Vulnerabilities (CVE)

CWE filter

CWE-20

Filter

7054 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-11419 1 Tencent 1 Wechat 2019-05-17 4.3
vcodec2_hls_filter in libvoipCodec_v7a.so in the WeChat application through 7.0.3 for Android allows attackers to cause a denial of service (application crash) by replacing an emoji file (under the /sdcard/tencent/MicroMsg directory) with a...
CVE-2014-1818 1 Microsoft 9 Windows Rt 8.1, Windows 8, Windows Server 2008 and 6 more 2019-05-17 9.3
GDI+ in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Office 2007 SP3 and 2010 SP1 and SP2, Live Meeting...
CVE-2015-6104 1 Microsoft 9 Windows Rt 8.1, Windows 8, Windows Server 2008 and 6 more 2019-05-17 9.3
The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows remote...
CVE-2019-0951 1 Microsoft 1 Sharepoint Foundation 2019-05-17 3.5
A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from...
CVE-2015-6103 1 Microsoft 9 Windows Rt 8.1, Windows 8, Windows Server 2008 and 6 more 2019-05-17 9.3
The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows remote...
CVE-2019-0885 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2019-05-17 9.3
A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input, aka 'Windows OLE Remote Code Execution Vulnerability'.
CVE-2019-1846 1 Cisco 1 Ios Xr 2019-05-17 6.1
A vulnerability in the Multiprotocol Label Switching (MPLS) Operations, Administration, and Maintenance (OAM) implementation of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent...
CVE-2018-16476 2 Rubyonrails, Redhat 3 Active Job, Rails, Cloudforms 2019-05-17 5.0
A Broken Access Control vulnerability in Active Job versions >= 4.2.0 allows an attacker to craft user input which can cause Active Job to deserialize it using GlobalId and give them access to information that they should not have. This...
CVE-2015-2459 1 Microsoft 9 Windows Rt 8.1, Windows 8, Windows Server 2008 and 6 more 2019-05-17 9.3
ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote...
CVE-2015-2460 1 Microsoft 9 Windows Rt 8.1, Windows 8, Windows Server 2008 and 6 more 2019-05-17 9.3
ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and .NET Framework 3.0 SP2,...
CVE-2015-6112 1 Microsoft 8 Windows Rt 8.1, Windows 8, Windows Server 2008 and 5 more 2019-05-16 5.8
SChannel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 lacks the required extended master-secret binding support to ensure...
CVE-2018-15588 1 Freron 1 Mailmate 2019-05-16 5.0
MailMate before 1.11.3 mishandles a suspicious HTML/MIME structure in a signed/encrypted email.
CVE-2018-4018 1 Anker-in 1 Roav Dashcam A1 Firmware 2019-05-16 10.0
An exploitable firmware update vulnerability exists in the NT9665X Chipset firmware, running on Anker Roav A1 Dashcam version RoavA1SWV1.9. The HTTP server allows for arbitrary firmware binaries to be uploaded which will be flashed upon next...
CVE-2019-10245 2019-05-16 5.0
In Eclipse OpenJ9 prior to the 0.14.0 release, the Java bytecode verifier incorrectly allows a method to execute past the end of bytecode array causing crashes. Eclipse OpenJ9 v0.14.0 correctly detects this case and rejects the attempted class load.
CVE-2018-12549 2 Eclipse, Redhat 5 Openj9, Enterprise Linux Desktop, Enterprise Linux Server and 2 more 2019-05-16 7.5
In Eclipse OpenJ9 version 0.11.0, the OpenJ9 JIT compiler may incorrectly omit a null check on the receiver object of an Unsafe call when accelerating it.
CVE-2018-4026 1 Anker-in 1 Roav Dashcam A1 Firmware 2019-05-16 7.8
An exploitable denial-of-service vulnerability exists in the XML_GetScreen Wi-Fi command of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted set of packets can cause an invalid memory...
CVE-2019-3702 1 Lifesize 3 Icon 300 Firmware, Icon 500 Firmware, Icon 700 Firmware 2019-05-16 6.5
A Remote Code Execution issue in the DNS Query Web UI in Lifesize Icon LS_RM3_3.7.0 (2421) allows remote authenticated attackers to execute arbitrary commands via a crafted DNS Query address field in a JSON API request.
CVE-2018-14624 3 Fedoraproject, Debian, Redhat 8 389 Directory Server, Debian Linux, Enterprise Linux Desktop and 5 more 2019-05-15 5.0
A vulnerability was discovered in 389-ds-base through versions 1.3.7.10, 1.3.8.8 and 1.4.0.16. The lock controlling the error log was not correctly used when re-opening the log file in log__error_emergency(). An attacker could send a flood of...
CVE-2018-10935 2019-05-15 4.0
A flaw was found in the 389 Directory Server that allows users to cause a crash in the LDAP server using ldapsearch with server side sort.
CVE-2016-0044 1 Microsoft 3 Windows 8.1, Windows Server 2012, Windows Rt 8.1 2019-05-15 5.0
Sync Framework in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1 allows remote attackers to cause a denial of service (SyncShareSvc service outage) via crafted "change batch" data, aka "Windows DLL Loading Denial of Service...