|
222051
|
6.5 |
MEDIUM
Network
|
axiosys
|
bento4
|
Bento4 1.5.1.0 has a NULL pointer dereference in AP4_Descriptor::GetTag in Core/Ap4Descriptor.h, related to AP4_StsdAtom::GetSampleDescription in Core/Ap4StsdAtom.cpp, as demonstrated by mp4info.
|
CWE-476
NULL Pointer Dereference
|
CVE-2019-17454
|
2024-11-21 13:32 |
2019-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222052
|
6.5 |
MEDIUM
Network
|
axiosys
|
bento4
|
Bento4 1.5.1.0 has a NULL pointer dereference in AP4_DescriptorListWriter::Action in Core/Ap4Descriptor.h, related to AP4_IodsAtom::WriteFields in Core/Ap4IodsAtom.cpp, as demonstrated by mp4encrypt …
|
CWE-476
NULL Pointer Dereference
|
CVE-2019-17453
|
2024-11-21 13:32 |
2019-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222053
|
6.5 |
MEDIUM
Network
|
axiosys
|
bento4
|
Bento4 1.5.1.0 has a NULL pointer dereference in AP4_DescriptorListInspector::Action in Core/Ap4Descriptor.h, related to AP4_IodsAtom::InspectFields in Core/Ap4IodsAtom.cpp, as demonstrated by mp4dum…
|
CWE-476
NULL Pointer Dereference
|
CVE-2019-17452
|
2024-11-21 13:32 |
2019-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222054
|
6.5 |
MEDIUM
Network
|
gnu
opensuse
canonical
|
binutils
leap
ubuntu_linux
|
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in …
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2019-17451
|
2024-11-21 13:32 |
2019-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222055
|
6.5 |
MEDIUM
Network
|
gnu
opensuse
canonical
|
binutils
leap
ubuntu_linux
|
find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32, allows remote attackers to cause a denial of service (infinite recurs…
|
CWE-674
Uncontrolled Recursion
|
CVE-2019-17450
|
2024-11-21 13:32 |
2019-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222056
|
6.7 |
MEDIUM
Local
|
avira
|
software_updater
|
Avira Software Updater before 2.0.6.21094 allows a DLL side-loading attack. NOTE: The vendor thinks that this vulnerability is invalid because exploiting it would require at least administrator privi…
|
CWE-426
Untrusted Search Path
|
CVE-2019-17449
|
2024-11-21 13:32 |
2019-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222057
|
9.8 |
CRITICAL
Network
|
netsarang
|
xftp
|
NetSarang XFTP Client 6.0149 and earlier version contains a buffer overflow vulnerability caused by improper boundary checks when copying file name from an attacker controlled FTP server. That leads …
|
CWE-120
Classic Buffer Overflow
|
CVE-2019-17320
|
2024-11-21 13:32 |
2019-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222058
|
5.4 |
MEDIUM
Network
|
lavalite
|
lavalite
|
LavaLite through 5.7 has XSS via a crafted account name that is mishandled on the Manage Clients screen.
|
CWE-79
Cross-site Scripting
|
CVE-2019-17434
|
2024-11-21 13:32 |
2019-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222059
|
4.8 |
MEDIUM
Network
|
laravel-admin
|
laravel-admin
|
z-song laravel-admin 1.7.3 has XSS via the Slug or Name on the Roles screen, because of mishandling on the "Operation log" screen.
|
CWE-79
Cross-site Scripting
|
CVE-2019-17433
|
2024-11-21 13:32 |
2019-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222060
|
6.5 |
MEDIUM
Network
|
fastadmin
|
fastadmin
|
An issue was discovered in fastadmin 1.0.0.20190705_beta. There is a public/admin/general.config/edit CSRF vulnerability, as demonstrated by resultant XSS via the row[name] parameter.
|
CWE-352
CWE-79
Origin Validation Error
Cross-site Scripting
|
CVE-2019-17432
|
2024-11-21 13:32 |
2019-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
