|
222231
|
7.5 |
HIGH
Network
|
opensc_project
|
opensc
|
An issue was discovered in the pam_p11 component 0.2.0 and 0.3.0 for OpenSC. If a smart card creates a signature with a length longer than 256 bytes, this triggers a buffer overflow. This may be the …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2019-16058
|
2024-11-21 13:29 |
2019-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222232
|
7.5 |
HIGH
Network
|
python
fedoraproject
debian
canonical
redhat
oracle
opensuse
|
python
fedora
debian_linux
ubuntu_linux
software_collections
solaris
peoplesoft_enterprise_peopletools
communications_operations_monitor
zfs_storage_appliance_kit
leap
|
An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. …
|
NVD-CWE-noinfo
|
CVE-2019-16056
|
2024-11-21 13:29 |
2019-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222233
|
7.5 |
HIGH
Network
|
libslirp_project
qemu
|
libslirp
qemu
|
libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c.
|
CWE-416
Use After Free
|
CVE-2019-15890
|
2024-11-21 13:29 |
2019-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222234
|
9.8 |
CRITICAL
Network
|
exim
debian
|
exim
debian_linux
|
Exim before 4.92.2 allows remote attackers to execute arbitrary code as root via a trailing backslash.
|
NVD-CWE-noinfo
|
CVE-2019-15846
|
2024-11-21 13:29 |
2019-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222235
|
5.3 |
MEDIUM
Network
|
valvesoftware
|
counter-strike\
|
In Counter-Strike: Global Offensive before 8/29/2019, community game servers can display unsafe HTML in a disconnection message.
|
CWE-116
Improper Encoding or Escaping of Output
|
CVE-2019-15944
|
2024-11-21 13:29 |
2019-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222236
|
6.1 |
MEDIUM
Network
|
jetbrains
|
teamcity
|
JetBrains TeamCity 2019.1 and 2019.1.1 allows cross-site scripting (XSS), potentially making it possible to send an arbitrary HTTP request to a TeamCity server under the name of the currently logged-…
|
CWE-79
Cross-site Scripting
|
CVE-2019-15848
|
2024-11-21 13:29 |
2019-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222237
|
6.5 |
MEDIUM
Network
|
totaljs
|
total.js_cms
|
An issue was discovered in Total.js CMS 12.0.0. A low privilege user can perform a simple transformation of a cookie to obtain the random values inside it. If an attacker can discover a session cooki…
|
CWE-327
CWE-330
Use of a Broken or Risky Cryptographic Algorithm
Use of Insufficiently Random Values
|
CVE-2019-15955
|
2024-11-21 13:29 |
2019-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222238
|
8.8 |
HIGH
Network
|
totaljs
|
total.js_cms
|
An issue was discovered in Total.js CMS 12.0.0. An authenticated user with limited privileges can get access to a resource that they do not own by calling the associated API. The product correctly ma…
|
CWE-862
Missing Authorization
|
CVE-2019-15953
|
2024-11-21 13:29 |
2019-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222239
|
9.9 |
CRITICAL
Network
|
totaljs
|
total.js_cms
|
An issue was discovered in Total.js CMS 12.0.0. An authenticated user with the widgets privilege can gain achieve Remote Command Execution (RCE) on the remote server by creating a malicious widget wi…
|
CWE-862
Missing Authorization
|
CVE-2019-15954
|
2024-11-21 13:29 |
2019-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222240
|
8.8 |
HIGH
Network
|
totaljs
|
total.js_cms
|
An issue was discovered in Total.js CMS 12.0.0. An authenticated user with the Pages privilege can conduct a path traversal attack (../) to include .html files that are outside the permitted director…
|
CWE-22
Path Traversal
|
CVE-2019-15952
|
2024-11-21 13:29 |
2019-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
