|
218741
|
8.8 |
HIGH
Network
|
usualtool
|
usualtoolcms
|
An issue was discovered in UsualToolCMS 8.0. cmsadmin/a_sqlbackx.php?t=sql allows CSRF attacks that can execute SQL statements, and consequently execute arbitrary PHP code by writing that code into a…
|
CWE-352
Origin Validation Error
|
CVE-2019-6244
|
2024-11-21 13:46 |
2019-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218742
|
6.1 |
MEDIUM
Network
|
frog_cms_project
|
frog_cms
|
Frog CMS 0.9.5 allows XSS via the forgot password page (aka the /admin/?/login/forgot URI).
|
CWE-79
Cross-site Scripting
|
CVE-2019-6243
|
2024-11-21 13:46 |
2019-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218743
|
7.5 |
HIGH
Network
|
mz-automation
|
libiec61850
|
An issue has been found in libIEC61850 v1.3.1. Memory_malloc and Memory_calloc in hal/memory/lib_memory.c have memory leaks when called from mms/iso_mms/common/mms_value.c, server/mms_mapping/mms_map…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2019-6138
|
2024-11-21 13:46 |
2019-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218744
|
7.5 |
HIGH
Network
|
mz-automation
|
lib60870
|
An issue was discovered in lib60870 2.1.1. LinkLayer_setAddress in link_layer/link_layer.c has a NULL pointer dereference.
|
CWE-476
NULL Pointer Dereference
|
CVE-2019-6137
|
2024-11-21 13:46 |
2019-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218745
|
7.5 |
HIGH
Network
|
mz-automation
|
libiec61850
|
An issue has been found in libIEC61850 v1.3.1. Ethernet_setProtocolFilter in hal/ethernet/linux/ethernet_linux.c has a SEGV, as demonstrated by sv_subscriber_example.c and sv_subscriber.c.
|
NVD-CWE-noinfo
|
CVE-2019-6136
|
2024-11-21 13:46 |
2019-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218746
|
7.5 |
HIGH
Network
|
mz-automation
|
libiec61850
|
An issue has been found in libIEC61850 v1.3.1. Memory_malloc in hal/memory/lib_memory.c has a memory leak when called from Asn1PrimitiveValue_create in mms/asn1/asn1_ber_primitive_value.c, as demonst…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2019-6135
|
2024-11-21 13:46 |
2019-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218747
|
7.5 |
HIGH
Network
|
axiosys
|
bento4
|
An issue was discovered in Bento4 v1.5.1-627. There is a memory leak in AP4_DescriptorFactory::CreateDescriptorFromStream in Core/Ap4DescriptorFactory.cpp when called from the AP4_EsdsAtom class in C…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2019-6132
|
2024-11-21 13:46 |
2019-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218748
|
5.5 |
MEDIUM
Local
|
artifex
|
mupdf
|
svg-run.c in Artifex MuPDF 1.14.0 has infinite recursion with stack consumption in svg_run_use_symbol, svg_run_element, and svg_run_use, as demonstrated by mutool.
|
CWE-674
Uncontrolled Recursion
|
CVE-2019-6131
|
2024-11-21 13:46 |
2019-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218749
|
9.8 |
CRITICAL
Network
|
live555
debian
|
live555_media_server
debian_linux
|
A Denial of Service issue was discovered in the LIVE555 Streaming Media libraries as used in Live555 Media Server 0.93. It can cause an RTSPServer crash in handleHTTPCmd_TunnelingPOST, when RTSP-over…
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2019-6256
|
2024-11-21 13:46 |
2019-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218750
|
8.8 |
HIGH
Network
|
zeromq
debian
|
libzmq
debian_linux
|
A pointer overflow, with code execution, was discovered in ZeroMQ libzmq (aka 0MQ) 4.2.x and 4.3.x before 4.3.1. A v2_decoder.cpp zmq::v2_decoder_t::size_ready integer overflow allows an authenticate…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2019-6250
|
2024-11-21 13:46 |
2019-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
