|
213181
|
8.8 |
HIGH
Network
|
libsdl
debian
opensuse
fedoraproject
canonical
|
simple_directmedia_layer
debian_linux
leap
fedora
ubuntu_linux
|
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in IMA_ADPCM_decode in audio/SDL_wave.c.
|
CWE-125
Out-of-bounds Read
|
CVE-2019-7574
|
2024-11-21 13:48 |
2019-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213182
|
8.8 |
HIGH
Network
|
libsdl
debian
opensuse
fedoraproject
canonical
|
simple_directmedia_layer
debian_linux
leap
fedora
ubuntu_linux
|
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (inside the wNumCoef loop).
|
CWE-125
Out-of-bounds Read
|
CVE-2019-7573
|
2024-11-21 13:48 |
2019-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213183
|
8.8 |
HIGH
Network
|
libsdl
debian
opensuse
canonical
fedoraproject
|
simple_directmedia_layer
debian_linux
leap
ubuntu_linux
fedora
|
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c.
|
CWE-125
Out-of-bounds Read
|
CVE-2019-7572
|
2024-11-21 13:48 |
2019-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213184
|
6.5 |
MEDIUM
Network
|
pbootcms
|
pbootcms
|
A CSRF vulnerability was found in PbootCMS v1.3.6 that can delete users via an admin.php/User/del/ucode/ URI.
|
CWE-352
Origin Validation Error
|
CVE-2019-7570
|
2024-11-21 13:48 |
2019-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213185
|
8.8 |
HIGH
Network
|
wdoyo
|
doyo
|
An issue was discovered in DOYO (aka doyocms) 2.3(20140425 update). There is a CSRF vulnerability that can add a super administrator account via admin.php?c=a_adminuser&a=add&run=1.
|
CWE-352
Origin Validation Error
|
CVE-2019-7569
|
2024-11-21 13:48 |
2019-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213186
|
9.8 |
CRITICAL
Network
|
baijiacms_project
|
baijiacms
|
An issue was discovered in baijiacms V4 that can result in time-based blind SQL injection to get data via the cate parameter in an index.php?act=index request.
|
CWE-89
SQL Injection
|
CVE-2019-7568
|
2024-11-21 13:48 |
2019-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213187
|
6.1 |
MEDIUM
Network
|
bijiadao
|
waimai_super_cms
|
An issue was discovered in Waimai Super Cms 20150505. admin.php?m=Member&a=adminaddsave has XSS via the username or password parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2019-7567
|
2024-11-21 13:48 |
2019-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213188
|
8.8 |
HIGH
Network
|
cszcms
|
csz_cms
|
CSZ CMS 1.1.8 has CSRF via admin/users/new/add.
|
CWE-352
Origin Validation Error
|
CVE-2019-7566
|
2024-11-21 13:48 |
2019-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213189
|
5.5 |
MEDIUM
Local
|
boolector_project
|
boolector
|
In parser/btorsmt2.c in Boolector 3.0.0, opening a specially crafted input file leads to a use after free in get_failed_assumptions or btor_delete.
|
CWE-416
Use After Free
|
CVE-2019-7560
|
2024-11-21 13:48 |
2019-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213190
|
5.5 |
MEDIUM
Local
|
btor2tools_project
|
btor2tools
|
In btor2parser/btor2parser.c in Boolector Btor2Tools before 2019-01-15, opening a specially crafted input file leads to an out of bounds write in pusht_bfr.
|
CWE-787
Out-of-bounds Write
|
CVE-2019-7559
|
2024-11-21 13:48 |
2019-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
