Vulnerabilities (CVE)

Filter

74125 total CVE
CVE Vendors Products Updated CVSS
CVE-2016-6087 1 Ibm 1 Domino 2019-10-16 5.0
IBM Domino 8.5 and 9.0 could allow an attacker to steal credentials using multiple sessions and large amounts of data using Domino TLS Key Exchange validation. IBM X-Force ID: 117918.
CVE-2016-0279 1 Ibm 1 Domino 2019-10-16 6.8
Heap-based buffer overflow in the KeyView PDF filter in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6 allows remote attackers to execute arbitrary code via a crafted PDF document, a different vulnerability than CVE-2016-0277,...
CVE-2016-0278 1 Ibm 1 Domino 2019-10-16 6.8
Heap-based buffer overflow in the KeyView PDF filter in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6 allows remote attackers to execute arbitrary code via a crafted PDF document, a different vulnerability than CVE-2016-0277,...
CVE-2015-0179 1 Ibm 1 Domino 2019-10-16 7.2
Notes System Diagnostic (NSD) in IBM Domino 8.5.x before 8.5.3 FP6 IF6 and 9.x before 9.0.1 FP3 IF1 allows local users to obtain the System privilege via unspecified vectors, aka SPR TCHL9SST8V.
CVE-2015-2014 1 Ibm 1 Domino 2019-10-16 5.8
Open redirect vulnerability in the web server in IBM Domino 8.5 before 8.5.3 FP6 IF9 and 9.0 before 9.0.1 FP4 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks or cross-site scripting (XSS) attacks via...
CVE-2016-0304 1 Ibm 1 Domino 2019-10-16 6.8
The Java Console in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6, when a certain unsupported configuration involving UNC share pathnames is used, allows remote attackers to bypass authentication and possibly execute arbitrary...
CVE-2016-0301 1 Ibm 1 Domino 2019-10-16 6.8
Heap-based buffer overflow in the KeyView PDF filter in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6 allows remote attackers to execute arbitrary code via a crafted PDF document, a different vulnerability than CVE-2016-0277,...
CVE-2016-0277 1 Ibm 1 Domino 2019-10-16 6.8
Heap-based buffer overflow in the KeyView PDF filter in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6 allows remote attackers to execute arbitrary code via a crafted PDF document, a different vulnerability than CVE-2016-0278,...
CVE-2019-17504 1 Kirona 1 Dynamic Resource Scheduling 2019-10-16 4.3
An issue was discovered in Kirona Dynamic Resource Scheduling (DRS) 5.5.3.5. A reflected Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script via the /osm/report/ password parameter.
CVE-2019-16709 1 Imagemagick 1 Imagemagick 2019-10-16 4.3
ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage.
CVE-2018-11396 1 Gnome 1 Epiphany 2019-10-16 5.0
ephy-session.c in libephymain.so in GNOME Web (aka Epiphany) through 3.28.2.1 allows remote attackers to cause a denial of service (application crash) via JavaScript code that triggers access to a NULL URL, as demonstrated by a crafted window.open call.
CVE-2019-9530 1 Cobham 1 Explorer 710 Firmware 2019-10-16 4.9
The web root directory of the Cobham EXPLORER 710, firmware version 1.07, has no access restrictions on downloading and reading all files. This could allow an unauthenticated, local attacker connected to the device to access and download any file...
CVE-2016-4977 1 Pivotal 1 Spring Security Oauth 2019-10-16 6.5
When processing authorization requests using the whitelabel views in Spring Security OAuth 2.0.0 to 2.0.9 and 1.0.0 to 1.0.5, the response_type parameter value was executed as Spring SpEL which enabled a malicious user to trigger remote code...
CVE-2019-17223 1 Dolibarr 1 Dolibarr 2019-10-15 4.3
There is HTML Injection in the Note field in Dolibarr ERP/CRM 10.0.2 via user/note.php.
CVE-2019-10923 1 Siemens 34 Sinumerik 828d, Sinumerik 840d Sl, Dk Standard Ethernet Controller Firmware and 31 more 2019-10-15 5.0
A vulnerability has been identified in CP1604 (All versions < V2.8), CP1616 (All versions < V2.8), Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller (All versions < V4.1.1 Patch 05), Development/Evaluation Kits for...
CVE-2019-10936 1 Siemens 52 Sinumerik 828d, Sinumerik 840d Sl, Simatic S7-300 Cpu 314 Firmware and 49 more 2019-10-15 5.0
A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller (All versions), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 (All versions), Development/Evaluation Kits for PROFINET...
CVE-2019-13921 1 Siemens 1 Simatic Winac Rtx %28f%29 2010 2019-10-15 5.0
A vulnerability has been identified in SIMATIC WinAC RTX (F) 2010 (All versions). Affected versions of the software contain a vulnerability that could allow an unauthenticated attacker to trigger a denial-of-service condition. The vulnerability...
CVE-2019-13929 1 Siemens 1 Simatic It Uadm 2019-10-15 4.0
A vulnerability has been identified in SIMATIC IT UADM (All versions < V1.3). An authenticated remote attacker with network access to port 1434/tcp of SIMATIC IT UADM could potentially recover a password that can be used to gain read and write...
CVE-2016-10906 1 Linux 1 Linux Kernel 2019-10-15 4.4
An issue was discovered in drivers/net/ethernet/arc/emac_main.c in the Linux kernel before 4.5. A use-after-free is caused by a race condition between the functions arc_emac_tx and arc_emac_tx_clean.
CVE-2019-1230 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2019-10-15 4.0
An information disclosure vulnerability exists when the Windows Hyper-V Network Switch on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka 'Hyper-V Information Disclosure Vulnerability'.