|
223481
|
9.8 |
CRITICAL
Network
|
deltaww
|
devicenet_builder
|
Delta Electronics DeviceNet Builder 2.04 has a User Mode Write AV starting at image00400000+0x000000000017a45e.
|
CWE-787
Out-of-bounds Write
|
CVE-2019-12898
|
2024-11-21 13:23 |
2019-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223482
|
7.5 |
HIGH
Network
|
edrawsoft
|
edraw_max
|
Edraw Max 7.9.3 has a Read Access Violation at the Instruction Pointer after a call from ObjectModule!Paint::Clear+0x0000000000000074.
|
CWE-125
Out-of-bounds Read
|
CVE-2019-12897
|
2024-11-21 13:23 |
2019-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223483
|
7.5 |
HIGH
Network
|
edrawsoft
|
edraw_max
|
Edraw Max 7.9.3 has Heap Corruption starting at ntdll!RtlpNtMakeTemporaryKey+0x0000000000001a77.
|
CWE-787
Out-of-bounds Write
|
CVE-2019-12896
|
2024-11-21 13:23 |
2019-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223484
|
7.5 |
HIGH
Network
|
alternate-tools
|
alternate_pic_view
|
In Alternate Pic View 2.600, the Exception Handler Chain is Corrupted starting at PicViewer!PerfgrapFinalize+0x00000000000b916d.
|
CWE-787
Out-of-bounds Write
|
CVE-2019-12895
|
2024-11-21 13:23 |
2019-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223485
|
7.5 |
HIGH
Network
|
alternate-tools
|
alternate_pic_view
|
Alternate Pic View 2.600 has a Read Access Violation at the Instruction Pointer after a call from PicViewer!PerfgrapFinalize+0x00000000000a9a1b.
|
CWE-125
Out-of-bounds Read
|
CVE-2019-12894
|
2024-11-21 13:23 |
2019-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223486
|
7.5 |
HIGH
Network
|
alternate-tools
|
alternate_pic_view
|
Alternate Pic View 2.600 has a User Mode Write AV starting at PicViewer!PerfgrapFinalize+0x00000000000a8868.
|
CWE-787
Out-of-bounds Write
|
CVE-2019-12893
|
2024-11-21 13:23 |
2019-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223487
|
9.8 |
CRITICAL
Network
|
redwoodhq
|
redwoodhq
|
RedwoodHQ 2.5.5 does not require any authentication for database operations, which allows remote attackers to create admin users via a con.automationframework users insert_one call.
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2019-12890
|
2024-11-21 13:23 |
2019-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223488
|
5.9 |
MEDIUM
Network
|
fasterxml
debian
|
jackson-databind
debian_linux
|
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x through 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON e…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2019-12814
|
2024-11-21 13:23 |
2019-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223489
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
i915_gem_userptr_get_pages in drivers/gpu/drm/i915/i915_gem_userptr.c in the Linux kernel 4.15.0 on Ubuntu 18.04.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) o…
|
CWE-476
NULL Pointer Dereference
|
CVE-2019-12881
|
2024-11-21 13:23 |
2019-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223490
|
6.1 |
MEDIUM
Network
|
evernote
|
web_clipper
|
A universal Cross-site scripting (UXSS) vulnerability in the Evernote Web Clipper extension before 7.11.1 for Chrome allows remote attackers to run arbitrary web script or HTML in the context of any …
|
CWE-79
Cross-site Scripting
|
CVE-2019-12592
|
2024-11-21 13:23 |
2019-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
