|
223901
|
7.5 |
HIGH
Network
|
sqlite
canonical
oracle
siemens
|
sqlite
ubuntu_linux
mysql_workbench
sinec_infrastructure_network_services
|
sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage.
|
NVD-CWE-noinfo
|
CVE-2019-19244
|
2024-11-21 13:34 |
2019-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223902
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
vcs_write in drivers/tty/vt/vc_screen.c in the Linux kernel through 5.3.13 does not prevent write access to vcsu devices, aka CID-0c9acb1af77a.
|
CWE-125
Out-of-bounds Read
|
CVE-2019-19252
|
2024-11-21 13:34 |
2019-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223903
|
9.8 |
CRITICAL
Network
|
opentrade_project
|
opentrade
|
OpenTrade before 2019-11-23 allows SQL injection, related to server/modules/api/v1.js and server/utils.js.
|
CWE-89
SQL Injection
|
CVE-2019-19250
|
2024-11-21 13:34 |
2019-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223904
|
9.8 |
CRITICAL
Network
|
querytreeapp
|
querytree
|
Controllers/InvitationsController.cs in QueryTree before 3.0.99-beta mishandles invitations.
|
CWE-20
Improper Input Validation
|
CVE-2019-19249
|
2024-11-21 13:34 |
2019-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223905
|
7.5 |
HIGH
Network
|
oniguruma_project
php
fedoraproject
canonical
debian
|
oniguruma
php
fedora
ubuntu_linux
debian_linux
|
Oniguruma through 6.9.3, as used in PHP 7.3.x and other products, has a heap-based buffer over-read in str_lower_case_match in regexec.c.
|
CWE-125
Out-of-bounds Read
|
CVE-2019-19246
|
2024-11-21 13:34 |
2019-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223906
|
5.3 |
MEDIUM
Network
|
embedthis
|
goahead
|
Embedthis GoAhead before 5.0.1 mishandles redirected HTTP requests with a large Host header. The GoAhead WebsRedirect uses a static host buffer that has a limited length and can overflow. This can ca…
|
CWE-787
CWE-908
Out-of-bounds Write
Use of Uninitialized Resource
|
CVE-2019-19240
|
2024-11-21 13:34 |
2019-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223907
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the AppleTalk subsystem in the Linux kernel before 5.1, there is a potential NULL pointer dereference because register_snap_client may return NULL. This will lead to denial of service in net/apple…
|
CWE-476
NULL Pointer Dereference
|
CVE-2019-19227
|
2024-11-21 13:34 |
2019-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223908
|
5.5 |
MEDIUM
Local
|
libarchive
debian
fedoraproject
canonical
|
libarchive
debian_linux
fedora
ubuntu_linux
|
In Libarchive 3.4.0, archive_wstring_append_from_mbs in archive_string.c has an out-of-bounds read because of an incorrect mbrtowc or mbtowc call. For example, bsdtar crashes via a crafted archive.
|
CWE-125
Out-of-bounds Read
|
CVE-2019-19221
|
2024-11-21 13:34 |
2019-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223909
|
8.8 |
HIGH
Network
|
rconfig
|
rconfig
|
rConfig 3.9.2 allows devices.php?searchColumn= SQL injection.
|
CWE-89
SQL Injection
|
CVE-2019-19207
|
2024-11-21 13:34 |
2019-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223910
|
7.5 |
HIGH
Network
|
oniguruma_project
debian
fedoraproject
|
oniguruma
debian_linux
fedora
|
An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function fetch_interval_quantifier (formerly known as fetch_range_quantifier) in regparse.c, PFETCH is called without checking PEND. …
|
CWE-125
Out-of-bounds Read
|
CVE-2019-19204
|
2024-11-21 13:34 |
2019-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
