|
211141
|
9.8 |
CRITICAL
Network
|
debian
canonical
opensuse
fedoraproject
libreoffice
|
debian_linux
ubuntu_linux
leap
fedora
libreoffice
|
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice…
|
CWE-20
Improper Input Validation
|
CVE-2019-9850
|
2024-11-21 13:52 |
2019-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211142
|
9.8 |
CRITICAL
Network
|
eclass
|
eclass_ip
|
eClass platform < ip.2.5.10.2.1 allows an attacker to execute SQL command via /admin/academic/studenview_left.php StudentID parameter.
|
CWE-89
SQL Injection
|
CVE-2019-9885
|
2024-11-21 13:52 |
2019-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211143
|
9.8 |
CRITICAL
Network
|
eclass
|
eclass_ip
|
eClass platform < ip.2.5.10.2.1 allows an attacker to use GETS method to request /admin page to bypass the password validation and access management page.
|
CWE-425
Direct Request ('Forced Browsing')
|
CVE-2019-9884
|
2024-11-21 13:52 |
2019-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211144
|
8.1 |
HIGH
Network
|
mozilla
|
firefox
|
A use-after-free vulnerability can occur in AssertWorkerThread due to a race condition with shared workers. This results in a potentially exploitable crash. This vulnerability affects Firefox < 67.
|
CWE-362
CWE-416
Race Condition
Use After Free
|
CVE-2019-9821
|
2024-11-21 13:52 |
2019-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211145
|
9.8 |
CRITICAL
Network
|
mozilla
|
firefox_esr
firefox
thunderbird
|
A use-after-free vulnerability can occur in the chrome event handler when it is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.…
|
CWE-416
Use After Free
|
CVE-2019-9820
|
2024-11-21 13:52 |
2019-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211146
|
9.8 |
CRITICAL
Network
|
mozilla
|
thunderbird
firefox_esr
firefox
|
A vulnerability where a JavaScript compartment mismatch can occur while working with the fetch API, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.7, Firefo…
|
CWE-843
Type Confusion
|
CVE-2019-9819
|
2024-11-21 13:52 |
2019-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211147
|
8.3 |
HIGH
Network
|
mozilla
|
firefox
firefox_esr
thunderbird
|
A race condition is present in the crash generation server used to generate data for the crash reporter. This issue can lead to a use-after-free in the main process, resulting in a potentially exploi…
|
CWE-362
CWE-416
Race Condition
Use After Free
|
CVE-2019-9818
|
2024-11-21 13:52 |
2019-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211148
|
5.3 |
MEDIUM
Network
|
mozilla
|
thunderbird
firefox_esr
firefox
|
Images from a different domain can be read using a canvas object in some circumstances. This could be used to steal image data from a different site in violation of same-origin policy. This vulnerabi…
|
CWE-346
Origin Validation Error
|
CVE-2019-9817
|
2024-11-21 13:52 |
2019-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211149
|
5.9 |
MEDIUM
Network
|
mozilla
|
thunderbird
firefox_esr
firefox
|
A possible vulnerability exists where type confusion can occur when manipulating JavaScript objects in object groups, allowing for the bypassing of security checks within these groups. *Note: this vu…
|
CWE-843
Type Confusion
|
CVE-2019-9816
|
2024-11-21 13:52 |
2019-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211150
|
9.8 |
CRITICAL
Network
|
mozilla
|
firefox
|
Mozilla developers and community members reported memory safety bugs present in Firefox 66. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-9814
|
2024-11-21 13:52 |
2019-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
