|
219751
|
6.5 |
MEDIUM
Network
|
foxitsoftware
|
3d
|
An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for Foxit Reader and PhantomPDF. The application could encounter an Integer Overflow and crash during the handling of certain PDF fi…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2019-6983
|
2024-11-21 13:47 |
2019-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219752
|
5.5 |
MEDIUM
Local
|
foxitsoftware
|
3d
|
An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for Foxit Reader and PhantomPDF. The application could encounter an Out-of-Bounds Write and crash during the handling of certain PDF…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-6982
|
2024-11-21 13:47 |
2019-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219753
|
6.1 |
MEDIUM
Network
|
ip_history_logs_project
|
ip_history_logs
|
An issue was discovered in the User IP History Logs (aka IP_History_Logs) plugin 1.0.2 for MyBB. There is XSS via the admin/modules/tools/ip_history_logs.php useragent field.
|
CWE-79
Cross-site Scripting
|
CVE-2019-6979
|
2024-11-21 13:47 |
2019-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219754
|
9.8 |
CRITICAL
Network
|
libgd
debian
canonical
|
libgd
debian_linux
ubuntu_linux
|
The GD Graphics Library (aka LibGD) 2.2.5 has a double free in the gdImage*Ptr() functions in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c. NOTE: PHP is unaffected.
|
CWE-415
Double Free
|
CVE-2019-6978
|
2024-11-21 13:47 |
2019-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219755
|
8.8 |
HIGH
Network
|
libgd
php
debian
canonical
netapp
|
libgd
php
debian_linux
ubuntu_linux
storage_automation_store
|
gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x bef…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-6977
|
2024-11-21 13:47 |
2019-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219756
|
5.3 |
MEDIUM
Network
|
libvips
|
libvips
|
libvips before 8.7.4 generates output images from uninitialized memory locations when processing corrupted input image data because iofuncs/memory.c does not zero out allocated memory. This can resul…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2019-6976
|
2024-11-21 13:47 |
2019-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219757
|
5.9 |
MEDIUM
Network
|
phpmyadmin
debian
|
phpmyadmin
debian_linux
|
An issue was discovered in phpMyAdmin before 4.8.5. When the AllowArbitraryServer configuration setting is set to true, with the use of a rogue MySQL server, an attacker can read any file on the serv…
|
NVD-CWE-noinfo
|
CVE-2019-6799
|
2024-11-21 13:47 |
2019-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219758
|
9.8 |
CRITICAL
Network
|
phpmyadmin
|
phpmyadmin
|
An issue was discovered in phpMyAdmin before 4.8.5. A vulnerability was reported where a specially crafted username can be used to trigger a SQL injection attack through the designer feature.
|
CWE-89
SQL Injection
|
CVE-2019-6798
|
2024-11-21 13:47 |
2019-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219759
|
6.5 |
MEDIUM
Network
|
axiosys
|
bento4
|
An issue was discovered in Bento4 1.5.1-628. The AP4_ElstAtom class in Core/Ap4ElstAtom.cpp has an attempted excessive memory allocation related to AP4_Array<AP4_ElstEntry>::EnsureCapacity in Core/Ap…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2019-6966
|
2024-11-21 13:47 |
2019-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219760
|
7.1 |
HIGH
Local
|
audiocoding
debian
|
freeware_advanced_audio_decoder_2
debian_linux
|
An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. It is a buffer over-read in ps_mix_phase in libfaad/ps_dec.c.
|
CWE-125
Out-of-bounds Read
|
CVE-2019-6956
|
2024-11-21 13:47 |
2019-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
