|
223261
|
6.1 |
MEDIUM
Network
|
zyxel
|
uag2100_firmware
uag4100_firmware
uag5100_firmware
usg110_firmware
usg210_firmware
usg310_firmware
usg1100_firmware
usg1900_firmware
usg2200-vpn_firmware
|
A reflective Cross-site scripting (XSS) vulnerability in the free_time_failed.cgi CGI program in selected Zyxel ZyWall, USG, and UAG devices allows remote attackers to inject arbitrary web script or …
|
CWE-79
Cross-site Scripting
|
CVE-2019-12581
|
2024-11-21 13:23 |
2019-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223262
|
8.1 |
HIGH
Network
|
keyidentity
|
linotp
|
KeyIdentity LinOTP before 2.10.5.3 has Incorrect Access Control (issue 1 of 2).
|
CWE-294
Authentication Bypass by Capture-replay
|
CVE-2019-12887
|
2024-11-21 13:23 |
2019-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223263
|
9.1 |
CRITICAL
Network
|
zyxel
|
uag2100_firmware
uag4100_firmware
uag5100_firmware
usg110_firmware
usg210_firmware
usg310_firmware
usg1100_firmware
usg1900_firmware
usg2200-vpn_firmware
zywall_vpn100_firm…
|
Missing Access Control in the "Free Time" component of several Zyxel UAG, USG, and ZyWall devices allows a remote attacker to generate guest accounts by directly accessing the account generator. This…
|
CWE-425
Direct Request ('Forced Browsing')
|
CVE-2019-12583
|
2024-11-21 13:23 |
2019-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223264
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
A NULL pointer dereference vulnerability in the function nfc_genl_deactivate_target() in net/nfc/netlink.c in the Linux kernel before 5.1.13 can be triggered by a malicious user-mode program that omi…
|
CWE-476
NULL Pointer Dereference
|
CVE-2019-12984
|
2024-11-21 13:23 |
2019-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223265
|
6.5 |
MEDIUM
Network
|
libming
|
libming
|
Ming (aka libming) 0.4.8 has a heap buffer overflow and underflow in the decompileCAST function in util/decompile.c in libutil.a. Remote attackers could leverage this vulnerability to cause a denial …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2019-12982
|
2024-11-21 13:23 |
2019-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223266
|
8.8 |
HIGH
Network
|
libming
|
libming
|
Ming (aka libming) 0.4.8 has an "fill overflow" vulnerability in the function SWFShape_setLeftFillStyle in blocks/shape.c.
|
CWE-20
Improper Input Validation
|
CVE-2019-12981
|
2024-11-21 13:23 |
2019-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223267
|
6.5 |
MEDIUM
Network
|
libming
|
libming
|
In Ming (aka libming) 0.4.8, there is an integer overflow (caused by an out-of-range left shift) in the SWFInput_readSBits function in blocks/input.c. Remote attackers could leverage this vulnerabili…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2019-12980
|
2024-11-21 13:23 |
2019-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223268
|
7.8 |
HIGH
Local
|
imagemagick
debian
canonical
opensuse
|
imagemagick
debian_linux
ubuntu_linux
leap
|
ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the SyncImageSettings function in MagickCore/image.c. This is related to AcquireImage in magick/image.c.
|
CWE-665
Improper Initialization
|
CVE-2019-12979
|
2024-11-21 13:23 |
2019-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223269
|
7.8 |
HIGH
Local
|
imagemagick
|
imagemagick
|
ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the ReadPANGOImage function in coders/pango.c.
|
CWE-665
Improper Initialization
|
CVE-2019-12978
|
2024-11-21 13:23 |
2019-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223270
|
7.8 |
HIGH
Local
|
imagemagick
|
imagemagick
|
ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the WriteJP2Image function in coders/jp2.c.
|
CWE-665
Improper Initialization
|
CVE-2019-12977
|
2024-11-21 13:23 |
2019-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
