|
219731
|
4.8 |
MEDIUM
Network
|
croogo
|
croogo
|
A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker to execute HTML or JavaScript code in a vulnerable Title field to /admin/menus/menus/edit/3.
|
CWE-79
Cross-site Scripting
|
CVE-2019-7169
|
2024-11-21 13:47 |
2019-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219732
|
4.8 |
MEDIUM
Network
|
croogo
|
croogo
|
A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker to execute HTML or JavaScript code in a vulnerable Blog field to /admin/nodes/nodes/add/blog.
|
CWE-79
Cross-site Scripting
|
CVE-2019-7168
|
2024-11-21 13:47 |
2019-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219733
|
9.8 |
CRITICAL
Network
|
idreamsoft
|
icms
|
idreamsoft iCMS 7.0.13 allows admincp.php?app=files ../ Directory Traversal via the udir parameter to files.admincp.php, resulting in execution of arbitrary PHP code from a ZIP file via the admincp.p…
|
CWE-22
Path Traversal
|
CVE-2019-7160
|
2024-11-21 13:47 |
2019-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219734
|
6.5 |
MEDIUM
Network
|
libdoc_project
|
libdoc
|
In libdoc through 2019-01-28, calcFileBlockOffset in ole.c allows division by zero.
|
CWE-369
Divide By Zero
|
CVE-2019-7156
|
2024-11-21 13:47 |
2019-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219735
|
6.5 |
MEDIUM
Network
|
webassembly
|
binaryen
|
The main function in tools/wasm2js.cpp in Binaryen 1.38.22 has a heap-based buffer overflow because Emscripten is misused, triggering an error in cashew::JSPrinter::printAst() in emscripten-optimizer…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-7154
|
2024-11-21 13:47 |
2019-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219736
|
6.5 |
MEDIUM
Network
|
webassembly
|
binaryen
|
A NULL pointer dereference was discovered in wasm::WasmBinaryBuilder::processFunctions() in wasm/wasm-binary.cpp (when calling wasm::WasmBinaryBuilder::getFunctionIndexName) in Binaryen 1.38.22. A cr…
|
CWE-476
NULL Pointer Dereference
|
CVE-2019-7153
|
2024-11-21 13:47 |
2019-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219737
|
6.5 |
MEDIUM
Network
|
webassembly
|
binaryen
|
A heap-based buffer over-read was discovered in wasm::WasmBinaryBuilder::processFunctions() in wasm/wasm-binary.cpp (when calling wasm::WasmBinaryBuilder::getFunctionIndexName) in Binaryen 1.38.22. A…
|
CWE-125
Out-of-bounds Read
|
CVE-2019-7152
|
2024-11-21 13:47 |
2019-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219738
|
6.5 |
MEDIUM
Network
|
webassembly
|
binaryen
|
A NULL pointer dereference was discovered in wasm::Module::getFunctionOrNull in wasm/wasm.cpp in Binaryen 1.38.22. A crafted input can cause segmentation faults, leading to denial-of-service, as demo…
|
CWE-476
NULL Pointer Dereference
|
CVE-2019-7151
|
2024-11-21 13:47 |
2019-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219739
|
6.5 |
MEDIUM
Network
|
elfutils_project
debian
|
elfutils
debian_linux
|
A heap-based buffer over-read was discovered in the function read_srclines in dwarf_getsrclines.c in libdw in elfutils 0.175. A crafted input can cause segmentation faults, leading to denial-of-servi…
|
CWE-125
Out-of-bounds Read
|
CVE-2019-7149
|
2024-11-21 13:47 |
2019-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219740
|
5.5 |
MEDIUM
Local
|
nasm
|
netwide_assembler
|
A buffer over-read exists in the function crc64ib in crc64.c in nasmlib in Netwide Assembler (NASM) 2.14rc16. A crafted asm input can cause segmentation faults, leading to denial-of-service.
|
CWE-125
Out-of-bounds Read
|
CVE-2019-7147
|
2024-11-21 13:47 |
2019-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
