|
224661
|
9.8 |
CRITICAL
Network
|
ffmpeg
debian
canonical
|
ffmpeg
debian_linux
ubuntu_linux
|
In FFmpeg before 4.2, avcodec_open2 in libavcodec/utils.c allows a NULL pointer dereference and possibly unspecified other impact when there is no valid close function pointer.
|
CWE-476
NULL Pointer Dereference
|
CVE-2019-17539
|
2024-11-21 13:32 |
2019-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224662
|
8.8 |
HIGH
Network
|
centreon
|
centreon
|
Centreon 19.04 allows attackers to execute arbitrary OS commands via the Command Line field of main.php?p=60807&type=4 (aka the Configuration > Commands > Discovery screen). CVE-2019-17501 and CVE-20…
|
CWE-78
OS Command
|
CVE-2019-17501
|
2024-11-21 13:32 |
2019-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224663
|
7.5 |
HIGH
Network
|
jnoj
|
jiangnan_online_judge
|
Jiangnan Online Judge (aka jnoj) 0.8.0 has Directory Traversal for file reading via the web/polygon/problem/viewfile?id=1&name=../ substring.
|
CWE-22
Path Traversal
|
CVE-2019-17538
|
2024-11-21 13:32 |
2019-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224664
|
7.5 |
HIGH
Network
|
jnoj
|
jiangnan_online_judge
|
Jiangnan Online Judge (aka jnoj) 0.8.0 has Directory Traversal for file deletion via the web/polygon/problem/deletefile?id=1&name=../ substring.
|
CWE-22
Path Traversal
|
CVE-2019-17537
|
2024-11-21 13:32 |
2019-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224665
|
4.9 |
MEDIUM
Network
|
gilacms
|
gila_cms
|
Gila CMS through 1.11.4 allows Unrestricted Upload of a File with a Dangerous Type via the moveAction function in core/controllers/fm.php. The attacker needs to use admin/media_upload and fm/move.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2019-17536
|
2024-11-21 13:32 |
2019-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224666
|
6.1 |
MEDIUM
Network
|
gilacms
|
gila_cms
|
Gila CMS through 1.11.4 allows blog-list.php XSS, in both the gila-blog and gila-mag themes, via the search parameter, a related issue to CVE-2019-9647.
|
CWE-79
Cross-site Scripting
|
CVE-2019-17535
|
2024-11-21 13:32 |
2019-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224667
|
8.8 |
HIGH
Network
|
libvips
|
libvips
|
vips_foreign_load_gif_scan_image in foreign/gifload.c in libvips before 8.8.2 tries to access a color map before a DGifGetImageDesc call, leading to a use-after-free.
|
CWE-416
Use After Free
|
CVE-2019-17534
|
2024-11-21 13:32 |
2019-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224668
|
8.2 |
HIGH
Network
|
matio_project
debian
|
matio
debian_linux
|
Mat_VarReadNextInfo4 in mat4.c in MATIO 1.5.17 omits a certain '\0' character, leading to a heap-based buffer over-read in strdup_vprintf when uninitialized memory is accessed.
|
CWE-125
CWE-908
Out-of-bounds Read
Use of Uninitialized Resource
|
CVE-2019-17533
|
2024-11-21 13:32 |
2019-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224669
|
7.5 |
HIGH
Network
|
belkin
|
wemo_switch_28b_firmware
|
An issue was discovered on Belkin Wemo Switch 28B WW_2.00.11057.PVT-OWRT-SNS devices. They allow remote attackers to cause a denial of service (persistent rules-processing outage) via a crafted ruleD…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2019-17532
|
2024-11-21 13:32 |
2019-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224670
|
7.8 |
HIGH
Local
|
axiosys
|
bento4
|
An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in AP4_PrintInspector::AddField in Core/Ap4Atom.cpp when called from AP4_CencSampleEncryption::DoInspectFields in Cor…
|
CWE-125
Out-of-bounds Read
|
CVE-2019-17530
|
2024-11-21 13:32 |
2019-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
