|
223441
|
9.8 |
CRITICAL
Network
|
codesys
|
control_for_empc-a\/imx6
control_for_iot2000
control_for_linux
control_for_plcnext
control_for_pfc100
control_for_pfc200
remote_target_visu_toolkit
hmi
embedded_target_visu_to…
|
CODESYS 3 web server before 3.5.15.20, as distributed with CODESYS Control runtime systems, has a Buffer Overflow.
|
CWE-120
Classic Buffer Overflow
|
CVE-2019-18858
|
2024-11-21 13:33 |
2019-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223442
|
7.3 |
HIGH
Network
|
nlnetlabs
fedoraproject
opensuse
|
unbound
fedora
leap
|
Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. This issue can only be triggered if unbound was…
|
CWE-78
OS Command
|
CVE-2019-18934
|
2024-11-21 13:33 |
2019-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223443
|
5.6 |
MEDIUM
Physics
|
symantec
|
norton_app_lock
|
Norton App Lock, prior to 1.4.0.503, may be susceptible to a bypass exploit. In this type of circumstance, the exploit can allow the user to circumvent the app to prevent it from locking other apps o…
|
NVD-CWE-noinfo
|
CVE-2019-18373
|
2024-11-21 13:33 |
2019-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223444
|
9.8 |
CRITICAL
Network
|
oniguruma_project
debian
fedoraproject
redhat
|
oniguruma
debian_linux
fedora
enterprise_linux
|
An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker…
|
CWE-125
CWE-190
Out-of-bounds Read
Integer Overflow or Wraparound
|
CVE-2019-19012
|
2024-11-21 13:33 |
2019-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223445
|
7.5 |
HIGH
Network
|
miniupnp_project
|
ngiflib
|
MiniUPnP ngiflib 0.4 has a NULL pointer dereference in GifIndexToTrueColor in ngiflib.c via a file that lacks a palette.
|
CWE-476
NULL Pointer Dereference
|
CVE-2019-19011
|
2024-11-21 13:33 |
2019-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223446
|
9.8 |
CRITICAL
Network
|
limnoria_project
fedoraproject
|
limnoria
fedora
|
Eval injection in the Math plugin of Limnoria (before 2019.11.09) and Supybot (through 2018-05-09) allows remote unprivileged attackers to disclose information or possibly have unspecified other impa…
|
CWE-94
Code Injection
|
CVE-2019-19010
|
2024-11-21 13:33 |
2019-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223447
|
7.8 |
HIGH
Local
|
symantec
|
endpoint_protection
|
Symantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software applic…
|
NVD-CWE-noinfo
|
CVE-2019-18372
|
2024-11-21 13:33 |
2019-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223448
|
5.3 |
MEDIUM
Network
|
mediawiki
|
abusefilter
|
An issue was discovered in the AbuseFilter extension through 1.34 for MediaWiki. Once a specific abuse filter has (accidentally or otherwise) been made public, its previous versions can be exposed, t…
|
CWE-200
Information Exposure
|
CVE-2019-18987
|
2024-11-21 13:33 |
2019-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223449
|
7.5 |
HIGH
Network
|
pimcore
|
pimcore
|
Pimcore before 6.2.2 allow attackers to brute-force (guess) valid usernames by using the 'forgot password' functionality as it returns distinct messages for invalid password and non-existing users.
|
CWE-307
mproper Restriction of Excessive Authentication Attempts
|
CVE-2019-18986
|
2024-11-21 13:33 |
2019-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223450
|
9.8 |
CRITICAL
Network
|
pimcore
|
pimcore
|
Pimcore before 6.2.2 lacks brute force protection for the 2FA token.
|
CWE-307
mproper Restriction of Excessive Authentication Attempts
|
CVE-2019-18985
|
2024-11-21 13:33 |
2019-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
