|
222631
|
9.8 |
CRITICAL
Network
|
slice-deque_project
|
slice-deque
|
An issue was discovered in the slice-deque crate before 0.2.0 for Rust. There is memory corruption in certain allocation cases.
|
CWE-787
Out-of-bounds Write
|
CVE-2019-15543
|
2024-11-21 13:28 |
2019-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222632
|
7.5 |
HIGH
Network
|
ammonia_project
|
ammonia
|
An issue was discovered in the ammonia crate before 2.1.0 for Rust. There is uncontrolled recursion during HTML DOM tree serialization.
|
CWE-674
Uncontrolled Recursion
|
CVE-2019-15542
|
2024-11-21 13:28 |
2019-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222633
|
9.8 |
CRITICAL
Network
|
xayr
|
xenfcoresharp
|
XENFCoreSharp before 2019-07-16 allows SQL injection in web/verify.php.
|
CWE-89
SQL Injection
|
CVE-2019-15533
|
2024-11-21 13:28 |
2019-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222634
|
6.5 |
MEDIUM
Network
|
discourse
|
discourse
|
Discourse 2.3.2 sends the CSRF token in the query string.
|
CWE-352
Origin Validation Error
|
CVE-2019-15515
|
2024-11-21 13:28 |
2019-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222635
|
9.8 |
CRITICAL
Network
|
altavoz
|
prontuscms
|
cgi-cpn/xcoding/prontus_videocut.cgi in AltaVoz Prontus (aka ProntusCMS) through 12.0.3.0 has "Improper Neutralization of Special Elements used in an OS Command," allowing attackers to execute OS com…
|
CWE-78
OS Command
|
CVE-2019-15503
|
2024-11-21 13:28 |
2019-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222636
|
7.5 |
HIGH
Network
|
asn1_der_project
|
asn1_der
|
An issue was discovered in the asn1_der crate before 0.6.2 for Rust. Attackers can trigger memory exhaustion by supplying a large value in a length field.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2019-15549
|
2024-11-21 13:28 |
2019-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222637
|
7.5 |
HIGH
Network
|
memoffset_project
|
memoffset
|
An issue was discovered in the memoffset crate before 0.5.0 for Rust. offset_of and span_of can cause exposure of uninitialized memory.
|
CWE-908
Use of Uninitialized Resource
|
CVE-2019-15553
|
2024-11-21 13:28 |
2019-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222638
|
9.8 |
CRITICAL
Network
|
libflate_project
|
libflate
|
An issue was discovered in the libflate crate before 0.1.25 for Rust. MultiDecoder::read has a use-after-free, leading to arbitrary code execution.
|
CWE-416
Use After Free
|
CVE-2019-15552
|
2024-11-21 13:28 |
2019-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222639
|
9.8 |
CRITICAL
Network
|
servo
|
smallvec
|
An issue was discovered in the smallvec crate before 0.6.10 for Rust. There is a double free for certain grow attempts with the current capacity.
|
CWE-415
Double Free
|
CVE-2019-15551
|
2024-11-21 13:28 |
2019-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222640
|
7.5 |
HIGH
Network
|
simdjson_project
|
simdjson
|
An issue was discovered in the simd-json crate before 0.1.15 for Rust. There is an out-of-bounds read and an incorrect crossing of a page boundary.
|
CWE-125
Out-of-bounds Read
|
CVE-2019-15550
|
2024-11-21 13:28 |
2019-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
