Vulnerabilities (CVE)

Filter

72085 total CVE
CVE Vendors Products Updated CVSS
CVE-2017-18508 1 Wp-livechat 1 Wp Live Chat Support 2019-08-25 4.3
The wp-live-chat-support plugin before 7.1.03 for WordPress has XSS.
CVE-2019-14459 1 Nfdump Project 1 Nfdump 2019-08-24 5.0
nfdump 1.6.17 and earlier is affected by an integer overflow in the function Process_ipfix_template_withdraw in ipfix.c that can be abused in order to crash the process remotely (denial of service).
CVE-2019-1010057 1 Nfdump Project 1 Nfdump 2019-08-24 6.8
nfdump 1.6.16 and earlier is affected by: Buffer Overflow. The impact is: The impact could range from a denial of service to local code execution. The component is: nfx.c:546, nffile_inline.c:83, minilzo.c (redistributed). The attack vector is:...
CVE-2019-1010305 3 Kyzer, Canonical, Fedoraproject 3 Libmspack, Ubuntu Linux, Fedora 2019-08-23 4.3
libmspack 0.9.1alpha is affected by: Buffer Overflow. The impact is: Information Disclosure. The component is: function chmd_read_headers() in libmspack(file libmspack/mspack/chmd.c). The attack vector is: the victim must open a specially crafted...
CVE-2019-1010247 2019-08-23 4.3
ZmartZone IAM mod_auth_openidc 2.3.10.1 and earlier is affected by: Cross Site Scripting (XSS). The impact is: Redirecting the user to a phishing page or interacting with the application on behalf of the user. The component is: File:...
CVE-2019-14524 1 Schismtracker 1 Schism Tracker 2019-08-23 6.8
An issue was discovered in Schism Tracker through 20190722. There is a heap-based buffer overflow via a large number of song patterns in fmt_mtm_load_song in fmt/mtm.c, a different vulnerability than CVE-2019-14465.
CVE-2019-14523 1 Schismtracker 1 Schism Tracker 2019-08-23 6.8
An issue was discovered in Schism Tracker through 20190722. There is an integer underflow via a large plen in fmt_okt_load_song in the Amiga Oktalyzer parser in fmt/okt.c.
CVE-2019-15119 1 Nps Project 1 Nps 2019-08-23 5.8
lib/install/install.go in cnlh nps through 0.23.2 uses 0777 permissions for /usr/local/bin/nps and/or /usr/bin/nps, leading to a file overwrite by a local user.
CVE-2019-15109 2019-08-23 4.3
The the-events-calendar plugin before 4.8.2 for WordPress has XSS via the tribe_paged URL parameter.
CVE-2019-15291 1 Linux 1 Linux Kernel 2019-08-23 4.9
An issue was discovered in the Linux kernel through 5.2.9. There is a NULL pointer dereference caused by a malicious USB device in the flexcop_usb_probe function in the drivers/media/usb/b2c2/flexcop-usb.c driver.
CVE-2019-15290 1 Linux 1 Linux Kernel 2019-08-23 4.9
An issue was discovered in the Linux kernel through 5.2.9. There is a NULL pointer dereference caused by a malicious USB device in the ath6kl_usb_alloc_urb_from_pipe function in the drivers/net/wireless/ath/ath6kl/usb.c driver.
CVE-2017-18577 1 Ibericode 1 Mailchimp 2019-08-23 4.3
The mailchimp-for-wp plugin before 4.1.8 for WordPress has XSS via the return value of add_query_arg.
CVE-2017-18576 2019-08-23 4.3
The event-notifier plugin before 1.2.1 for WordPress has XSS via the loading animation.
CVE-2017-18581 2019-08-23 4.3
The time-sheets plugin before 1.5.0 for WordPress has XSS via the old timesheet list.
CVE-2016-10924 2019-08-23 5.0
The ebook-download plugin before 1.2 for WordPress has directory traversal.
CVE-2008-7321 2019-08-23 4.3
The tubepress plugin before 1.6.5 for WordPress has XSS.
CVE-2017-18564 1 Bestwebsoft 1 Sender 2019-08-23 4.3
The sender plugin before 1.2.1 for WordPress has multiple XSS issues.
CVE-2017-18563 1 Swimordiesoftware 1 Rsvp 2019-08-23 4.3
The rsvp plugin before 2.3.8 for WordPress has persistent XSS via the note field on the attendee-list screen.
CVE-2015-9327 2019-08-23 4.3
The flickr-justified-gallery plugin before 3.4.0 for WordPress has XSS.
CVE-2019-4437 1 Ibm 1 Api Connect 2019-08-23 5.0
IBM API Connect 2018.1 through 2018.4.1.6 may inadvertently leak sensitive details about internal servers and network via API swagger. IBM X-force ID: 162947.