Lucene search
K

1301 matches found

OSV
OSV
added 2019/07/05 1:15 a.m.3 views

ALPINE-CVE-2019-13300

ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns...

8.8CVSS7.3AI score0.03166EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2019/07/05 1:15 a.m.20 views

CVE-2019-13300

ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns...

8.8CVSS7.1AI score0.03166EPSS
Exploits1References3
CNVD
CNVD
added 2019/06/21 12:0 a.m.3 views

Pydio Cells Information Disclosure Vulnerability

Pydio Cells is a transitional application for managing files on a Pydio Cells 1.2.X server. An information disclosure vulnerability exists in versions of Pydio Cells prior to 1.5.0, which stems from Pydio Cells failing to properly handle a Name field that is not in the expected Unicode format and...

4.3CVSS6.2AI score0.00933EPSS
Exploits0References1
NVD
NVD
added 2019/06/20 12:15 a.m.9 views

CVE-2019-12903

Pydio Cells before 1.5.0, when supplied with a Name field in an unexpected Unicode format, fails to handle this and includes the database column/table name as pert of the error message, exposing sensitive information...

4.3CVSS4.6AI score0.00933EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2019/05/13 7:20 a.m.31 views

CVE-2019-10130

PostgreSQL maintains column statistics for tables. Certain statistics, such as histograms and lists of most common values, contain values taken from the column. PostgreSQL does not evaluate row security policies before consulting those statistics during query planning; an attacker can exploit thi...

4.3CVSS3.3AI score0.01085EPSS
Exploits0References4
OSV
OSV
added 2019/05/09 12:0 a.m.3 views

UBUNTU-CVE-2019-10130

A vulnerability was found in PostgreSQL versions 11.x up to excluding 11.3, 10.x up to excluding 10.8, 9.6.x up to, excluding 9.6.13, 9.5.x up to, excluding 9.5.17. PostgreSQL maintains column statistics for tables. Certain statistics, such as histograms and lists of most common values, contain...

4.3CVSS6.5AI score0.01085EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2019/05/09 12:0 a.m.29 views

CVE-2019-10130

A vulnerability was found in PostgreSQL versions 11.x up to excluding 11.3, 10.x up to excluding 10.8, 9.6.x up to, excluding 9.6.13, 9.5.x up to, excluding 9.5.17. PostgreSQL maintains column statistics for tables. Certain statistics, such as histograms and lists of most common values, contain...

4.3CVSS6.7AI score0.01085EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2019/05/08 12:0 a.m.4 views

PT-2019-4078 · Postgresql +5 · Postgresql +5

Name of the Vulnerable Software and Affected Versions: PostgreSQL versions 9.5.x up to, excluding 9.5.17 PostgreSQL versions 9.6.x up to, excluding 9.6.13 PostgreSQL versions 10.x up to, excluding 10.8 PostgreSQL versions 11.x up to, excluding 11.3 Description: The issue is related to an error in...

9.8CVSS7.5AI score0.91877EPSS
Exploits20References175
Veracode
Veracode
added 2019/05/02 4:41 a.m.28 views

Arbitrary Code Execution

firefox/thunderbird is vulnerable to arbitrary code execution.A use-after-free vulnerability in the function nsFrameList::FirstChild allows remote attackers to cause a heap memory corruption that would result in arbitrary code execution or application crash by changing the size of the a container...

9.3CVSS9.7AI score0.04527EPSS
Exploits0References16Affected Software3
CNVD
CNVD
added 2019/04/01 12:0 a.m.1 views

Jfinal cms backend column scrolling image at the existence of file upload vulnerability

Jfinal cms, using a simple and powerful JFinal as a web framework, template engine with beetl, database with mysql, front-end bootstrap, flat ui and other frameworks. Jfinal cms background column scrolling picture at the existence of file upload vulnerability, its background column management...

7.1AI score
Exploits0
OSV
OSV
added 2019/03/21 4:0 p.m.3 views

CVE-2018-17483

Lobby Track Desktop could allow a local attacker to obtain sensitive information, caused by an error in Reports while in kiosk mode. By visiting the kiosk and viewing the driver's license column, an attacker could exploit this vulnerability to view the driver's license number and other personal...

