|
213171
|
9.8 |
CRITICAL
Network
|
bo-blog
|
bw
|
Bo-blog Wind through 1.6.0-r allows SQL Injection via the admin.php/comments/batchdel/ comID parameter because this parameter is mishandled in the mode/admin.mode.php delBlockedBatch function.
|
CWE-89
SQL Injection
|
CVE-2019-7587
|
2024-11-21 13:48 |
2019-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213172
|
9.8 |
CRITICAL
Network
|
bijiadao
|
waimai_super_cms
|
An issue was discovered in Waimai Super Cms 20150505. web/Lib/Action/PublicAction.class.php allows time-based SQL Injection via the param array parameter to the /index.php?m=public&a=checkemail URI.
|
CWE-89
SQL Injection
|
CVE-2019-7585
|
2024-11-21 13:48 |
2019-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213173
|
8.8 |
HIGH
Network
|
libming
|
libming
|
The readBytes function in util/read.c in libming through 0.4.8 allows remote attackers to have unspecified impact via a crafted swf file that triggers a memory allocation failure.
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2019-7582
|
2024-11-21 13:48 |
2019-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213174
|
8.8 |
HIGH
Network
|
libming
|
libming
|
The parseSWF_ACTIONRECORD function in util/parser.c in libming through 0.4.8 allows remote attackers to have unspecified impact via a crafted swf file that triggers a memory allocation failure, a dif…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2019-7581
|
2024-11-21 13:48 |
2019-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213175
|
8.8 |
HIGH
Network
|
thinkcmf
|
thinkcmf
|
ThinkCMF 5.0.190111 allows remote attackers to execute arbitrary PHP code via the portal/admin_category/addpost.html alias parameter because the mishandling of a single quote character allows data/co…
|
CWE-94
Code Injection
|
CVE-2019-7580
|
2024-11-21 13:48 |
2019-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213176
|
5.3 |
MEDIUM
Network
|
gurock
|
testrail
|
index.php in Gurock TestRail 5.3.0.3603 returns potentially sensitive information for an invalid request, as demonstrated by full path disclosure and the identification of PHP as the backend technolo…
|
CWE-200
Information Exposure
|
CVE-2019-7535
|
2024-11-21 13:48 |
2019-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213177
|
8.1 |
HIGH
Network
|
libsdl
opensuse
debian
fedoraproject
canonical
|
simple_directmedia_layer
leap
debian_linux
fedora
ubuntu_linux
|
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitIMA_ADPCM in audio/SDL_wave.c.
|
CWE-125
Out-of-bounds Read
|
CVE-2019-7578
|
2024-11-21 13:48 |
2019-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213178
|
8.8 |
HIGH
Network
|
libsdl
opensuse
debian
fedoraproject
canonical
|
simple_directmedia_layer
leap
debian_linux
fedora
ubuntu_linux
|
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in SDL_LoadWAV_RW in audio/SDL_wave.c.
|
CWE-125
Out-of-bounds Read
|
CVE-2019-7577
|
2024-11-21 13:48 |
2019-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213179
|
8.8 |
HIGH
Network
|
libsdl
debian
opensuse
fedoraproject
canonical
|
simple_directmedia_layer
debian_linux
leap
fedora
ubuntu_linux
|
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (outside the wNumCoef loop).
|
CWE-125
Out-of-bounds Read
|
CVE-2019-7576
|
2024-11-21 13:48 |
2019-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213180
|
8.8 |
HIGH
Network
|
libsdl
debian
opensuse
fedoraproject
canonical
|
simple_directmedia_layer
debian_linux
leap
fedora
ubuntu_linux
|
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in MS_ADPCM_decode in audio/SDL_wave.c.
|
CWE-787
Out-of-bounds Write
|
CVE-2019-7575
|
2024-11-21 13:48 |
2019-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
