|
223031
|
7.8 |
HIGH
Local
|
artifex
redhat
opensuse
fedoraproject
debian
|
ghostscript
openshift_container_platform
leap
fedora
debian_linux
|
A flaw was found in, ghostscript versions prior to 9.50, in the .pdfexectoken and other procedures where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrict…
|
CWE-863
Incorrect Authorization
|
CVE-2019-14817
|
2024-11-21 13:27 |
2019-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223032
|
7.8 |
HIGH
Local
|
artifex
redhat
fedoraproject
opensuse
debian
|
ghostscript
openshift_container_platform
fedora
leap
debian_linux
|
A flaw was found in, ghostscript versions prior to 9.50, in the .pdf_hook_DSC_Creator procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restriction…
|
CWE-863
Incorrect Authorization
|
CVE-2019-14811
|
2024-11-21 13:27 |
2019-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223033
|
7.5 |
HIGH
Network
|
grafana
|
grafana
|
In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use. This makes it possible to run a denial of service attack against the server running Grafana.
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2019-15043
|
2024-11-21 13:27 |
2019-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223034
|
7.5 |
HIGH
Network
|
memcached
|
memcached
|
memcached 1.5.16, when UNIX sockets are used, has a stack-based buffer over-read in conn_to_str in memcached.c.
|
CWE-125
Out-of-bounds Read
|
CVE-2019-15026
|
2024-11-21 13:27 |
2019-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223035
|
5.3 |
MEDIUM
Network
|
woocommerce
|
payu_india_payment_gateway
|
/payu/icpcheckout/ in the WooCommerce PayU India Payment Gateway plugin 2.1.1 for WordPress allows Parameter Tampering in the purchaseQuantity=1 parameter, as demonstrated by purchasing an item for l…
|
CWE-20
Improper Input Validation
|
CVE-2019-14978
|
2024-11-21 13:27 |
2019-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223036
|
5.3 |
MEDIUM
Network
|
woocommerce
|
paypal_checkout_payment_gateway
|
cgi-bin/webscr?cmd=_cart in the WooCommerce PayPal Checkout Payment Gateway plugin 1.6.17 for WordPress allows Parameter Tampering in an amount parameter (such as amount_1), as demonstrated by purcha…
|
CWE-20
Improper Input Validation
|
CVE-2019-14979
|
2024-11-21 13:27 |
2019-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223037
|
7.8 |
HIGH
Local
|
videolan
debian
|
vlc_media_player
debian_linux
|
A vulnerability in mkv::event_thread_t in VideoLAN VLC media player 3.0.7.1 allows remote attackers to trigger a heap-based buffer overflow via a crafted .mkv file.
|
CWE-787
Out-of-bounds Write
|
CVE-2019-14970
|
2024-11-21 13:27 |
2019-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223038
|
7.8 |
HIGH
Local
|
videolan
debian
|
vlc_media_player
debian_linux
|
The mkv::virtual_segment_c::seek method of demux/mkv/virtual_segment.cpp in VideoLAN VLC media player 3.0.7.1 has a use-after-free.
|
CWE-416
Use After Free
|
CVE-2019-14778
|
2024-11-21 13:27 |
2019-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223039
|
7.8 |
HIGH
Local
|
videolan
debian
|
vlc_media_player
debian_linux
|
The Control function of demux/mkv/mkv.cpp in VideoLAN VLC media player 3.0.7.1 has a use-after-free.
|
CWE-416
Use After Free
|
CVE-2019-14777
|
2024-11-21 13:27 |
2019-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223040
|
7.8 |
HIGH
Local
|
videolan
debian
|
vlc_media_player
debian_linux
|
A heap-based buffer over-read exists in DemuxInit() in demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1 via a crafted .mkv file.
|
CWE-125
Out-of-bounds Read
|
CVE-2019-14776
|
2024-11-21 13:27 |
2019-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
