|
222981
|
7.5 |
HIGH
Network
|
digium
|
asterisk
|
main/translate.c in Sangoma Asterisk 13.28.0 and 16.5.0 allows a remote attacker to send a specific RTP packet during a call and cause a crash in a specific scenario.
|
CWE-20
Improper Input Validation
|
CVE-2019-15639
|
2024-11-21 13:29 |
2019-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222982
|
9.8 |
CRITICAL
Network
|
airbrake
|
airbrake_ruby
|
The Airbrake Ruby notifier 4.2.3 for Airbrake mishandles the blacklist_keys configuration option and consequently may disclose passwords to unauthorized actors. This is fixed in 4.2.4 (also, 4.2.2 an…
|
NVD-CWE-noinfo
|
CVE-2019-16060
|
2024-11-21 13:29 |
2019-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222983
|
8.8 |
HIGH
Network
|
sapplica
|
sentrifugo
|
Sentrifugo 3.2 lacks CSRF protection. This could lead to an attacker tricking the administrator into executing arbitrary code at index.php/dashboard/viewprofile via a crafted HTML page.
|
CWE-352
Origin Validation Error
|
CVE-2019-16059
|
2024-11-21 13:29 |
2019-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222984
|
7.5 |
HIGH
Network
|
opensc_project
|
opensc
|
An issue was discovered in the pam_p11 component 0.2.0 and 0.3.0 for OpenSC. If a smart card creates a signature with a length longer than 256 bytes, this triggers a buffer overflow. This may be the …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2019-16058
|
2024-11-21 13:29 |
2019-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222985
|
7.5 |
HIGH
Network
|
python
fedoraproject
debian
canonical
redhat
oracle
opensuse
|
python
fedora
debian_linux
ubuntu_linux
software_collections
solaris
peoplesoft_enterprise_peopletools
communications_operations_monitor
zfs_storage_appliance_kit
leap
|
An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. …
|
NVD-CWE-noinfo
|
CVE-2019-16056
|
2024-11-21 13:29 |
2019-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222986
|
7.5 |
HIGH
Network
|
libslirp_project
qemu
|
libslirp
qemu
|
libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c.
|
CWE-416
Use After Free
|
CVE-2019-15890
|
2024-11-21 13:29 |
2019-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222987
|
9.8 |
CRITICAL
Network
|
exim
debian
|
exim
debian_linux
|
Exim before 4.92.2 allows remote attackers to execute arbitrary code as root via a trailing backslash.
|
NVD-CWE-noinfo
|
CVE-2019-15846
|
2024-11-21 13:29 |
2019-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222988
|
5.3 |
MEDIUM
Network
|
valvesoftware
|
counter-strike\
|
In Counter-Strike: Global Offensive before 8/29/2019, community game servers can display unsafe HTML in a disconnection message.
|
CWE-116
Improper Encoding or Escaping of Output
|
CVE-2019-15944
|
2024-11-21 13:29 |
2019-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222989
|
6.1 |
MEDIUM
Network
|
jetbrains
|
teamcity
|
JetBrains TeamCity 2019.1 and 2019.1.1 allows cross-site scripting (XSS), potentially making it possible to send an arbitrary HTTP request to a TeamCity server under the name of the currently logged-…
|
CWE-79
Cross-site Scripting
|
CVE-2019-15848
|
2024-11-21 13:29 |
2019-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222990
|
6.5 |
MEDIUM
Network
|
totaljs
|
total.js_cms
|
An issue was discovered in Total.js CMS 12.0.0. A low privilege user can perform a simple transformation of a cookie to obtain the random values inside it. If an attacker can discover a session cooki…
|
CWE-327
CWE-330
Use of a Broken or Risky Cryptographic Algorithm
Use of Insufficiently Random Values
|
CVE-2019-15955
|
2024-11-21 13:29 |
2019-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
