|
225601
|
9.8 |
CRITICAL
Network
|
wp-pdf
|
pdf_embedder
|
The Lever PDF Embedder plugin 4.4 for WordPress does not block the distribution of polyglot PDF documents that are valid JAR archives. Note: It has been argued that "The vulnerability reported in PDF…
|
CWE-436
Interpretation Conflict
|
CVE-2019-19589
|
2024-11-21 13:35 |
2019-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225602
|
7.5 |
HIGH
Network
|
validators_project
|
validators
|
The validators package 0.12.2 through 0.12.5 for Python enters an infinite loop when validators.domain is called with a crafted domain string. This is fixed in 0.12.6.
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2019-19588
|
2024-11-21 13:35 |
2019-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225603
|
6.1 |
MEDIUM
Network
|
wso2
|
enterprise_integrator
|
In WSO2 Enterprise Integrator 6.5.0, reflected XSS occurs when updating the message processor configuration from the source view in the Management Console.
|
CWE-79
Cross-site Scripting
|
CVE-2019-19587
|
2024-11-21 13:35 |
2019-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225604
|
5.4 |
MEDIUM
Network
|
microsoft
|
sharepoint_enterprise_server
|
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office S…
|
CWE-79
Cross-site Scripting
|
CVE-2019-1070
|
2024-11-21 13:35 |
2019-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225605
|
8.8 |
HIGH
Network
|
microsoft
|
windows_server_2012
windows_10
windows_8.1
windows_server_2016
windows_rt_8.1
windows_server_2019
|
A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka 'MS XML Remote Code Execution Vulnerability'.
|
CWE-611
XXE
|
CVE-2019-1060
|
2024-11-21 13:35 |
2019-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225606
|
5.5 |
MEDIUM
Local
|
microsoft
|
windows_server_2008
windows_server_2012
windows_10
windows_8.1
windows_server_2016
windows_7
windows_rt_8.1
windows_server_2019
|
An information disclosure vulnerability exists when the Windows Graphics component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain informa…
|
CWE-200
Information Exposure
|
CVE-2019-1078
|
2024-11-21 13:35 |
2019-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225607
|
7.5 |
HIGH
Network
|
microsoft
|
windows_server_2008
windows_server_2012
windows_10
windows_8.1
windows_server_2016
windows_7
windows_rt_8.1
windows_server_2019
|
A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input. An attacker who successfully exploited the vulnerability could run malicious code …
|
CWE-611
XXE
|
CVE-2019-1057
|
2024-11-21 13:35 |
2019-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225608
|
4.3 |
MEDIUM
Network
|
microsoft
|
edge
|
An information disclosure vulnerability exists when Microsoft Edge based on Edge HTML improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain infor…
|
CWE-200
Information Exposure
|
CVE-2019-1030
|
2024-11-21 13:35 |
2019-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225609
|
7.5 |
HIGH
Network
|
microsoft
|
chakracore
edge
|
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. Th…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-1092
|
2024-11-21 13:35 |
2019-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225610
|
5.5 |
MEDIUM
Local
|
microsoft
|
windows_10
windows_server_2016
windows_server_2019
|
An information disclosure vulnerability exists when Unistore.dll fails to properly handle objects in memory, aka 'Microsoft unistore.dll Information Disclosure Vulnerability'.
|
CWE-200
Information Exposure
|
CVE-2019-1091
|
2024-11-21 13:35 |
2019-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
