Vulnerabilities (CVE)

Filter

39151 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-9533 1 Cobham 1 Explorer 710 Firmware 2019-10-16 10.0
The root password of the Cobham EXPLORER 710 is the same for all versions of firmware up to and including v1.08. This could allow an attacker to reverse-engineer the password from available versions to gain authenticated access to the device.
CVE-2019-2184 1 Google 1 Android 2019-10-16 9.3
In PV_DecodePredictedIntraDC of dec_pred_intra_dc.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for...
CVE-2019-9535 1 Iterm2 1 Iterm2 2019-10-16 10.0
A vulnerability exists in the way that iTerm2 integrates with tmux's control mode, which may allow an attacker to execute arbitrary commands by providing malicious output to the terminal. This affects versions of iTerm2 up to and including 3.3.5....
CVE-2019-16905 1 Openbsd 1 Openssh 2019-10-16 7.5
OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and remote code...
CVE-2019-2185 1 Google 1 Android 2019-10-16 9.3
In VlcDequantH263IntraBlock_SH of vlc_dequant.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for...
CVE-2019-2186 1 Google 1 Android 2019-10-16 9.3
In GetMBheader of combined_decode.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for...
CVE-2019-17389 1 Riot-os 1 Riot 2019-10-16 7.8
In RIOT 2019.07, the MQTT-SN implementation (asymcute) mishandles errors occurring during a read operation on a UDP socket. The receive loop ends. This allows an attacker (via a large packet) to prevent a RIOT MQTT-SN client from working until...
CVE-2019-16278 1 Nazgul 1 Nostromo Nhttpd 2019-10-16 7.5
Directory Traversal in the function http_verify in nostromo nhttpd through 1.9.6 allows an attacker to achieve remote code execution via a crafted HTTP request.
CVE-2019-17320 1 Netsarang 1 Xftp 2019-10-16 7.5
NetSarang XFTP Client 6.0149 and earlier version contains a buffer overflow vulnerability caused by improper boundary checks when copying file name from an attacker controlled FTP server. That leads attacker to execute arbitrary code by sending a...
CVE-2019-17508 1 Dlink 2 Dir-850l A Firmware, Dir-859 A3 Firmware 2019-10-16 10.0
On D-Link DIR-859 A3-1.06 and DIR-850 A1.13 devices, /etc/services/DEVICE.TIME.php allows command injection via the $SERVER variable.
CVE-2019-17059 1 Sophos 1 Cyberoamos 2019-10-16 10.0
A shell injection vulnerability on the Sophos Cyberoam firewall appliance with CyberoamOS before 10.6.6 MR-6 allows remote attackers to execute arbitrary commands via the Web Admin and SSL VPN consoles.
CVE-2015-5040 1 Ibm 1 Domino 2019-10-16 7.5
Buffer overflow in IBM Domino 8.5.1 through 8.5.3 before 8.5.3 FP6 IF10 and 9.x before 9.0.1 FP4 IF3 allows remote attackers to execute arbitrary code or cause a denial of service (SMTP daemon crash) via a crafted GIF image, aka SPRs KLYH9ZDKRE...
CVE-2015-0134 1 Ibm 1 Domino 2019-10-16 10.0
Buffer overflow in the SSLv2 implementation in IBM Domino 8.5.x before 8.5.1 FP5 IF3, 8.5.2 before FP4 IF3, 8.5.3 before FP6 IF6, 9.0 before IF7, and 9.0.1 before FP2 IF3 allows remote attackers to execute arbitrary code via unspecified vectors.
CVE-2015-0135 1 Ibm 1 Domino 2019-10-16 10.0
IBM Domino 8.5 before 8.5.3 FP6 IF4 and 9.0 before 9.0.1 FP3 IF2 allows remote attackers to execute arbitrary code or cause a denial of service (integer truncation and application crash) via a crafted GIF image, aka SPR KLYH9T7NT9.
CVE-2015-1903 1 Ibm 1 Domino 2019-10-16 10.0
Stack-based buffer overflow in IBM Domino 8.5 before 8.5.3 FP6 IF7 and 9.0 before 9.0.1 FP3 IF3 allows remote attackers to execute arbitrary code via a crafted BMP image, aka SPR KLYH9TSN3Y.
CVE-2015-0117 1 Ibm 1 Domino 2019-10-16 10.0
The LDAP Server in IBM Domino 8.5.x before 8.5.3 FP6 IF6 and 9.x before 9.0.1 FP3 IF1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, aka SPR KLYH9SLRGM.
CVE-2015-4994 1 Ibm 1 Domino 2019-10-16 7.5
Buffer overflow in IBM Domino 8.5.1 through 8.5.3 before 8.5.3 FP6 IF10 and 9.x before 9.0.1 FP4 IF3 allows remote attackers to execute arbitrary code or cause a denial of service (SMTP daemon crash) via a crafted GIF image, aka SPRs KLYH9ZDKRE...
CVE-2015-1902 1 Ibm 1 Domino 2019-10-16 10.0
Stack-based buffer overflow in IBM Domino 8.5 before 8.5.3 FP6 IF7 and 9.0 before 9.0.1 FP3 IF3 allows remote attackers to execute arbitrary code via a crafted BMP image, aka SPR KLYH9TSMLA.
CVE-2019-17124 1 Kramerav 1 Viaware 2019-10-15 10.0
Kramer VIAware 2.5.0719.1034 has Incorrect Access Control.
CVE-2019-17600 1 Intelbras 1 Iwr 1000n Firmware 2019-10-15 10.0
Intelbras IWR 1000N 1.6.4 devices allows disclosure of the administrator login name and password because v1/system/user is mishandled.