|
221601
|
7.5 |
HIGH
Network
|
al-enterprise
|
omnivista_4760
omnivista_8770
|
An issue was discovered on Alcatel-Lucent OmniVista 4760 devices, and 8770 devices before 4.1.2. An incorrect web server configuration allows a remote unauthenticated attacker to retrieve the content…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2019-20047
|
2024-11-21 13:37 |
2019-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221602
|
4.3 |
MEDIUM
Network
|
wordpress
debian
|
wordpress
debian_linux
|
In in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php in WordPress 3.7 to 5.3.0, authenticated users who do not have the rights to publish a post are able to mark posts as sticky or…
|
CWE-269
Improper Privilege Management
|
CVE-2019-20043
|
2024-11-21 13:37 |
2019-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221603
|
6.1 |
MEDIUM
Network
|
wordpress
debian
|
wordpress
debian_linux
|
In wp-includes/formatting.php in WordPress 3.7 to 5.3.0, the function wp_targeted_link_rel() can be used in a particular way to result in a stored cross-site scripting (XSS) vulnerability. This has b…
|
CWE-79
Cross-site Scripting
|
CVE-2019-20042
|
2024-11-21 13:37 |
2019-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221604
|
9.8 |
CRITICAL
Network
|
wordpress
debian
|
wordpress
debian_linux
|
wp_kses_bad_protocol in wp-includes/kses.php in WordPress before 5.3.1 mishandles the HTML5 colon named entity, allowing attackers to bypass input sanitization, as demonstrated by the javascript&colo…
|
CWE-20
Improper Input Validation
|
CVE-2019-20041
|
2024-11-21 13:37 |
2019-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221605
|
5.5 |
MEDIUM
Local
|
upx_project
fedoraproject
|
upx
fedora
|
A heap-based buffer over-read was discovered in canUnpack in p_mach.cpp in UPX 3.95 via a crafted Mach-O file.
|
CWE-125
Out-of-bounds Read
|
CVE-2019-20021
|
2024-11-21 13:37 |
2019-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221606
|
6.5 |
MEDIUM
Network
|
matio_project
|
matio
|
A stack-based buffer over-read was discovered in ReadNextStructField in mat5.c in matio 1.5.17.
|
CWE-125
Out-of-bounds Read
|
CVE-2019-20020
|
2024-11-21 13:37 |
2019-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221607
|
6.5 |
MEDIUM
Network
|
matio_project
|
matio
|
An attempted excessive memory allocation was discovered in Mat_VarRead5 in mat5.c in matio 1.5.17.
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2019-20019
|
2024-11-21 13:37 |
2019-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221608
|
6.5 |
MEDIUM
Network
|
matio_project
|
matio
|
A stack-based buffer over-read was discovered in ReadNextCell in mat5.c in matio 1.5.17.
|
CWE-125
Out-of-bounds Read
|
CVE-2019-20018
|
2024-11-21 13:37 |
2019-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221609
|
6.5 |
MEDIUM
Network
|
matio_project
|
matio
|
A stack-based buffer over-read was discovered in Mat_VarReadNextInfo5 in mat5.c in matio 1.5.17.
|
CWE-125
Out-of-bounds Read
|
CVE-2019-20017
|
2024-11-21 13:37 |
2019-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221610
|
6.5 |
MEDIUM
Network
|
symonics
|
libmysofa
|
libmysofa before 2019-11-24 does not properly restrict recursive function calls, as demonstrated by reports of stack consumption in readOHDRHeaderMessageDatatype in dataobject.c and directblockRead i…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-20016
|
2024-11-21 13:37 |
2019-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
