|
211161
|
7.5 |
HIGH
Network
|
airmore
|
airmore
|
The AirMore application through 1.6.1 for Android allows remote attackers to cause a denial of service (system hang) via many simultaneous /?Key=PhoneRequestAuthorization requests.
|
NVD-CWE-noinfo
|
CVE-2019-9831
|
2024-11-21 13:52 |
2019-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211162
|
6.1 |
MEDIUM
Network
|
netdata
|
netdata
|
The Netdata web application through 1.13.0 allows remote attackers to inject their own malicious HTML code into an imported snapshot, aka HTML Injection. Successful exploitation will allow attacker-s…
|
CWE-79
Cross-site Scripting
|
CVE-2019-9834
|
2024-11-21 13:52 |
2019-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211163
|
8.8 |
HIGH
Network
|
maccms
|
maccms
|
Maccms 10 allows remote attackers to execute arbitrary PHP code by entering this code in a template/default_pc/html/art Edit action. This occurs because template rendering uses an include operation o…
|
CWE-829
Inclusion of Functionality from Untrusted Control Sphere
|
CVE-2019-9829
|
2024-11-21 13:52 |
2019-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211164
|
9.8 |
CRITICAL
Network
|
feifeicms
|
feifeicms
|
FeiFeiCMS 4.1.190209 allows remote attackers to upload and execute arbitrary PHP code by visiting index.php?s=Admin-Index to modify the set of allowable file extensions, as demonstrated by adding php…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2019-9825
|
2024-11-21 13:52 |
2019-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211165
|
8.8 |
HIGH
Network
|
wordpress
|
wordpress
|
WordPress before 5.1.1 does not properly filter comment content, leading to Remote Code Execution by unauthenticated users in a default configuration. This occurs because CSRF protection is mishandle…
|
CWE-352
Origin Validation Error
|
CVE-2019-9787
|
2024-11-21 13:52 |
2019-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211166
|
7.8 |
HIGH
Local
|
gitnoteapp
|
gitnote
|
gitnote 3.1.0 allows remote attackers to execute arbitrary code via a crafted Markdown file, as demonstrated by a javascript:window.parent.top.require('child_process').execFile substring in the onerr…
|
CWE-78
OS Command
|
CVE-2019-9785
|
2024-11-21 13:52 |
2019-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211167
|
7.5 |
HIGH
Network
|
gnu
opensuse
|
libredwg
leap
backports_sle
|
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LTYPE at dwg.spec (earlier than CVE-2019-9776).
|
CWE-476
NULL Pointer Dereference
|
CVE-2019-9779
|
2024-11-21 13:52 |
2019-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211168
|
7.5 |
HIGH
Network
|
gnu
opensuse
|
libredwg
leap
backports_sle
|
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer over-read in the function dwg_dxf_LTYPE at dwg.spec.
|
CWE-125
Out-of-bounds Read
|
CVE-2019-9778
|
2024-11-21 13:52 |
2019-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211169
|
7.5 |
HIGH
Network
|
gnu
opensuse
|
libredwg
leap
backports_sle
|
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer over-read in the function dxf_header_write at header_variables_dxf.spec.
|
CWE-125
Out-of-bounds Read
|
CVE-2019-9777
|
2024-11-21 13:52 |
2019-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211170
|
7.5 |
HIGH
Network
|
gnu
opensuse
|
libredwg
leap
backports_sle
|
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LTYPE at dwg.spec (later than CVE-2019-9779).
|
CWE-476
NULL Pointer Dereference
|
CVE-2019-9776
|
2024-11-21 13:52 |
2019-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
