Vulnerabilities (CVE)

CWE filter

CWE-20

Filter

7054 total CVE
CVE Vendors Products Updated CVSS
CVE-2017-8341 1 Open-xchange 1 Open-xchange Appsuite 2019-05-23 5.0
Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Content Spoofing.
CVE-2018-15822 1 Ffmpeg 1 Ffmpeg 2019-05-23 5.0
The flv_write_packet function in libavformat/flvenc.c in FFmpeg through 4.0.2 does not check for an empty audio packet, leading to an assertion failure.
CVE-2019-11474 1 Graphicsmagick 1 Graphicsmagick 2019-05-23 4.3
coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause a denial of service (floating-point exception and application crash) by crafting an XWD image file, a different vulnerability than CVE-2019-11008 and CVE-2019-11009.
CVE-2016-10712 2 Php, Canonical 2 Php, Ubuntu Linux 2019-05-22 5.0
In PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3, all of the return values of stream_get_meta_data can be controlled if the input can be controlled (e.g., during file uploads). For example, a "$uri =...
CVE-2017-3258 1 Oracle 1 Mysql 2019-05-22 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low...
CVE-2017-3273 1 Oracle 1 Mysql 2019-05-22 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with...
CVE-2019-1726 1 Cisco 1 Nx-os 2019-05-22 4.6
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to access internal services that should be restricted on an affected device, such as the NX-API. The vulnerability is due to insufficient validation...
CVE-2019-0820 1 Microsoft 2 .net Core, .net Framework 2019-05-22 5.0
A denial of service vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings, aka '.NET Framework and .NET Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0980, CVE-2019-0981.
CVE-2019-10918 1 Siemens 4 Simatic Pcs 7, Simatic Wincc, Simatic Wincc %28tia Portal%29 and 1 more 2019-05-22 9.0
A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC...
CVE-2019-10917 1 Siemens 4 Simatic Pcs 7, Simatic Wincc, Simatic Wincc %28tia Portal%29 and 1 more 2019-05-22 2.1
A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC...
CVE-2019-10916 1 Siemens 4 Simatic Pcs 7, Simatic Wincc, Simatic Wincc %28tia Portal%29 and 1 more 2019-05-22 9.0
A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC...
CVE-2019-0092 1 Intel 1 Active Management Technology 2019-05-21 4.6
Insufficient input validation vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
CVE-2019-0094 1 Intel 1 Active Management Technology 2019-05-21 3.3
Insufficient input validation vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an unauthenticated user to potentially enable denial of service via adjacent network access.
CVE-2018-12270 1 Valvesoftware 1 Steam 2019-05-21 5.8
In Valve Steam 1528829181 BETA, it is possible to perform a homograph / homoglyph attack to create fake URLs in the client, which may trick users into visiting unintended web sites.
CVE-2019-11114 1 Intel 1 Driver %26 Support Assistant 2019-05-21 2.1
Insufficient input validation in Intel(R) Driver & Support Assistant version 19.3.12.3 and before may allow a privileged user to potentially enable denial of service via local access.
CVE-2019-3887 1 Linux 1 Linux Kernel 2019-05-21 4.7
A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled. In that, L1 guest could access L0's APIC register values via L2 guest, when 'virtualize x2APIC mode' is...
CVE-2019-11085 2019-05-21 4.6
Insufficient input validation in Kernel Mode Driver in Intel(R) i915 Graphics for Linux before version 5.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2019-0115 1 Intel 1 Graphics Driver 2019-05-21 2.1
Insufficient input validation in KMD module for Intel(R) Graphics Driver before version 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069) may allow an authenticated user to potentially enable denial of service via local access.
CVE-2019-11094 1 Intel 1 Nuc Kit Firmware 2019-05-21 4.6
Insufficient input validation in system firmware for Intel (R) NUC Kit may allow an authenticated user to potentially enable escalation of privilege, denial of service, and/or information disclosure via local access.
CVE-2019-12172 1 Typora 1 Typora 2019-05-21 6.8
Typora 0.9.9.21.1 (1913) allows arbitrary code execution via a modified file: URL syntax in the HREF attribute of an AREA element, as demonstrated by file:\\\ on macOS or Linux, or file://C| on Windows. This is different from CVE-2019-12137.