php filename.
40 CVE-2019-6126 Bypass 2019-01-11 2019-01-11
0.0
None ??? ??? ??? ??? ??? ???
The Admin Panel of PHP Scripts Mall Advance Peer to Peer MLM Script v1.7.0 allows remote attackers to bypass intended access restrictions by directly navigating to admin/dashboard.php or admin/user.php, as demonstrated by disclosure of information about users and staff.
41 CVE-2019-5892 DoS 2019-01-10 2019-01-11
0.0
None ??? ??? ??? ??? ??? ???
bgpd in FRRouting FRR (aka Free Range Routing) 2.x and 3.x before 3.0.4, 4.x before 4.0.1, 5.x before 5.0.2, and 6.x before 6.0.2 (not affecting Cumulus Linux or VyOS), when ENABLE_BGP_VNC is used for Virtual Network Control, allows remote attackers to cause a denial of service (peering session flap) via attribute 255 in a BGP UPDATE packet. This occurred during Disco in January 2019 because FRR does not implement RFC 7606, and therefore the packets with 255 were considered invalid VNC data and the BGP session was closed.
42 CVE-2019-5887 Dir. Trav. 2019-01-10 2019-01-10
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in ShopXO 1.2.0. In the UnlinkDir method of the FileUtil.php file, the input parameters are not checked, resulting in input mishandling by the rmdir method. Attackers can delete arbitrary files by using "../" directory traversal.
43 CVE-2019-5886 2019-01-10 2019-01-10
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in ShopXO 1.2.0. In the application\install\controller\Index.php file, there is no validation lock file in the Add method, which allows an attacker to reinstall the database. The attacker can write arbitrary code to database.php during system reinstallation.
44 CVE-2019-5884 +Info 2019-01-10 2019-01-10
0.0
None ??? ??? ??? ??? ??? ???
php/elFinder.class.php in elFinder before 2.1.45 leaks information if PHP's curl extension is enabled and safe_mode or open_basedir is not set.
45 CVE-2019-5748 2019-01-09 2019-01-09
0.0
None ??? ??? ??? ??? ??? ???
In Traccar Server version 4.2, protocol/SpotProtocolDecoder.java might allow XXE attacks.
46 CVE-2019-5725 2019-01-08 2019-01-08
0.0
None ??? ??? ??? ??? ??? ???
qibosoft through V7 allows remote attackers to read arbitrary files via the member/index.php main parameter, as demonstrated by SSRF to a URL on the same web site to read a .sql file.
47 CVE-2019-5720 Sql 2019-01-08 2019-01-08
0.0
None ??? ??? ??? ??? ??? ???
includes/db/class.reflines_db.inc in FrontAccounting 2.4.6 contains a SQL Injection vulnerability in the reference field that can allow the attacker to grab the entire database of the application via the void_transaction.php filterType parameter.
48 CVE-2019-5489 2019-01-07 2019-01-09
0.0
None ??? ??? ??? ??? ??? ???
The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server.
49 CVE-2019-5488 Sql 2019-01-07 2019-01-07
0.0
None ??? ??? ??? ??? ??? ???
EARCLINK ESPCMS-P8 has SQL injection in the install_pack/index.php?ac=Member&at=verifyAccount verify_key parameter. install_pack/espcms_public/espcms_db.php may allow retrieving sensitive information from the ESPCMS database.
50 CVE-2019-5009 Exec Code Bypass 2019-01-04 2019-01-04
0.0
None ??? ??? ??? ??? ??? ???
Vtiger CRM 7.1.0 before Hotfix2 allows uploading files with the extension "php3" in the logo upload field, if the uploaded file is in PNG format and has a size of 150x40. One can put PHP code into the image; PHP code can be executed using "<? ?>" tags, as demonstrated by a CompanyDetailsSave action. This bypasses the bad-file-extensions protection mechanism. It is related to actions/CompanyDetailsSave.php, actions/UpdateCompanyLogo.php, and models/CompanyDetails.php.
Total number of vulnerabilities : 1154   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.