|
222501
|
7.8 |
HIGH
Local
|
videolan
debian
|
vlc_media_player
debian_linux
|
The Control function of demux/mkv/mkv.cpp in VideoLAN VLC media player 3.0.7.1 has a use-after-free.
|
CWE-416
Use After Free
|
CVE-2019-14777
|
2024-11-21 13:27 |
2019-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222502
|
7.8 |
HIGH
Local
|
videolan
debian
|
vlc_media_player
debian_linux
|
A heap-based buffer over-read exists in DemuxInit() in demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1 via a crafted .mkv file.
|
CWE-125
Out-of-bounds Read
|
CVE-2019-14776
|
2024-11-21 13:27 |
2019-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222503
|
9.8 |
CRITICAL
Network
|
gitlab
|
gitlab
|
An issue was discovered in GitLab Community and Enterprise Edition 12.0 through 12.1.4. It uses Hard-coded Credentials.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2019-14943
|
2024-11-21 13:27 |
2019-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222504
|
4.7 |
MEDIUM
Local
|
comodo
|
antivirus
|
A use-after-free flaw in the sandbox container implemented in cmdguard.sys in Comodo Antivirus 12.0.0.6870 can be triggered due to a race condition when handling IRP_MJ_CLEANUP requests in the minifi…
|
CWE-362
CWE-416
Race Condition
Use After Free
|
CVE-2019-14694
|
2024-11-21 13:27 |
2019-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222505
|
6.5 |
MEDIUM
Network
|
mikrotik
|
routeros
|
MikroTik RouterOS through 6.44.5 and 6.45.x through 6.45.3 improperly handles the disk name, which allows authenticated users to delete arbitrary files. Attackers can exploit this vulnerability to re…
|
CWE-22
Path Traversal
|
CVE-2019-15055
|
2024-11-21 13:27 |
2019-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222506
|
4.3 |
MEDIUM
Network
|
atlassian
|
universal_plugin_manager
|
The Uninstall REST endpoint in Atlassian Universal Plugin Manager before version 2.22.19, from version 3.0.0 before version 3.0.3 and from version 4.0.0 before version 4.0.3 allows remote attackers t…
|
CWE-352
Origin Validation Error
|
CVE-2019-14999
|
2024-11-21 13:27 |
2019-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222507
|
8.8 |
HIGH
Network
|
tp-link
|
tl-wr840n_firmware
|
The traceroute function on the TP-Link TL-WR840N v4 router with firmware through 0.9.1 3.16 is vulnerable to remote code execution via a crafted payload in an IP address input field.
|
CWE-78
OS Command
|
CVE-2019-15060
|
2024-11-21 13:27 |
2019-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222508
|
7.5 |
HIGH
Network
|
nltk
|
nltk
|
NLTK Downloader before 3.4.5 is vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in an NLTK package (ZIP archive) that is mishandled during e…
|
CWE-22
Path Traversal
|
CVE-2019-14751
|
2024-11-21 13:27 |
2019-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222509
|
7.8 |
HIGH
Local
|
trendmicro
|
antivirus_\+_security_2019
internet_security_2019
maximum_security_2019
premium_security_2019
ransom_buster
|
A DLL hijacking vulnerability exists in the Trend Micro Security's 2019 consumer family of products (v15) Folder Shield component and the standalone Trend Micro Ransom Buster (1.0) tool in which, if …
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2019-14686
|
2024-11-21 13:27 |
2019-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222510
|
7.8 |
HIGH
Local
|
trendmicro
|
antivirus_\+_security_2019
internet_security_2019
maximum_security_2019
premium_security_2019
|
A local privilege escalation vulnerability exists in Trend Micro Security 2019 (v15.0) in which, if exploited, would allow an attacker to manipulate a specific product feature to load a malicious ser…
|
CWE-428
Unquoted Search Path or Element
|
CVE-2019-14685
|
2024-11-21 13:27 |
2019-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
