|
221901
|
5.4 |
MEDIUM
Network
|
scoutnet
|
kalender
|
The Scoutnet Kalender plugin 1.1.0 for WordPress allows XSS.
|
CWE-79
Cross-site Scripting
|
CVE-2019-19198
|
2024-11-21 13:34 |
2019-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221902
|
9.1 |
CRITICAL
Network
|
squiz
|
matrix
|
An issue was discovered in core/assets/form/form_question_types/form_question_type_file_upload/form_question_type_file_upload.inc in Squiz Matrix CMS 5.5.0 prior to 5.5.0.3, 5.5.1 prior to 5.5.1.8, 5…
|
CWE-22
Path Traversal
|
CVE-2019-19374
|
2024-11-21 13:34 |
2019-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221903
|
7.5 |
HIGH
Network
|
squiz
|
matrix
|
An issue was discovered in Squiz Matrix CMS 5.5.0 prior to 5.5.0.3, 5.5.1 prior to 5.5.1.8, 5.5.2 prior to 5.5.2.4, and 5.5.3 prior to 5.5.3.3 where a user can trigger arbitrary unserialization of a …
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2019-19373
|
2024-11-21 13:34 |
2019-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221904
|
7.5 |
HIGH
Network
|
xen
fedoraproject
opensuse
debian
|
xen
fedora
leap
debian_linux
|
An issue was discovered in Xen through 4.12.x allowing x86 HVM/PVH guest OS users to cause a denial of service (guest OS crash) because VMX VMEntry checks mishandle a certain case. Please see XSA-260…
|
NVD-CWE-noinfo
|
CVE-2019-19583
|
2024-11-21 13:34 |
2019-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221905
|
6.5 |
MEDIUM
Local
|
xen
fedoraproject
|
xen
fedora
|
An issue was discovered in Xen through 4.12.x allowing x86 guest OS users to cause a denial of service (infinite loop) because certain bit iteration is mishandled. In a number of places bitmaps are b…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2019-19582
|
2024-11-21 13:34 |
2019-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221906
|
6.5 |
MEDIUM
Local
|
xen
fedoraproject
|
xen
fedora
|
An issue was discovered in Xen through 4.12.x allowing 32-bit Arm guest OS users to cause a denial of service (out-of-bounds access) because certain bit iteration is mishandled. In a number of places…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2019-19581
|
2024-11-21 13:34 |
2019-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221907
|
6.6 |
MEDIUM
Network
|
xen
fedoraproject
|
xen
fedora
|
An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to gain host OS privileges by leveraging race conditions in pagetable promotion and demotion operations, because of an inc…
|
CWE-362
Race Condition
|
CVE-2019-19580
|
2024-11-21 13:34 |
2019-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221908
|
8.8 |
HIGH
Local
|
xen
fedoraproject
|
xen
fedora
|
An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of service via degenerate chains of linear pagetables, because of an incorrect fix for CVE-2017-15595. "…
|
CWE-682
Incorrect Calculation
|
CVE-2019-19578
|
2024-11-21 13:34 |
2019-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221909
|
7.2 |
HIGH
Physics
|
xen
fedoraproject
|
xen
fedora
|
An issue was discovered in Xen through 4.12.x allowing x86 AMD HVM guest OS users to cause a denial of service or possibly gain privileges by triggering data-structure access during pagetable-height …
|
CWE-401
CWE-662
Missing Release of Memory after Effective Lifetime
Improper Synchronization
|
CVE-2019-19577
|
2024-11-21 13:34 |
2019-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221910
|
5.3 |
MEDIUM
Network
|
last.fm
|
last.fm_desktop
|
The Last.fm desktop app (Last.fm Scrobbler) through 2.1.39 on macOS makes HTTP requests that include an API key without the use of SSL/TLS. Although there is an Enable SSL option, it is disabled by d…
|
CWE-1188
CWE-319
Insecure Default Initialization of Resource
Cleartext Transmission of Sensitive Information
|
CVE-2019-19251
|
2024-11-21 13:34 |
2019-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
