|
211151
|
7.8 |
HIGH
Local
|
pdfalto_project
xpdfreader
|
pdfalto
xpdf
|
There is an invalid memory access in the function GfxIndexedColorSpace::mapColorToBase() located in GfxState.cc in Xpdf 4.0.0, as used in pdfalto 0.2. It can be triggered by (for example) sending a c…
|
CWE-125
Out-of-bounds Read
|
CVE-2019-9878
|
2024-11-21 13:52 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211152
|
7.8 |
HIGH
Local
|
xpdfreader
|
xpdf
|
There is an invalid memory access vulnerability in the function TextPage::findGaps() located at TextOutputDev.c in Xpdf 4.01, which can (for example) be triggered by sending a crafted pdf file to the…
|
CWE-125
CWE-787
Out-of-bounds Read
Out-of-bounds Write
|
CVE-2019-9877
|
2024-11-21 13:52 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211153
|
9.8 |
CRITICAL
Network
|
oembed_project
|
oembed
|
plugin.js in the w8tcha oEmbed plugin before 2019-03-14 for CKEditor mishandles SCRIPT elements.
|
CWE-19
Data Processing Errors
|
CVE-2019-9870
|
2024-11-21 13:52 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211154
|
7.2 |
HIGH
Network
|
veritas
|
netbackup_appliance
|
An issue was discovered in the Web Console in Veritas NetBackup Appliance through 3.1.2. The SMTP password is displayed to an administrator.
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2019-9868
|
2024-11-21 13:52 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211155
|
7.2 |
HIGH
Network
|
veritas
|
netbackup_appliance
|
An issue was discovered in the Web Console in Veritas NetBackup Appliance through 3.1.2. The proxy server password is displayed to an administrator.
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2019-9867
|
2024-11-21 13:52 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211156
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel through 5.0.2, the function inotify_update_existing_watch() in fs/notify/inotify/inotify_user.c neglects to call fsnotify_put_mark() with IN_MASK_CREATE after fsnotify_find_mark()…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2019-9857
|
2024-11-21 13:52 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211157
|
6.1 |
MEDIUM
Network
|
openid
|
openid_connect
|
Doorkeeper::OpenidConnect (aka the OpenID Connect extension for Doorkeeper) 1.4.x and 1.5.x before 1.5.4 has an open redirect via the redirect_uri field in an OAuth authorization request (that result…
|
CWE-601
Open Redirect
|
CVE-2019-9837
|
2024-11-21 13:52 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211158
|
9.6 |
CRITICAL
Adjacent
|
fujitsu
|
lx901_firmware
gk900_firmware
|
The receiver (aka bridge) component of Fujitsu Wireless Keyboard Set LX901 GK900 devices allows Keystroke Injection. This occurs because it accepts unencrypted 2.4 GHz packets, even though all legiti…
|
NVD-CWE-noinfo
|
CVE-2019-9835
|
2024-11-21 13:52 |
2019-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211159
|
7.5 |
HIGH
Network
|
screen_stream_project
|
screen_stream
|
The Screen Stream application through 3.0.15 for Android allows remote attackers to cause a denial of service via many simultaneous /start-stop requests.
|
NVD-CWE-noinfo
|
CVE-2019-9833
|
2024-11-21 13:52 |
2019-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211160
|
7.5 |
HIGH
Network
|
airdrop_project
|
airdrop
|
The AirDrop application through 2.0 for Android allows remote attackers to cause a denial of service via a client that makes many socket connections through a configured port.
|
NVD-CWE-noinfo
|
CVE-2019-9832
|
2024-11-21 13:52 |
2019-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
