Export limit exceeded: 21613 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 20145 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (20145 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-16663 | 1 Rconfig | 1 Rconfig | 2024-11-21 | 8.8 High |
| An issue was discovered in rConfig 3.9.2. An attacker can directly execute system commands by sending a GET request to search.crud.php because the catCommand parameter is passed to the exec function without filtering, which can lead to command execution. | ||||
| CVE-2019-16662 | 1 Rconfig | 1 Rconfig | 2024-11-21 | 9.8 Critical |
| An issue was discovered in rConfig 3.9.2. An attacker can directly execute system commands by sending a GET request to ajaxServerSettingsChk.php because the rootUname parameter is passed to the exec function without filtering, which can lead to command execution. | ||||
| CVE-2019-16470 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2024-11-21 | 7.8 High |
| Adobe Acrobat Reader versions 2019.021.20056 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2019-16454 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2024-11-21 | 9.8 Critical |
| Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . | ||||
| CVE-2019-16451 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2024-11-21 | 9.8 Critical |
| Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution . | ||||
| CVE-2019-16450 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2024-11-21 | 9.8 Critical |
| Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . | ||||
| CVE-2019-16395 | 1 Gnucobol Project | 1 Gnucobol | 2024-11-21 | 7.8 High |
| GnuCOBOL 2.2 has a stack-based buffer overflow in the cb_name() function in cobc/tree.c via crafted COBOL source code. | ||||
| CVE-2019-16366 | 1 Moddable | 2 Moddable, Xs | 2024-11-21 | 9.8 Critical |
| In XS 9.0.0 in Moddable SDK OS180329, there is a heap-based buffer overflow in fxBeginHost in xsAPI.c when called from fxRunDefine in xsRun.c, as demonstrated by crafted JavaScript code to xst. | ||||
| CVE-2019-16352 | 1 Rockcarry | 1 Ffjpeg | 2024-11-21 | 6.5 Medium |
| ffjpeg before 2019-08-21 has a heap-based buffer overflow in jfif_load() at jfif.c. | ||||
| CVE-2019-16347 | 1 Miniupnp Project | 1 Ngiflib | 2024-11-21 | 8.8 High |
| ngiflib 0.4 has a heap-based buffer overflow in WritePixels() in ngiflib.c when called from DecodeGifImg, because deinterlacing for small pictures is mishandled. | ||||
| CVE-2019-16346 | 1 Miniupnp Project | 1 Ngiflib | 2024-11-21 | 8.8 High |
| ngiflib 0.4 has a heap-based buffer overflow in WritePixel() in ngiflib.c when called from DecodeGifImg, because deinterlacing for small pictures is mishandled. | ||||
| CVE-2019-16294 | 2 Notepad-plus-plus, Scintilla | 2 Notepad\+\+, Scintilla | 2024-11-21 | 7.8 High |
| SciLexer.dll in Scintilla in Notepad++ (x64) before 7.7 allows remote code execution or denial of service via Unicode characters in a crafted .ml file. | ||||
| CVE-2019-16293 | 1 Opmantek | 1 Open-audit | 2024-11-21 | 8.8 High |
| The Create Discoveries feature of Open-AudIT before 3.2.0 allows an authenticated attacker to execute arbitrary OS commands via a crafted value for a URL field. | ||||
| CVE-2019-16277 | 1 Picoc Project | 1 Picoc | 2024-11-21 | 7.8 High |
| PicoC 2.1 has a heap-based buffer overflow in StringStrcpy in cstdlib/string.c when called from ExpressionParseFunctionCall in expression.c. | ||||
| CVE-2019-16265 | 1 Codesys | 2 Codesys, Eni Server | 2024-11-21 | 9.8 Critical |
| CODESYS V2.3 ENI server up to V3.2.2.24 has a Buffer Overflow. | ||||
| CVE-2019-16242 | 1 Alcatelmobile | 2 Cingular Flip 2, Cingular Flip 2 Firmware | 2024-11-21 | 6.8 Medium |
| On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, there is an engineering application named omamock that is vulnerable to OS command injection. An attacker with physical access to the device can abuse this vulnerability to execute arbitrary OS commands as the root user via the application's UI. | ||||
| CVE-2019-16227 | 1 Py-lmdb Project | 1 Py-lmdb | 2024-11-21 | 9.8 Critical |
| An issue was discovered in py-lmdb 0.97. For certain values of mn_flags, mdb_cursor_set triggers a memcpy with an invalid write operation within mdb_xcursor_init1. NOTE: this outcome occurs when accessing a data.mdb file supplied by an attacker. | ||||
| CVE-2019-16226 | 1 Py-lmdb Project | 1 Py-lmdb | 2024-11-21 | 7.5 High |
| An issue was discovered in py-lmdb 0.97. mdb_node_del does not validate a memmove in the case of an unexpected node->mn_hi, leading to an invalid write operation. NOTE: this outcome occurs when accessing a data.mdb file supplied by an attacker. | ||||
| CVE-2019-16225 | 1 Py-lmdb Project | 1 Py-lmdb | 2024-11-21 | 9.8 Critical |
| An issue was discovered in py-lmdb 0.97. For certain values of mp_flags, mdb_page_touch does not properly set up mc->mc_pg[mc->top], leading to an invalid write operation. NOTE: this outcome occurs when accessing a data.mdb file supplied by an attacker. | ||||
| CVE-2019-16224 | 1 Py-lmdb Project | 1 Py-lmdb | 2024-11-21 | 9.8 Critical |
| An issue was discovered in py-lmdb 0.97. For certain values of md_flags, mdb_node_add does not properly set up a memcpy destination, leading to an invalid write operation. NOTE: this outcome occurs when accessing a data.mdb file supplied by an attacker. | ||||