8206 matches found
CVE-2019-15030
In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. To exploit the venerability, a local user starts a transaction via the hardware transactional memory instruction tbegin and then...
UBUNTU-CVE-2019-15031
In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt. To exploit the venerability, a local user starts a transaction via the hardware transactional memory instruction tbegin and then accesses vector registers...
UBUNTU-CVE-2019-15030
In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. To exploit the venerability, a local user starts a transaction via the hardware transactional memory instruction tbegin and then...
Directory Traversal Vulnerability in Xunrui CMS Backend Pages
Sichuan Xunruiyun Software Development Co., Ltd. is an Internet enterprise focusing on providing informatization services for small and medium-sized enterprises, mainly engaged in PHP language CMS website management system, offline communication and information engineering, online and offline...
CVE-2019-9855
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be executed on...
Cisco UCS Director, Cisco Integrated Management Controller Supervisor - Multiple Vulnerabilities
Multiple critical vulnerabilities in Cisco UCS Director, Cisco Integrated Management Controller Supervisor and Cisco UCS Director Express for Big Data Discovered by Pedro Ribeiro email protected from Agile Information Security ================================================================...
Cisco UCS / IMC Supervisor Authentication Bypass / Command Injection
Multiple critical vulnerabilities in Cisco UCS Director, Cisco Integrated Management Controller Supervisor and Cisco UCS Director Express for Big Data Discovered by Pedro Ribeiro [email protected] from Agile Information Security...
Google Android Denial of Service Vulnerability (CNVD-2019-41026)
Android is a Linux-based open source operating system from Google and the Open Handheld Alliance OHA. A denial of service vulnerability exists in System in Android Q. An attacker can exploit this vulnerability to cause a denial of service...
Remote Command Execution Vulnerability in Coremail Argumenter Client
Coremail client Mailbox For Windows is a mail client of coremail, which fully supports the synchronization of Coremail account data and has a better application experience. A remote command execution vulnerability exists in Coremail Lobbyist Client. An attacker can exploit the vulnerability to...
CVE-2019-15544
The CVE-2019-15544 issue affects the protobuf crate for Rust (pre-2.6.0). The vulnerability arises from Vec::reserve being fed by user-supplied input, enabling memory exhaustion. Documented impact: Out-of-Memory conditions, potentially affecting affected Rust crates that rely on this protobuf imp...
WordPress Plugin Import Export WordPress Users 1.3.1 - CSV Injection
WordPress Plugin Import Export WordPress Users 1.3.1 - CSV Injection Exploit Title: Wordpress Plugin Import Export WordPress Users = 1.3.1 - CSV Injection Exploit Author: Javier Olmedo Contact: @jjavierolmedo Website: https://sidertia.com Date: 2018-08-22 Google Dork:...
Input validation
Improper Verification of a Cryptographic Signature in OpenPGP.js =4.1.2 allows an attacker to forge signed messages by replacing its signatures with a "standalone" or "timestamp" signature...
WordPress user-role plugin cross-site scripting vulnerability
WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. user-role is a plug-in for website user management. A cross-site scripting vulnerability exists in the WordPress user-role plugin...
PT-2019-3022 · Cisco · Cisco Ucs Director Express For Big Data +2
Name of the Vulnerable Software and Affected Versions: Cisco Integrated Management Controller IMC Supervisor versions affected versions not specified Cisco UCS Director versions affected versions not specified Cisco UCS Director Express for Big Data versions affected versions not specified...
WordPress svg-vector-icon-plugin plugin cross-site request forgery vulnerability
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site request forgery vulnerability exists in the WordPress svg-vector-icon-plugin plugin. The...
Cisco UCS Director_ Cisco Integrated Management Controller Supervisor and Cisco UCS Director Express for Big Data - Multiple Vulnerabilities
Cisco UCS Director Cisco Integrated Management Controller Supervisor and Cisco UCS Director Express for Big Data - Multiple Vulnerabilities Multiple critical vulnerabilities in Cisco UCS Director, Cisco Integrated Management Controller Supervisor and Cisco UCS Director Express for Big Data...
CVE-2019-5035
An exploitable information disclosure vulnerability exists in the Weave PASE pairing functionality of the Nest Cam IQ Indoor, version 4620002. A set of specially crafted weave packets can brute force a pairing code, resulting in greater Weave access and potentially full device control. An attacke...
CVE-2019-4485
The CVE-2019-4485 issue affects IBM Emptoris Sourcing <10.1.4, IBM Contract Management <10.1.4, and IBM Emptoris Spend Analysis
CVE-2019-9851
CVE-2019-9851 affects Document Foundation LibreOffice prior to 6.2.6, where documents can specify pre-installed scripts that run on global script events (e.g., document-open). The fixed versions validate global script event handlers equivalently to document script handlers, mitigating the issue. ...
CVE-2019-1199
A remote code execution vulnerability exists in Microsoft Outlook when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrativ...