|
220891
|
9.8 |
CRITICAL
Network
|
zoneminder
|
zoneminder
|
A classic Stack-based buffer overflow exists in the zmLoadUser() function in zm_user.cpp of the zmu binary in ZoneMinder through 1.32.3, allowing an unauthenticated attacker to execute code via a lon…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-6991
|
2024-11-21 13:47 |
2019-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220892
|
5.4 |
MEDIUM
Network
|
zoneminder
|
zoneminder
|
A stored-self XSS exists in web/skins/classic/views/zones.php of ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in a vulnerable field via a crafted Zone NAME to th…
|
CWE-79
Cross-site Scripting
|
CVE-2019-6990
|
2024-11-21 13:47 |
2019-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220893
|
6.5 |
MEDIUM
Network
|
uclouvain
|
openjpeg
|
An issue was discovered in OpenJPEG 2.3.0. It allows remote attackers to cause a denial of service (attempted excessive memory allocation) in opj_calloc in openjp2/opj_malloc.c, when called from opj_…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2019-6988
|
2024-11-21 13:47 |
2019-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220894
|
7.5 |
HIGH
Network
|
duraspace
|
vitro
|
SPARQL Injection in VIVO Vitro v1.10.0 allows a remote attacker to execute arbitrary SPARQL via the uri parameter, leading to a regular expression denial of service (ReDoS), as demonstrated by crafte…
|
CWE-77
CWE-400
Command Injection
Uncontrolled Resource Consumption
|
CVE-2019-6986
|
2024-11-21 13:47 |
2019-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220895
|
8.8 |
HIGH
Network
|
foxitsoftware
|
3d
|
An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for Foxit Reader and PhantomPDF. The application could encounter an Out-of-Bounds Read in Indexing or a Heap Overflow and crash duri…
|
CWE-125
Out-of-bounds Read
|
CVE-2019-6985
|
2024-11-21 13:47 |
2019-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220896
|
6.5 |
MEDIUM
Network
|
foxitsoftware
|
3d
|
An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for Foxit Reader and PhantomPDF. The application could encounter a Use-After-Free or Type Confusion and crash during handling of cer…
|
CWE-416
CWE-843
Use After Free
Type Confusion
|
CVE-2019-6984
|
2024-11-21 13:47 |
2019-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220897
|
6.5 |
MEDIUM
Network
|
foxitsoftware
|
3d
|
An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for Foxit Reader and PhantomPDF. The application could encounter an Integer Overflow and crash during the handling of certain PDF fi…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2019-6983
|
2024-11-21 13:47 |
2019-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220898
|
5.5 |
MEDIUM
Local
|
foxitsoftware
|
3d
|
An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for Foxit Reader and PhantomPDF. The application could encounter an Out-of-Bounds Write and crash during the handling of certain PDF…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-6982
|
2024-11-21 13:47 |
2019-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220899
|
6.1 |
MEDIUM
Network
|
ip_history_logs_project
|
ip_history_logs
|
An issue was discovered in the User IP History Logs (aka IP_History_Logs) plugin 1.0.2 for MyBB. There is XSS via the admin/modules/tools/ip_history_logs.php useragent field.
|
CWE-79
Cross-site Scripting
|
CVE-2019-6979
|
2024-11-21 13:47 |
2019-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220900
|
9.8 |
CRITICAL
Network
|
libgd
debian
canonical
|
libgd
debian_linux
ubuntu_linux
|
The GD Graphics Library (aka LibGD) 2.2.5 has a double free in the gdImage*Ptr() functions in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c. NOTE: PHP is unaffected.
|
CWE-415
Double Free
|
CVE-2019-6978
|
2024-11-21 13:47 |
2019-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
