Lucene search
K

5255 matches found

OSV
OSV
added 2019/10/21 5:15 a.m.1 views

ALPINE-CVE-2019-18218

cdfreadpropertyinfo in cdf.c in file through 5.37 does not restrict the number of CDFVECTOR elements, which allows a heap-based buffer overflow 4-byte out-of-bounds write...

7.8CVSS7.4AI score0.0185EPSS
Exploits1References1
OSV
OSV
added 2019/10/21 5:15 a.m.2 views

DEBIAN-CVE-2019-18218

cdfreadpropertyinfo in cdf.c in file through 5.37 does not restrict the number of CDFVECTOR elements, which allows a heap-based buffer overflow 4-byte out-of-bounds write...

7.8CVSS9.1AI score0.0185EPSS
Exploits1References1
OSV
OSV
added 2019/10/21 5:15 a.m.5 views

UBUNTU-CVE-2019-18218

cdfreadpropertyinfo in cdf.c in file through 5.37 does not restrict the number of CDFVECTOR elements, which allows a heap-based buffer overflow 4-byte out-of-bounds write...

7.8CVSS7.4AI score0.0185EPSS
Exploits1References4
Veracode
Veracode
added 2019/10/18 9:15 a.m.32 views

Cross-Site Scripting (XSS)

wordpress is vulnerable to cross-site scripting XSS. A remote attacker is able to inject arbitrary Javascript into a victim's browser by storing the malicious code in STYLE elements...

6.1CVSS3.3AI score0.01766EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2019/10/17 1:15 p.m.14 views

CVE-2019-17672

WordPress before 5.2.4 is vulnerable to a stored XSS attack to inject JavaScript into STYLE elements...

6.1CVSS7.4AI score0.01766EPSS
Exploits0References6
OSV
OSV
added 2019/10/17 1:15 p.m.0 views

DEBIAN-CVE-2019-17672

WordPress before 5.2.4 is vulnerable to a stored XSS attack to inject JavaScript into STYLE elements...

6.1CVSS6.9AI score0.01766EPSS
Exploits0References1
OSV
OSV
added 2019/10/17 1:15 p.m.18 views

CVE-2019-17672

WordPress before 5.2.4 is vulnerable to a stored XSS attack to inject JavaScript into STYLE elements...

6.1CVSS9.1AI score
Exploits0References6
Prion
Prion
added 2019/10/17 1:15 p.m.17 views

Cross site scripting

WordPress before 5.2.4 is vulnerable to a stored XSS attack to inject JavaScript into STYLE elements...

4.3CVSS6AI score0.01766EPSS
Exploits0References6Affected Software2
UbuntuCve
UbuntuCve
added 2019/10/17 1:15 p.m.30 views

CVE-2019-17672

WordPress before 5.2.4 is vulnerable to a stored XSS attack to inject JavaScript into STYLE elements...

6.1CVSS6.9AI score0.01766EPSS
Exploits0References3
OSV
OSV
added 2019/10/17 1:15 p.m.3 views

UBUNTU-CVE-2019-17672

WordPress before 5.2.4 is vulnerable to a stored XSS attack to inject JavaScript into STYLE elements...

6.1CVSS6.9AI score0.01766EPSS
Exploits0References4
Talos
Talos
added 2019/10/15 12:0 a.m.55 views

Adobe Acrobat Reader DC text field value remote code execution vulnerability redux

Summary A specific JavaScript code embedded in a PDF file can lead to a heap corruption when opening a PDF document in Adobe Acrobat Reader DC, version 2019.012.20035. With careful memory manipulation, this can lead to arbitrary code execution. In order to trigger this vulnerability, the victim...

9.3CVSS9.5AI score0.13071EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/10/11 12:0 a.m.35 views

Cisco IOS ISDN Interface Denial of Service Vulnerability

According to its self-reported version, Cisco IOS Software is affected by a vulnerability in the ISDN functions which could allow an unauthenticated, remote attacker to cause the device to reload. The vulnerability is due to incorrect processing of specific values in the Q.931 information element...

8.6CVSS7.8AI score0.02516EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2019/10/10 10:30 a.m.26 views

CVE-2018-5102

A use-after-free vulnerability can occur when manipulating HTML media elements with media streams, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 52.6, Firefox ESR 52.6, and Firefox 58...

9.8CVSS1.2AI score0.07157EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2019/10/09 12:13 p.m.35 views

CVE-2019-11744

Some HTML elements, such as title and textarea, can contain literal angle brackets without treating them as markup. It is possible to pass a literal closing tag to .innerHTML on these elements, and subsequent content after that will be parsed as if it were outside the tag. This can lead to XSS if...

6.1CVSS1.7AI score0.0145EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2019/10/03 12:0 a.m.3 views

The vulnerability of the virtualization manager in Cisco IOS XE, allowing a attacker to execute arbitrary commands in the Linux kernel with root privileges.

The vulnerability of the virtualization manager in Cisco IOS XE operating systems exists due to the lack of measures taken to neutralize special elements used in the operating system’s commands. Exploiting this vulnerability allows an attacker to execute arbitrary commands on the Linux base...

6.8CVSS5.9AI score0.00423EPSS
Exploits0References2
OSV
OSV
added 2019/10/02 3:15 p.m.2 views

CVE-2019-4539

IBM Security Directory Server 6.4.0 does not properly neutralize special elements that are used in XML, allowing attackers to modify the syntax, content, or commands of the XML before it is processed by an end system. IBM X-Force ID: 165812...

7.1CVSS7.1AI score0.0123EPSS
Exploits0References2
OSV
OSV
added 2019/09/27 6:15 p.m.1 views

DEBIAN-CVE-2019-11746

A use-after-free vulnerability can occur while manipulating video elements if the body is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Firefox 69, Thunderbird 68.1, Thunderbird 60.9, Firefox ESR 60.9, and Firefox ESR 68.1...

8.8CVSS8.4AI score0.01713EPSS
Exploits0References1
OSV
OSV
added 2019/09/27 6:15 p.m.6 views

CVE-2019-11744

Some HTML elements, such as title and textarea, can contain literal angle brackets without treating them as markup. It is possible to pass a literal closing tag to .innerHTML on these elements, and subsequent content after that will be parsed as if it were outside the tag. This can lead to XSS if...

6.1CVSS8AI score
Exploits0References12
OSV
OSV
added 2019/09/27 6:15 p.m.5 views

CVE-2019-11746

A use-after-free vulnerability can occur while manipulating video elements if the body is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Firefox 69, Thunderbird 68.1, Thunderbird 60.9, Firefox ESR 60.9, and Firefox ESR 68.1...

8.8CVSS8.7AI score
Exploits0References12
Prion
Prion
added 2019/09/27 6:15 p.m.21 views

Cross site scripting

Some HTML elements, such as title and textarea, can contain literal angle brackets without treating them as markup. It is possible to pass a literal closing tag to .innerHTML on these elements, and subsequent content after that will be parsed as if it were outside the tag. This can lead to XSS if...

4.3CVSS6.2AI score0.0145EPSS
Exploits0References12Affected Software3
Rows per page
Query Builder