|
220171
|
9.8 |
CRITICAL
Network
|
taogogo
|
taocms
|
taocms through 2014-05-24 allows eval injection by placing PHP code in the install.php db_name parameter and then making a config.php request.
|
CWE-94
Code Injection
|
CVE-2019-7720
|
2024-11-21 13:48 |
2019-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220172
|
9.8 |
CRITICAL
Network
|
nibbleblog
|
nibbleblog
|
Nibbleblog 4.0.5 allows eval injection by placing PHP code in the install.php username parameter and then making a content/private/shadow.php request.
|
CWE-94
Code Injection
|
CVE-2019-7719
|
2024-11-21 13:48 |
2019-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220173
|
8.1 |
HIGH
Network
|
metinfo
|
metinfo
|
An issue was discovered in Metinfo 6.x. An attacker can leverage a race condition in the backend database backup function to execute arbitrary PHP code via admin/index.php?n=databack&c=index&a=dogets…
|
CWE-362
Race Condition
|
CVE-2019-7718
|
2024-11-21 13:48 |
2019-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220174
|
6.5 |
MEDIUM
Network
|
webassembly
|
binaryen
|
wasm::WasmBinaryBuilder::readUserSection in wasm-binary.cpp in Binaryen 1.38.22 triggers an attempt at excessive memory allocation, as demonstrated by wasm-merge and wasm-opt.
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2019-7704
|
2024-11-21 13:48 |
2019-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220175
|
6.5 |
MEDIUM
Network
|
webassembly
|
binaryen
|
In Binaryen 1.38.22, there is a use-after-free problem in wasm::WasmBinaryBuilder::visitCall in wasm-binary.cpp. Remote attackers could leverage this vulnerability to cause a denial-of-service via a …
|
CWE-416
Use After Free
|
CVE-2019-7703
|
2024-11-21 13:48 |
2019-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220176
|
6.5 |
MEDIUM
Network
|
webassembly
|
binaryen
|
A NULL pointer dereference was discovered in wasm::SExpressionWasmBuilder::parseExpression in wasm-s-parser.cpp in Binaryen 1.38.22. A crafted wasm input can cause a segmentation fault, leading to de…
|
CWE-476
NULL Pointer Dereference
|
CVE-2019-7702
|
2024-11-21 13:48 |
2019-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220177
|
6.5 |
MEDIUM
Network
|
webassembly
|
binaryen
|
A heap-based buffer over-read was discovered in wasm::SExpressionParser::skipWhitespace() in wasm-s-parser.cpp in Binaryen 1.38.22. A crafted wasm input can cause a segmentation fault, leading to den…
|
CWE-125
Out-of-bounds Read
|
CVE-2019-7701
|
2024-11-21 13:48 |
2019-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220178
|
6.5 |
MEDIUM
Network
|
webassembly
|
binaryen
|
A heap-based buffer over-read was discovered in wasm::WasmBinaryBuilder::visitCall in wasm-binary.cpp in Binaryen 1.38.22. A crafted wasm input can cause a segmentation fault, leading to denial-of-se…
|
CWE-125
Out-of-bounds Read
|
CVE-2019-7700
|
2024-11-21 13:48 |
2019-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220179
|
6.5 |
MEDIUM
Network
|
axiosys
|
bento4
|
A heap-based buffer over-read occurs in AP4_BitStream::WriteBytes in Codecs/Ap4BitStream.cpp in Bento4 v1.5.1-627. Remote attackers could leverage this vulnerability to cause an exception via crafted…
|
CWE-125
Out-of-bounds Read
|
CVE-2019-7699
|
2024-11-21 13:48 |
2019-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220180
|
6.5 |
MEDIUM
Network
|
axiosys
|
bento4
|
An issue was discovered in AP4_Array<AP4_CttsTableEntry>::EnsureCapacity in Core/Ap4Array.h in Bento4 1.5.1-627. Crafted MP4 input triggers an attempt at excessive memory allocation, as demonstrated …
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2019-7698
|
2024-11-21 13:48 |
2019-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
