3094 matches found
CVE-2019-0271
CVE-2019-0271 affects ABAP Server (NetWeaver/Suite/ERP) and ABAP Platform. The vulnerability is an XML External Entity (XEE) issue caused by insufficient validation of XML documents from untrusted sources, enabling potential manipulation via external entities. Affected ranges: ABAP Server 7.00–7....
GitLab: Persistent XSS in Note objects
Summary: Some cache invalidation and project import logic issues enable an attacker to import a project with XSS payloads in places like MR discussions and similar places where a Note object exists. Description: There are basically 3 issues causing the XSS here: All attributes of Note objects are...
CVE-2019-9638
Removed by vendor...
UBUNTU-CVE-2019-9639
An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exifprocessIFDinMAKERNOTE because of mishandling the datalen variable...
UBUNTU-CVE-2019-9638
An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exifprocessIFDinMAKERNOTE because of mishandling the makernote-offset relationship to valuelen...
file readelf.c file out-of-bounds read vulnerability
file is a command-line tool used on Unix-like systems to view file information. An out-of-bounds read vulnerability exists in the docorenote file of the readelf.c file of the libmagic.a static link library in file version 5.35, which stems from a degree of failure to properly use the memory copy...
file do_core_note Denial of Service Vulnerability
file is a command-line tool used on Unix-like systems to view file information. A security vulnerability exists in the docorenote file of the readelf.c file of the libmagic.a static link library in file version 5.35. A remote attacker could use this vulnerability to cause a denial of service stac...
file 'readelf.c' stack buffer out-of-bounds read vulnerability
file is a command-line tool used on Unix-like systems to view file information. A stack buffer out-of-bounds read vulnerability exists in docorenote in the readelf.c file of the libmagic.a static link library in file version 5.35. The vulnerability allows remote attackers to submit a special file...
DEBIAN-CVE-2019-8907
docorenote in readelf.c in libmagic.a in file 5.35 allows remote attackers to cause a denial of service stack corruption and application crash or possibly have unspecified other impact...
ALPINE-CVE-2019-8906
docorenote in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused...
DEBIAN-CVE-2019-8906
docorenote in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused...
ALPINE-CVE-2019-8907
docorenote in readelf.c in libmagic.a in file 5.35 allows remote attackers to cause a denial of service stack corruption and application crash or possibly have unspecified other impact...
DEBIAN-CVE-2019-8905
docorenote in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to fileprintable, a different vulnerability than CVE-2018-10360...
ALPINE-CVE-2019-8905
docorenote in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to fileprintable, a different vulnerability than CVE-2018-10360...
CVE-2019-8436
imcat 4.5 has Stored XSS via the root/run/adm.php fminstopnote parameter...
CVE-2019-8436
imcat 4.5 has Stored XSS via the root/run/adm.php fminstopnote parameter...
CVE-2019-8436
CVE-2019-8436 affects imcat 4.5 and is caused by Stored XSS via the root/run/adm.php fm[instop][note] parameter. The connected sources consistently report this vulnerability without providing specific patch details or affected product revisions beyond imcat 4.5. The exploitation, scope, and remed...
UBUNTU-CVE-2019-8905
docorenote in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to fileprintable, a different vulnerability than CVE-2018-10360...
UBUNTU-CVE-2019-8906
docorenote in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused...
UBUNTU-CVE-2019-8907
docorenote in readelf.c in libmagic.a in file 5.35 allows remote attackers to cause a denial of service stack corruption and application crash or possibly have unspecified other impact...