|
211341
|
7.5 |
HIGH
Network
|
gnu
opensuse
|
libredwg
leap
backports_sle
|
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer overflow in the function dwg_decode_eed_data at decode.c for the z dimension.
|
CWE-787
Out-of-bounds Write
|
CVE-2019-9773
|
2024-11-21 13:52 |
2019-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211342
|
7.5 |
HIGH
Network
|
gnu
opensuse
|
libredwg
leap
backports_sle
|
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LEADER at dwg.spec.
|
CWE-476
NULL Pointer Dereference
|
CVE-2019-9772
|
2024-11-21 13:52 |
2019-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211343
|
7.5 |
HIGH
Network
|
gnu
opensuse
|
libredwg
leap
backports_sle
|
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function bit_convert_TU at bits.c.
|
CWE-476
NULL Pointer Dereference
|
CVE-2019-9771
|
2024-11-21 13:52 |
2019-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211344
|
7.5 |
HIGH
Network
|
gnu
opensuse
|
libredwg
leap
backports_sle
|
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer overflow in the function dwg_decode_eed_data at decode.c for the y dimension.
|
CWE-787
Out-of-bounds Write
|
CVE-2019-9770
|
2024-11-21 13:52 |
2019-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211345
|
8.8 |
HIGH
Network
|
kartatopia
|
piluscart
|
PilusCart 1.4.1 is vulnerable to index.php?module=users&action=newUser CSRF, leading to the addition of a new user as administrator.
|
CWE-352
Origin Validation Error
|
CVE-2019-9769
|
2024-11-21 13:52 |
2019-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211346
|
7.5 |
HIGH
Network
|
thinkst
|
canarytokens
|
Thinkst Canarytokens through commit hash 4e89ee0 (2019-03-01) relies on limited variation in size, metadata, and timestamp, which makes it easier for attackers to estimate whether a Word document con…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2019-9768
|
2024-11-21 13:52 |
2019-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211347
|
7.8 |
HIGH
Local
|
cleanersoft
|
free_mp3_cd_ripper
|
Stack-based buffer overflow in Free MP3 CD Ripper 2.6, when converting a file, allows user-assisted remote attackers to execute arbitrary code via a crafted .wma file.
|
CWE-787
Out-of-bounds Write
|
CVE-2019-9767
|
2024-11-21 13:52 |
2019-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211348
|
7.8 |
HIGH
Local
|
cleanersoft
|
free_mp3_cd_ripper
|
Stack-based buffer overflow in Free MP3 CD Ripper 2.6, when converting a file, allows user-assisted remote attackers to execute arbitrary code via a crafted .mp3 file.
|
CWE-787
Out-of-bounds Write
|
CVE-2019-9766
|
2024-11-21 13:52 |
2019-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211349
|
6.1 |
MEDIUM
Network
|
blog_mini_project
|
blog_mini
|
In Blog_mini 1.0, XSS exists via the author name of a comment reply in the app/main/views.py articleDetails() function, related to app/templates/_article_comments.html.
|
CWE-79
Cross-site Scripting
|
CVE-2019-9765
|
2024-11-21 13:52 |
2019-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211350
|
9.8 |
CRITICAL
Network
|
phpshe
|
phpshe
|
A SQL Injection was discovered in PHPSHE 1.7 in include/plugin/payment/alipay/pay.php with the parameter id. The vulnerability does not need any authentication.
|
CWE-89
SQL Injection
|
CVE-2019-9762
|
2024-11-21 13:52 |
2019-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
