Vulnerabilities (CVE)

CWE filter

CWE-20

Filter

2166 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-6339 2 Drupal, Debian 2 Drupal, Debian Linux 2019-10-09 7.5
In Drupal Core versions 7.x prior to 7.62, 8.6.x prior to 8.6.6 and 8.5.x prior to 8.5.9; A remote code execution vulnerability exists in PHP's built-in phar stream wrapper when performing file operations on an untrusted phar:// URI. Some Drupal...
CVE-2019-6155 1 Ibm 4 Bladecenter Hs23 Firmware, System X3530 M4 Firmware, System X3630 M4 Firmware and 1 more 2019-10-09 7.8
A potential vulnerability was found in an SMI handler in various BIOS versions of certain legacy IBM System x and IBM BladeCenter systems that could lead to denial of service.
CVE-2019-5420 3 Rubyonrails, Debian, Fedoraproject 3 Rails, Debian Linux, Fedora 2019-10-09 7.5
A remote code execution vulnerability in development mode Rails <5.2.2.1, <6.0.0.beta3 can allow an attacker to guess the automatically generated development mode secret token. This secret token can be used in combination with other Rails...
CVE-2019-3719 1 Dell 1 Supportassist 2019-10-09 7.9
Dell SupportAssist Client versions prior to 3.2.0.90 contain a remote code execution vulnerability. An unauthenticated attacker, sharing the network access layer with the vulnerable system, can compromise the vulnerable system by tricking a...
CVE-2019-3416 1 Zte 1 Zxv10 B860a Firmware 2019-10-09 10.0
All versions up to V81511329.1008 of ZTE ZXV10 B860A products are impacted by input validation vulnerability. Due to input validation, unauthorized users can take advantage of this vulnerability to control the user terminal system.
CVE-2019-1964 1 Cisco 1 Nx-os 2019-10-09 7.8
A vulnerability in the IPv6 traffic processing of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an unexpected restart of the netstack process on an affected device. The vulnerability is due to improper validation...
CVE-2019-1962 1 Cisco 1 Nx-os 2019-10-09 7.8
A vulnerability in the Cisco Fabric Services component of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause process crashes, which can result in a denial of service (DoS) condition on an affected system. The...
CVE-2019-1894 1 Cisco 1 Enterprise Nfv Infrastructure Software 2019-10-09 9.0
A vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker with administrator privileges to overwrite or read arbitrary files on the underlying operating system (OS) of an affected...
CVE-2019-1861 2019-10-09 9.0
A vulnerability in the software update feature of Cisco Industrial Network Director could allow an authenticated, remote attacker to execute arbitrary code. The vulnerability is due to improper validation of files uploaded to the affected...
CVE-2019-1837 1 Cisco 1 Unified Communications Manager 2019-10-09 7.8
A vulnerability in the User Data Services (UDS) API of Cisco Unified Communications Manager (Unified CM) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the management GUI. The vulnerability is due...
CVE-2019-1823 1 Cisco 3 Evolved Programmable Network Manager, Network Level Service, Prime Infrastructure 2019-10-09 9.0
A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote attacker to execute code with root-level privileges on the...
CVE-2019-1822 1 Cisco 2 Evolved Programmable Network Manager, Prime Infrastructure 2019-10-09 9.0
A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote attacker to execute code with root-level privileges on the...
CVE-2019-1716 2019-10-09 7.5
A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 7800 Series and Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS)...
CVE-2019-1710 2019-10-09 7.5
A vulnerability in the sysadmin virtual machine (VM) on Cisco ASR 9000 Series Aggregation Services Routers running Cisco IOS XR 64-bit Software could allow an unauthenticated, remote attacker to access internal applications running on the...
CVE-2019-1650 1 Cisco 8 Vbond Orchestrator, Vmanage Network Management, Vsmart Controller and 5 more 2019-10-09 9.0
A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation of the save...
CVE-2019-1634 1 Cisco 1 Unified Computing System 2019-10-09 9.0
A vulnerability in the Intelligent Platform Management Interface (IPMI) of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges on the...
CVE-2019-1598 1 Cisco 1 Nx-os 2019-10-09 7.8
Multiple vulnerabilities in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an affected device to reload,...
CVE-2019-1597 1 Cisco 1 Nx-os 2019-10-09 7.8
Multiple vulnerabilities in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an affected device to reload,...
CVE-2019-14417 1 Veritas 1 Resiliency Platform 2019-10-09 9.0
An issue was discovered in Veritas Resiliency Platform (VRP) before 3.4 HF1. An arbitrary command execution vulnerability allows a malicious VRP user to execute commands with root privilege within the VRP virtual machine, related to DNS functionality.
CVE-2019-14416 1 Veritas 1 Resiliency Platform 2019-10-09 9.0
An issue was discovered in Veritas Resiliency Platform (VRP) before 3.4 HF1. An arbitrary command execution vulnerability allows a malicious VRP user to execute commands with root privilege within the VRP virtual machine, related to resiliency...