|
219481
|
3.7 |
LOW
Network
|
proxyman
|
proxyman
|
com.proxyman.NSProxy.HelperTool in Privileged Helper Tool in Proxyman for macOS 1.11.0 and earlier allows an attacker to change the System Proxy and redirect all traffic to an attacker-controlled com…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2019-20057
|
2024-11-21 13:37 |
2019-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219482
|
6.5 |
MEDIUM
Network
|
nothings
|
stb_image.h
|
stb_image.h (aka the stb image loader) 2.23, as used in libsixel and other products, has an assertion failure in stbi__shiftsigned.
|
CWE-617
Reachable Assertion
|
CVE-2019-20056
|
2024-11-21 13:37 |
2019-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219483
|
6.5 |
MEDIUM
Network
|
liquidpixels
|
liquifire_os
|
LuquidPixels LiquiFire OS 4.8.0 allows SSRF via the call%3Durl substring followed by a URL in square brackets.
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2019-20055
|
2024-11-21 13:37 |
2019-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219484
|
5.5 |
MEDIUM
Local
|
upx_project
opensuse
|
upx
leap
backports
|
An invalid memory address dereference was discovered in the canUnpack function in p_mach.cpp in UPX 3.95 via a crafted Mach-O file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2019-20053
|
2024-11-21 13:37 |
2019-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219485
|
6.5 |
MEDIUM
Network
|
matio_project
|
matio
|
A memory leak was discovered in Mat_VarCalloc in mat.c in matio 1.5.17 because SafeMulDims does not consider the rank==0 case.
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2019-20052
|
2024-11-21 13:37 |
2019-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219486
|
5.5 |
MEDIUM
Local
|
upx_project
fedoraproject
|
upx
fedora
|
A floating-point exception was discovered in PackLinuxElf::elf_hash in p_lx_elf.cpp in UPX 3.95. The vulnerability causes an application crash, which leads to denial of service.
|
CWE-682
Incorrect Calculation
|
CVE-2019-20051
|
2024-11-21 13:37 |
2019-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219487
|
5.5 |
MEDIUM
Local
|
linux
netapp
|
linux_kernel
cloud_backup
steelstore_cloud_integrated_storage
data_availability_services
solidfire_\&_hci_management_node
active_iq_unified_manager
solidfire_baseboard_managemen…
|
In the Linux kernel before 5.0.6, there is a NULL pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c, related to put_links, aka CID-23da9588037e.
|
CWE-476
NULL Pointer Dereference
|
CVE-2019-20054
|
2024-11-21 13:37 |
2019-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219488
|
9.8 |
CRITICAL
Network
|
al-enterprise
|
omnivista_4760
|
An issue was discovered on Alcatel-Lucent OmniVista 4760 devices. A remote unauthenticated attacker can chain a directory traversal (which helps to bypass authentication) with an insecure file upload…
|
NVD-CWE-Other
|
CVE-2019-20049
|
2024-11-21 13:37 |
2019-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219489
|
7.2 |
HIGH
Network
|
al-enterprise
|
omnivista_8770
|
An issue was discovered on Alcatel-Lucent OmniVista 8770 devices before 4.1.2. An authenticated remote attacker, with elevated privileges in the Web Directory component on port 389, may upload a PHP …
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2019-20048
|
2024-11-21 13:37 |
2019-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219490
|
7.5 |
HIGH
Network
|
al-enterprise
|
omnivista_4760
omnivista_8770
|
An issue was discovered on Alcatel-Lucent OmniVista 4760 devices, and 8770 devices before 4.1.2. An incorrect web server configuration allows a remote unauthenticated attacker to retrieve the content…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2019-20047
|
2024-11-21 13:37 |
2019-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
