|
224271
|
6.5 |
MEDIUM
Network
|
exiv2
fedoraproject
|
exiv2
fedora
|
An integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (SIGSEGV) via a crafted PNG image file, because PngImage::readMetadata mishandles a chunkLength - iccOffset…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2019-13109
|
2024-11-21 13:24 |
2019-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224272
|
6.5 |
MEDIUM
Network
|
exiv2
fedoraproject
|
exiv2
fedora
|
An integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (SIGSEGV) via a crafted PNG image file, because PngImage::readMetadata mishandles a zero value for iccOffse…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2019-13108
|
2024-11-21 13:24 |
2019-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224273
|
9.8 |
CRITICAL
Network
|
matio_project
fedoraproject
|
matio
fedora
|
Multiple integer overflows exist in MATIO before 1.5.16, related to mat.c, mat4.c, mat5.c, mat73.c, and matvar_struct.c
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2019-13107
|
2024-11-21 13:24 |
2019-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224274
|
9.8 |
CRITICAL
Network
|
cszcms
|
csz_cms
|
core/MY_Security.php in CSZ CMS 1.2.2 before 2019-06-20 has member/login/check SQL injection by sending a crafted HTTP User-Agent header and omitting the csrf_csz parameter.
|
CWE-89
SQL Injection
|
CVE-2019-13086
|
2024-11-21 13:24 |
2019-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224275
|
7.8 |
HIGH
Local
|
xnview
|
xnview
|
XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x000000000030ecfa.
|
CWE-787
Out-of-bounds Write
|
CVE-2019-13085
|
2024-11-21 13:24 |
2019-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224276
|
7.8 |
HIGH
Local
|
xnview
|
xnview
|
XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x000000000026b739.
|
CWE-787
Out-of-bounds Write
|
CVE-2019-13084
|
2024-11-21 13:24 |
2019-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224277
|
7.8 |
HIGH
Local
|
xnview
|
xnview
|
XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000000000384e2a.
|
CWE-787
Out-of-bounds Write
|
CVE-2019-13083
|
2024-11-21 13:24 |
2019-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224278
|
9.8 |
CRITICAL
Network
|
chamilo
|
chamilo_lms
|
Chamilo LMS 1.11.8 and 2.x allows remote code execution through an lp_upload.php unauthenticated file upload feature. It extracts a ZIP archive before checking its content, and once it has been extra…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2019-13082
|
2024-11-21 13:24 |
2019-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224279
|
5.3 |
MEDIUM
Network
|
torproject
|
tor_browser
|
Tor Browser through 8.5.3 has an information exposure vulnerability. It allows remote attackers to detect the browser's language via vectors involving an IFRAME element, because text in that language…
|
CWE-200
Information Exposure
|
CVE-2019-13075
|
2024-11-21 13:24 |
2019-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224280
|
5.4 |
MEDIUM
Network
|
zoneminder
|
zoneminder
|
Stored XSS in the Filters page (Name field) in ZoneMinder 1.32.3 allows a malicious user to embed and execute JavaScript code in the browser of any user who navigates to this page.
|
CWE-79
Cross-site Scripting
|
CVE-2019-13072
|
2024-11-21 13:24 |
2019-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
