|
214851
|
9.8 |
CRITICAL
Network
|
putty
fedoraproject
|
putty
fedora
|
In PuTTY versions before 0.71 on Unix, a remotely triggerable buffer overflow exists in any kind of server-to-client forwarding.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2019-9895
|
2024-11-21 13:52 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214852
|
7.5 |
HIGH
Network
|
putty
fedoraproject
debian
netapp
opensuse
|
putty
fedora
debian_linux
oncommand_unified_manager
leap
|
A remotely triggerable memory overwrite in RSA key exchange in PuTTY before 0.71 can occur before host key verification.
|
CWE-320
Key Management Errors
|
CVE-2019-9894
|
2024-11-21 13:52 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214853
|
9.8 |
CRITICAL
Network
|
libseccomp_project
|
libseccomp
|
libseccomp before 2.4.0 did not correctly generate 64-bit syscall argument comparisons using the arithmetic operators (LT, GT, LE, GE), which might able to lead to bypassing seccomp filters and poten…
|
NVD-CWE-noinfo
|
CVE-2019-9893
|
2024-11-21 13:52 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214854
|
2.7 |
LOW
Network
|
vanillaforums
|
vanilla
|
In Vanilla before 2.6.4, a flaw exists within the getSingleIndex function of the AddonManager class. The issue results in a require call using a crafted type value, leading to Directory Traversal wit…
|
CWE-22
Path Traversal
|
CVE-2019-9889
|
2024-11-21 13:52 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214855
|
7.8 |
HIGH
Local
|
pdfalto_project
xpdfreader
|
pdfalto
xpdf
|
There is an invalid memory access in the function GfxIndexedColorSpace::mapColorToBase() located in GfxState.cc in Xpdf 4.0.0, as used in pdfalto 0.2. It can be triggered by (for example) sending a c…
|
CWE-125
Out-of-bounds Read
|
CVE-2019-9878
|
2024-11-21 13:52 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214856
|
7.8 |
HIGH
Local
|
xpdfreader
|
xpdf
|
There is an invalid memory access vulnerability in the function TextPage::findGaps() located at TextOutputDev.c in Xpdf 4.01, which can (for example) be triggered by sending a crafted pdf file to the…
|
CWE-125
CWE-787
Out-of-bounds Read
Out-of-bounds Write
|
CVE-2019-9877
|
2024-11-21 13:52 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214857
|
9.8 |
CRITICAL
Network
|
oembed_project
|
oembed
|
plugin.js in the w8tcha oEmbed plugin before 2019-03-14 for CKEditor mishandles SCRIPT elements.
|
CWE-19
Data Processing Errors
|
CVE-2019-9870
|
2024-11-21 13:52 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214858
|
7.2 |
HIGH
Network
|
veritas
|
netbackup_appliance
|
An issue was discovered in the Web Console in Veritas NetBackup Appliance through 3.1.2. The SMTP password is displayed to an administrator.
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2019-9868
|
2024-11-21 13:52 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214859
|
7.2 |
HIGH
Network
|
veritas
|
netbackup_appliance
|
An issue was discovered in the Web Console in Veritas NetBackup Appliance through 3.1.2. The proxy server password is displayed to an administrator.
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2019-9867
|
2024-11-21 13:52 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214860
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel through 5.0.2, the function inotify_update_existing_watch() in fs/notify/inotify/inotify_user.c neglects to call fsnotify_put_mark() with IN_MASK_CREATE after fsnotify_find_mark()…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2019-9857
|
2024-11-21 13:52 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
