|
223861
|
5.5 |
MEDIUM
Local
|
opensc_project
debian
fedoraproject
|
opensc
debian_linux
fedora
|
An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/card-setcos.c has an incorrect read operation during parsing of a SETCOS file attribute.
|
CWE-125
Out-of-bounds Read
|
CVE-2019-19479
|
2024-11-21 13:34 |
2019-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223862
|
8.8 |
HIGH
Network
|
zmanda
|
amanda
|
In Zmanda Management Console 3.3.9, ZMC_Admin_Advanced?form=adminTasks&action=Apply&command= allows CSRF, as demonstrated by command injection with shell metacharacters. This may depend on weak defau…
|
CWE-352
CWE-78
Origin Validation Error
OS Command
|
CVE-2019-19469
|
2024-11-21 13:34 |
2019-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223863
|
4.9 |
MEDIUM
Network
|
proftpd
fedoraproject
debian
|
proftpd
fedora
debian_linux
|
An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. A dereference of a NULL pointer may occur. This pointer is returned by the OpenSSL sk_X509_REVOKED_value() function when encounter…
|
CWE-476
NULL Pointer Dereference
|
CVE-2019-19269
|
2024-11-21 13:34 |
2019-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223864
|
7.8 |
HIGH
Local
|
10-strike
|
free_photo_viewer
|
Free Photo Viewer 1.3 allows remote attackers to execute arbitrary code via a crafted BMP and/or TIFF file that triggers a malformed SEH, as demonstrated by a 0012ECB4 FreePhot.00425642 42200008 corr…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2019-19468
|
2024-11-21 13:34 |
2019-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223865
|
5.3 |
MEDIUM
Network
|
cbc
|
gem
|
The CBC Gem application before 9.24.1 for Android and before 9.26.0 for iOS has Unencrypted Analytics.
|
CWE-311
Missing Encryption of Sensitive Data
|
CVE-2019-19464
|
2024-11-21 13:34 |
2019-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223866
|
5.3 |
MEDIUM
Network
|
huami
|
mi_fit
|
The Anhui Huami Mi Fit application before 4.0.11 for Android has an Unencrypted Update Check.
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2019-19463
|
2024-11-21 13:34 |
2019-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223867
|
5.5 |
MEDIUM
Local
|
linux
netapp
canonical
opensuse
debian
|
linux_kernel
active_iq_unified_manager
solidfire
hci_management_node
hci_storage_node
hci_compute_node
ubuntu_linux
leap
debian_linux
|
relay_open in kernel/relay.c in the Linux kernel through 5.4.1 allows local users to cause a denial of service (such as relay blockage) by triggering a NULL alloc_percpu result.
|
CWE-476
NULL Pointer Dereference
|
CVE-2019-19462
|
2024-11-21 13:34 |
2019-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223868
|
5.5 |
MEDIUM
Local
|
gnome
fedoraproject
opensuse
|
dia
fedora
leap
|
When GNOME Dia before 2019-11-27 is launched with a filename argument that is not a valid codepoint in the current encoding, it enters an endless loop, thus endlessly writing text to stdout. If this …
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2019-19451
|
2024-11-21 13:34 |
2019-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223869
|
7.5 |
HIGH
Network
|
omniosce
|
omnios
|
illumos, as used in OmniOS Community Edition before r151030y, allows a kernel crash via an application with multiple threads calling sendmsg concurrently over a single socket, because uts/common/inet…
|
CWE-20
Improper Input Validation
|
CVE-2019-19396
|
2024-11-21 13:34 |
2019-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223870
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image can lead to slab-out-of-bounds write access in index_rbio_pages in fs/btrfs/raid56.c.
|
CWE-787
Out-of-bounds Write
|
CVE-2019-19378
|
2024-11-21 13:34 |
2019-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
