|
221531
|
7.1 |
HIGH
Local
|
openbsd
|
libressl
|
LibreSSL 2.9.1 through 3.2.1 has an out-of-bounds read in asn1_item_print_ctx (called from asn1_template_print_ctx).
|
CWE-125
Out-of-bounds Read
|
CVE-2019-25049
|
2024-11-21 13:39 |
2021-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221532
|
7.1 |
HIGH
Local
|
openbsd
|
libressl
|
LibreSSL 2.9.1 through 3.2.1 has a heap-based buffer over-read in do_print_ex (called from asn1_item_print_ctx and ASN1_item_print).
|
CWE-125
Out-of-bounds Read
|
CVE-2019-25048
|
2024-11-21 13:39 |
2021-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221533
|
6.1 |
MEDIUM
Network
|
greenbone
|
greenbone_security_assistant
greenbone_os
|
Greenbone Security Assistant (GSA) before 8.0.2 and Greenbone OS (GOS) before 5.0.10 allow XSS during 404 URL handling in gsad.
|
CWE-79
Cross-site Scripting
|
CVE-2019-25047
|
2024-11-21 13:39 |
2021-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221534
|
6.1 |
MEDIUM
Network
|
cerberusftp
|
ftp_server
|
The Web Client in Cerberus FTP Server Enterprise before 10.0.19 and 11.x before 11.0.4 allows XSS via an SVG document.
|
CWE-79
Cross-site Scripting
|
CVE-2019-25046
|
2024-11-21 13:39 |
2021-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221535
|
7.8 |
HIGH
Local
|
linux
netapp
|
linux_kernel
solidfire_baseboard_management_controller_firmware
cloud_backup
solidfire_\&_hci_management_node
h500s_firmware
h700s_firmware
h300e_firmware
h500e_firmware
h…
|
An issue was discovered in the Linux kernel before 5.0.19. The XFRM subsystem has a use-after-free, related to an xfrm_state_fini panic, aka CID-dbb2483b2a46.
|
CWE-416
Use After Free
|
CVE-2019-25045
|
2024-11-21 13:39 |
2021-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221536
|
5.5 |
MEDIUM
Local
|
versa-networks
|
versa_director
versa_analytics
versa_operating_system
|
In Versa Director, Versa Analytics and VOS, Passwords are not hashed using an adaptive cryptographic hash function or key derivation function prior to storage. Popular hashing algorithms based on the…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2019-25030
|
2024-11-21 13:39 |
2021-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221537
|
9.8 |
CRITICAL
Network
|
versa-networks
|
versa_director
|
In Versa Director, the command injection is an attack in which the goal is execution of arbitrary commands on the host operating system via a vulnerable application. Command injection attacks are pos…
|
CWE-77
Command Injection
|
CVE-2019-25029
|
2024-11-21 13:39 |
2021-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221538
|
7.8 |
HIGH
Local
|
linux
netapp
|
linux_kernel
cloud_backup
solidfire_\&_hci_management_node
solidfire_baseboard_management_controller_firmware
h300s_firmware
h500s_firmware
h700s_firmware
h300e_firmware
h…
|
The block subsystem in the Linux kernel before 5.2 has a use-after-free that can lead to arbitrary code execution in the kernel context and privilege escalation, aka CID-c3e2219216c9. This is related…
|
CWE-416
Use After Free
|
CVE-2019-25044
|
2024-11-21 13:39 |
2021-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221539
|
5.3 |
MEDIUM
Network
|
trustwave
|
modsecurity
|
ModSecurity 3.x before 3.0.4 mishandles key-value pair parsing, as demonstrated by a "string index out of range" error and worker-process crash for a "Cookie: =abc" header.
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2019-25043
|
2024-11-21 13:39 |
2021-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221540
|
9.8 |
CRITICAL
Network
|
nlnetlabs
debian
|
unbound
debian_linux
|
Unbound before 1.9.5 allows an out-of-bounds write via a compressed name in rdata_copy. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound …
|
CWE-787
Out-of-bounds Write
|
CVE-2019-25042
|
2024-11-21 13:39 |
2021-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