5.5CVSS5.8AI score0.00303EPSS
Exploits0References1
CNVD
CNVD
added 2019/03/11 12:0 a.m.4 views

YzmCMS Cross-Site Scripting Vulnerability (CNVD-2019-07929)

YzmCMS is an open source CMS Content Management System by Yuan Zhimeng programmers in China. A cross-site scripting vulnerability exists in YzmCMS version 5.2. A remote attacker can use the 'column name' parameter of admin/category/edit.html page to inject arbitrary Web script or HTML with the he...

4.8CVSS6.2AI score0.00676EPSS
Exploits1References1
OPENSUSE Linux
OPENSUSE Linux
added 2019/02/26 12:0 a.m.194 views

Security update for MozillaThunderbird (important)

openSUSE Security Update: Security update for MozillaThunderbird Announcement ID: openSUSE-SU-2019:0249-1 Rating: important References: 1122983 1125330 Cross-References: CVE-2016-5824 CVE-2018-12405 CVE-2018-17466 CVE-2018-18335 CVE-2018-18356 CVE-2018-18492 CVE-2018-18493 CVE-2018-18494...

10CVSS7.2AI score0.12658EPSS
Exploits1References2
Prion
Prion
added 2019/02/22 4:29 p.m.11 views

Path traversal

A Path Traversal vulnerability was discovered in MOPCMS through 2018-11-30, leading to deletion of unexpected critical files. The exploitation point is in the "column management" function. The path added to the column is not verified. When a column is deleted by an attacker, the corresponding...

6.4CVSS9.1AI score0.01872EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2019/02/22 4:29 p.m.13 views

Cross site scripting

An XSS vulnerability was discovered in MOPCMS through 2018-11-30. There is persistent XSS that allows remote attackers to inject arbitrary web script or HTML via the formname parameter in a mod=column request, as demonstrated by the...

4.3CVSS6AI score0.01105EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2019/02/22 4:29 p.m.3 views

CVE-2019-9015

A Path Traversal vulnerability was discovered in MOPCMS through 2018-11-30, leading to deletion of unexpected critical files. The exploitation point is in the "column management" function. The path added to the column is not verified. When a column is deleted by an attacker, the corresponding...

9.1CVSS7.3AI score0.01872EPSS
Exploits1References1
OSV
OSV
added 2019/02/22 4:29 p.m.4 views

CVE-2019-9016

An XSS vulnerability was discovered in MOPCMS through 2018-11-30. There is persistent XSS that allows remote attackers to inject arbitrary web script or HTML via the formname parameter in a mod=column request, as demonstrated by the...

6.1CVSS6.5AI score0.01105EPSS
Exploits1References1
CVE
CVE
added 2019/02/22 4:0 p.m.41 views

CVE-2019-9015

CVE-2019-9015 affects MOPCMS up to 2018-11-30. A path traversal vulnerability in the “column management” function allows unverified paths to be added to a column, enabling an attacker to delete the corresponding directory when a column is removed, potentially deleting parts or the entire website....

9.1CVSS7.7AI score0.01872EPSS
Exploits1References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/01/22 12:0 a.m.37 views

SUSE SLED12 / SLES12 Security Update : mariadb (SUSE-SU-2019:0119-1)

This update for mariadb to version 10.2.19 fixes the following issues: bsc1116686 Security issues fixed : CVE-2016-9843: Big-endian out-of-bounds pointer bsc1013882 CVE-2018-3282, CVE-2018-3174, CVE-2018-3143, CVE-2018-3156, CVE-2018-3251, CVE-2018-3185, CVE-2018-3277, CVE-2018-3162, CVE-2018-317...

9.8CVSS7.4AI score0.0595EPSS
Exploits0References42
OSV
OSV
added 2018/12/28 4:29 p.m.1 views

DEBIAN-CVE-2018-20542

There is a heap-based buffer-overflow at generatorspgemmcscreader.c function libxsmmsparsecscreader in LIBXSMM 1.10, a different vulnerability than CVE-2018-20541 which is in a different part of the source code and is seen at a different address...

8.8CVSS8.7AI score0.01913EPSS
Exploits1References1
Rows per page
Query Builder