Vulnerabilities (CVE)

Filter

130084 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-16224 1 Py-lmdb Project 1 Py-lmdb 2019-10-12 7.5
An issue was discovered in py-lmdb 0.97. For certain values of md_flags, mdb_node_add does not properly set up a memcpy destination, leading to an invalid write operation. NOTE: this outcome occurs when accessing a data.mdb file supplied by an attacker.
CVE-2019-17522 2019-10-12 N/A
A stored XSS vulnerability was discovered in Hotaru CMS v1.7.2 via the admin_index.php?page=settings SITE NAME field (aka SITE_NAME), a related issue to CVE-2011-4709.1.
CVE-2019-17521 2019-10-12 N/A
An issue was discovered in Landing-CMS 0.0.6. There is a CSRF vulnerability that can change the admin's password via the password/ URI,
CVE-2019-17514 2019-10-12 N/A
library/glob.html in the Python 2 and 3 documentation before 2016 has potentially misleading information about whether sorting occurs, as demonstrated by irreproducible cancer-research results. NOTE: the effects of this documentation cross...
CVE-2016-10874 1 Wpseeds 1 Wp Database Backup 2019-10-12 6.8
The wp-database-backup plugin before 4.3.3 for WordPress has CSRF.
CVE-2016-10873 1 Wpseeds 1 Wp Database Backup 2019-10-12 4.3
The wp-database-backup plugin before 4.3.3 for WordPress has XSS.
CVE-2019-16943 2 Fasterxml, Debian 2 Jackson-databind, Debian Linux 2019-10-12 7.5
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy...
CVE-2018-9132 2 Libming, Debian 2 Libming, Debian Linux 2019-10-12 4.3
libming 0.4.8 has a NULL pointer dereference in the getInt function of the decompile.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file.
CVE-2018-9009 2 Libming, Debian 2 Libming, Debian Linux 2019-10-12 6.8
In libming 0.4.8, there is a use-after-free in the decompileJUMP function of the decompile.c file.
CVE-2018-7876 2 Libming, Debian 2 Libming, Debian Linux 2019-10-12 4.3
In libming 0.4.8, a memory exhaustion vulnerability was found in the function parseSWF_ACTIONRECORD in util/parser.c, which allows remote attackers to cause a denial of service via a crafted file.
CVE-2018-7873 2 Libming, Debian 2 Libming, Debian Linux 2019-10-12 4.3
There is a heap-based buffer overflow in the getString function of util/decompile.c in libming 0.4.8 for INTEGER data. A Crafted input will lead to a denial of service attack.
CVE-2018-7866 2 Libming, Debian 2 Libming, Debian Linux 2019-10-12 4.3
A NULL pointer dereference was discovered in newVar3 in util/decompile.c in libming 0.4.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.
CVE-2010-5331 1 Linux 1 Linux Kernel 2019-10-12 7.5
In the Linux kernel before 2.6.34, a range check issue in drivers/gpu/drm/radeon/atombios.c could cause an off by one (buffer overflow) problem.
CVE-2019-15166 1 Tcpdump 1 Tcpdump 2019-10-11 7.5
lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.
CVE-2018-16452 1 Tcpdump 1 Tcpdump 2019-10-11 5.0
The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion.
CVE-2018-16451 1 Tcpdump 1 Tcpdump 2019-10-11 7.5
The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANMAN.
CVE-2018-16300 1 Tcpdump 1 Tcpdump 2019-10-11 5.0
The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion.
CVE-2018-16230 1 Tcpdump 1 Tcpdump 2019-10-11 7.5
The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI).
CVE-2018-16229 1 Tcpdump 1 Tcpdump 2019-10-11 7.5
The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().
CVE-2018-16228 1 Tcpdump 1 Tcpdump 2019-10-11 7.5
The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix().