11 matches found
PT-2024-10725 · Easymine · Easymine
Name of the Vulnerable Software and Affected Versions: easyMINE versions prior to 2019-12-05 Description: The issue allows man-in-the-middle attacks due to SSH host keys being baked into the installation image. This makes it trivial to identify all public IPv4 nodes using Shodan.io...
CVE-2020-16243
Multiple buffer overflow vulnerabilities exist when LeviStudioU Version 2019-09-21 and prior processes project files. Opening a specially crafted project file could allow an attacker to exploit and execute code under the privileges of the application...
CVE-2020-5343
Dell Client platforms restored using a Dell OS recovery image downloaded before December 20, 2019, may contain an insecure inherited permissions vulnerability. A local authenticated malicious user with low privileges could exploit this vulnerability to gain unauthorized access on the root folder...
CVE-2019-18271
OSIsoft PI Vision, All versions of PI Vision prior to 2019. The affected product is vulnerable to a cross-site request forgery that may be introduced on the PI Vision administration site...
newbee-mall SQL Injection Vulnerability
newbee-mall is an e-commerce system. A SQL injection vulnerability exists in the main/resources/mapper/NewBeeMallGoodsMapper.xml file in versions of newbee-mall prior to 2019-10-23, which stems from a lack of validation of externally entered SQL statements in database-based applications and can b...
DianoxDragon Hawn SQL Injection Vulnerability
DianoxDragon Hawn is a plugin for managing spawn on servers. A SQL injection vulnerability exists in versions of DianoxDragon Hawn prior to 2019-07-10, which can be exploited by an attacker to execute illegal SQL commands...
Cuberite Path Traversal Vulnerability
Cuberite is a lightweight, scalable multiplayer game server written in C++. A path traversal vulnerability exists in versions of Cuberite prior to 2019-06-11, which can be exploited by an attacker to access locations outside of a restricted directory...
CVE-2019-13515
OSIsoft PI Web API 2018 and prior may allow disclosure of sensitive information...
PT-2019-13519
Name of the Vulnerable Software and Affected Versions Das U-Boot versions prior to 2019.07 Description An issue was discovered in Das U-Boot. There is an unbounded memcpy with unvalidated length at nfs readlink reply in the "else" block after calculating the new path length. Recommendations For...
CVE-2019-7793
Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information...
Input Validation Vulnerability in Caret
Caret is a software package for plotting classification and regression models. An input validation vulnerability exists in versions of Caret prior to 2019-02-22 that originates from a networked system or product that does not properly validate incoming data. An attacker could exploit the...