| CVE |
Vendors |
Products |
Updated |
CVSS |
| CVE-2016-3501 |
2 Oracle, Canonical |
2 Mysql, Ubuntu Linux |
2019-02-21 |
4.0 |
| Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer. |
| CVE-2016-3486 |
2 Oracle, Canonical |
2 Mysql, Ubuntu Linux |
2019-02-21 |
6.8 |
| Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: FTS. |
| CVE-2016-3477 |
5 Mariadb, Ibm, Oracle and 2 more |
6 Linux, Mariadb, Mysql and 3 more |
2019-02-21 |
4.1 |
| Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows local users to affect confidentiality, integrity, and... |
| CVE-2018-18602 |
1 Guardzilla |
6 180 Indoor Firmware, 180 Outdoor Firmware, 360 Indoor Firmware and 3 more |
2019-02-21 |
5.0 |
| The Cloud API on Guardzilla smart cameras allows user enumeration, with resultant arbitrary camera access and monitoring. |
| CVE-2016-3471 |
2 Oracle, Redhat |
2 Enterprise Linux, Mysql |
2019-02-21 |
7.1 |
| Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and 5.6.26 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Option. |
| CVE-2016-3459 |
2 Mariadb, Oracle |
2 Mariadb, Mysql |
2019-02-21 |
4.0 |
| Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB. |
| CVE-2016-3452 |
4 Mariadb, Ibm, Oracle and 1 more |
5 Linux, Mariadb, Enterprise Linux and 2 more |
2019-02-21 |
4.3 |
| Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors... |
| CVE-2013-5654 |
1 Yingzhipython Project |
1 Yingzhipython |
2019-02-21 |
9.4 |
| Vulnerability in YingZhi Python Programming Language v1.9 allows arbitrary anonymous uploads to the phone's storage |
| CVE-2018-1296 |
1 Apache |
1 Hadoop |
2019-02-21 |
5.0 |
| In Apache Hadoop 3.0.0-alpha1 to 3.0.0, 2.9.0, 2.8.0 to 2.8.3, and 2.5.0 to 2.7.5, HDFS exposes extended attribute key/value pairs during listXAttrs, verifying only path-level search access to the directory rather than path-level read permission... |
| CVE-2019-3464 |
2 Pizzashack, Debian |
2 Rssh, Debian Linux |
2019-02-21 |
7.5 |
| Insufficient sanitization of environment variables passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands. |
| CVE-2018-1000814 |
1 Aiohttp Project |
1 Aiohttp |
2019-02-21 |
4.0 |
| aio-libs aiohttp-session version 2.6.0 and earlier contains a Other/Unknown vulnerability in EncryptedCookieStorage and NaClCookieStorage that can result in Non-expiring sessions / Infinite lifespan. This attack appear to be exploitable via... |
| CVE-2018-20587 |
|
|
2019-02-21 |
2.1 |
| Bitcoin Core 0.12.0 through 0.17.1 and Bitcoin Knots 0.12.0 through 0.17.x before 0.17.1.knots20181229 have Incorrect Access Control. Local users can exploit this to steal currency by binding the RPC IPv4 localhost port, and forwarding requests... |
| CVE-2018-1340 |
1 Apache |
1 Guacamole |
2019-02-21 |
5.0 |
| Prior to 1.0.0, Apache Guacamole used a cookie for client-side storage of the user's session token. This cookie lacked the "secure" flag, which could allow an attacker eavesdropping on the network to intercept the user's session token if... |
| CVE-2018-9867 |
|
|
2019-02-21 |
2.1 |
| In SonicWall SonicOS, administrators without full permissions can download imported certificates. Occurs when administrators who are not in the SonicWall Administrators user group attempt to download imported certificates. This vulnerability... |
| CVE-2019-6975 |
2 Djangoproject, Canonical |
2 Django, Ubuntu Linux |
2019-02-21 |
5.0 |
| Django 1.11.x before 1.11.19, 2.0.x before 2.0.11, and 2.1.x before 2.1.6 allows Uncontrolled Memory Consumption via a malicious attacker-supplied value to the django.utils.numberformat.format() function. |
| CVE-2019-7653 |
1 Rdflib Project |
1 Rdflib |
2019-02-21 |
7.5 |
| The Debian python-rdflib-tools 4.2.2-1 package for RDFLib 4.2.2 has CLI tools that can load Python modules from the current working directory, allowing code injection, because "python -m" looks in this directory, as demonstrated by rdf2dot. This... |
| CVE-2018-20030 |
1 Libexif Project |
1 Libexif |
2019-02-21 |
7.8 |
| An error when processing the EXIF_IFD_INTEROPERABILITY and EXIF_IFD_EXIF tags within libexif version 0.6.21 can be exploited to exhaust available CPU resources. |
| CVE-2018-12549 |
1 Eclipse |
1 Openj9 |
2019-02-21 |
7.5 |
| In Eclipse OpenJ9 version 0.11.0, the OpenJ9 JIT compiler may incorrectly omit a null check on the receiver object of an Unsafe call when accelerating it. |
| CVE-2019-8389 |
1 Ascellamobile |
1 Musicloud |
2019-02-21 |
4.8 |
| A file-read vulnerability was identified in the Wi-Fi transfer feature of Musicloud 1.6. By default, the application runs a transfer service on port 8080, accessible by everyone on the same Wi-Fi network. An attacker can send the POST parameters... |
| CVE-2019-3474 |
1 Microfocus |
1 Filr |
2019-02-21 |
4.0 |
| A path traversal vulnerability in the web application component of Micro Focus Filr 3.x allows a remote attacker authenticated as a low privilege user to download arbitrary files from the Filr server. This vulnerability affects all versions of... |
