|
222951
|
5.3 |
MEDIUM
Network
|
wpgraphql
|
wpgraphql
|
The WPGraphQL WordPress plugin before 0.3.5 doesn't properly restrict access to information about other users' roles on the affected site. Because of this, a remote attacker could forge a GraphQL que…
|
-
|
CVE-2019-25060
|
2024-11-21 13:39 |
2022-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222952
|
7.8 |
HIGH
Local
|
artifex
debian
|
ghostscript
debian_linux
|
Artifex Ghostscript through 9.26 mishandles .completefont. NOTE: this issue exists because of an incomplete fix for CVE-2019-3839.
|
NVD-CWE-noinfo
|
CVE-2019-25059
|
2024-11-21 13:39 |
2022-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222953
|
7.8 |
HIGH
Local
|
usbguard_project
fedoraproject
debian
|
usbguard
fedora
debian_linux
|
An issue was discovered in USBGuard before 1.1.0. On systems with the usbguard-dbus daemon running, an unprivileged user could make USBGuard allow all USB devices to be connected in the future.
|
CWE-863
Incorrect Authorization
|
CVE-2019-25058
|
2024-11-21 13:39 |
2022-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222954
|
7.5 |
HIGH
Network
|
r3
|
corda
|
In Corda before 4.1, the meaning of serialized data can be modified via an attacker-controlled CustomSerializer.
|
NVD-CWE-noinfo
|
CVE-2019-25057
|
2024-11-21 13:39 |
2022-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222955
|
5.3 |
MEDIUM
Network
|
bromite
|
bromite
|
In Bromite through 78.0.3904.130, there are adblock rules in the release APK; therefore, probing which resources are blocked and which aren't can identify the application version and defeat the User-…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2019-25056
|
2024-11-21 13:39 |
2022-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222956
|
7.5 |
HIGH
Network
|
libpulse-binding_project
|
libpulse-binding
|
An issue was discovered in the libpulse-binding crate before 2.6.0 for Rust. It mishandles a panic that crosses a Foreign Function Interface (FFI) boundary.
|
NVD-CWE-noinfo
|
CVE-2019-25055
|
2024-11-21 13:39 |
2021-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222957
|
7.5 |
HIGH
Network
|
pnet_project
|
pnet
|
An issue was discovered in the pnet crate before 0.27.2 for Rust. There is a segmentation fault (upon attempted dereference of an uninitialized descriptor) because of an erroneous IcmpTransportChanne…
|
CWE-909
Missing Initialization of Resource
|
CVE-2019-25054
|
2024-11-21 13:39 |
2021-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222958
|
9.1 |
CRITICAL
Network
|
linaro
|
op-tee
|
In Linaro OP-TEE before 3.7.0, by using inconsistent or malformed data, it is possible to call update and final cryptographic functions directly, causing a crash that could leak sensitive information.
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2019-25052
|
2024-11-21 13:39 |
2021-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222959
|
7.8 |
HIGH
Local
|
gnu
debian
fedoraproject
|
aspell
debian_linux
fedora
|
objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::dup_top (called from acommon::StringMap::add and acommon::Config::lookup_list).
|
CWE-787
Out-of-bounds Write
|
CVE-2019-25051
|
2024-11-21 13:39 |
2021-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222960
|
7.8 |
HIGH
Local
|
osgeo
|
gdal
|
netCDF in GDAL 2.4.2 through 3.0.4 has a stack-based buffer overflow in nc4_get_att (called from nc4_get_att_tc and nc_get_att_text) and in uffd_cleanup (called from netCDFDataset::~netCDFDataset and…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-25050
|
2024-11-21 13:39 |
2021-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
