|
211681
|
9.8 |
CRITICAL
Network
|
gnu
netapp
mcafee
canonical
|
glibc
steelstore_cloud_integrated_storage
ontap_select_deploy_administration_utility
cloud_backup
web_gateway
ubuntu_linux
|
In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.
|
CWE-125
Out-of-bounds Read
|
CVE-2019-9169
|
2024-11-21 13:51 |
2019-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211682
|
6.1 |
MEDIUM
Network
|
woocommerce
|
woocommerce
|
WooCommerce before 3.5.5 allows XSS via a Photoswipe caption.
|
CWE-79
Cross-site Scripting
|
CVE-2019-9168
|
2024-11-21 13:51 |
2019-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211683
|
7.8 |
HIGH
Local
|
linux
netapp
canonical
|
linux_kernel
solidfire
hci_management_node
snapprotect
ubuntu_linux
cn1610_firmware
|
In the Linux kernel before 4.20.12, net/ipv4/netfilter/nf_nat_snmp_basic_main.c in the SNMP NAT module has insufficient ASN.1 length checks (aka an array index error), making out-of-bounds read and w…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-9162
|
2024-11-21 13:51 |
2019-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211684
|
8.8 |
HIGH
Network
|
hdfgroup
|
hdf5
|
An issue was discovered in the HDF HDF5 1.10.4 library. There is an out of bounds read in the function H5MM_xstrdup in H5MM.c when called from H5O_dtype_decode_helper in H5Odtype.c.
|
CWE-125
Out-of-bounds Read
|
CVE-2019-9152
|
2024-11-21 13:51 |
2019-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211685
|
8.8 |
HIGH
Network
|
hdfgroup
|
hdf5
|
An issue was discovered in the HDF HDF5 1.10.4 library. There is an out of bounds read in the function H5VM_memcpyvv in H5VM.c when called from H5D__compact_readvv in H5Dcompact.c.
|
CWE-125
Out-of-bounds Read
|
CVE-2019-9151
|
2024-11-21 13:51 |
2019-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211686
|
7.5 |
HIGH
Adjacent
|
jamf
|
self_service
|
Jamf Self Service 10.9.0 allows man-in-the-middle attackers to obtain a root shell by leveraging the "publish Bash shell scripts" feature to insert "/Applications/Utilities/Terminal app/Contents/MacO…
|
NVD-CWE-noinfo
|
CVE-2019-9146
|
2024-11-21 13:51 |
2019-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211687
|
6.1 |
MEDIUM
Network
|
hsycms
|
hsycms
|
An issue was discovered in Hsycms V1.1. There is an XSS vulnerability via the name field to the /book page.
|
CWE-79
Cross-site Scripting
|
CVE-2019-9145
|
2024-11-21 13:51 |
2019-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211688
|
8.8 |
HIGH
Network
|
exiv2
|
exiv2
|
An issue was discovered in Exiv2 0.27. There is infinite recursion at BigTiffImage::printIFD in the file bigtiffimage.cpp. This can be triggered by a crafted file. It allows an attacker to cause Deni…
|
CWE-674
Uncontrolled Recursion
|
CVE-2019-9144
|
2024-11-21 13:51 |
2019-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211689
|
8.8 |
HIGH
Network
|
exiv2
|
exiv2
|
An issue was discovered in Exiv2 0.27. There is infinite recursion at Exiv2::Image::printTiffStructure in the file image.cpp. This can be triggered by a crafted file. It allows an attacker to cause D…
|
CWE-674
Uncontrolled Recursion
|
CVE-2019-9143
|
2024-11-21 13:51 |
2019-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211690
|
6.1 |
MEDIUM
Network
|
b3log
|
symphony
|
An issue was discovered in b3log Symphony (aka Sym) before v3.4.7. XSS exists via the userIntro and userNickname fields to processor/SettingsProcessor.java.
|
CWE-79
Cross-site Scripting
|
CVE-2019-9142
|
2024-11-21 13:51 |
2019-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
