|
218811
|
9.1 |
CRITICAL
Network
|
ntpsec
|
ntpsec
|
An issue was discovered in NTPsec before 1.1.3. Because of a bug in ctl_getitem, there is a stack-based buffer over-read in read_sysvars in ntp_control.c in ntpd.
|
CWE-125
Out-of-bounds Read
|
CVE-2019-6443
|
2024-11-21 13:46 |
2019-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218812
|
6.5 |
MEDIUM
Network
|
ntpsec
|
ntpsec
|
An issue was discovered in NTPsec before 1.1.3. An authenticated attacker can write one byte out of bounds in ntpd via a malformed config request, related to config_remotely in ntp_config.c, yyparse …
|
CWE-787
Out-of-bounds Write
|
CVE-2019-6442
|
2024-11-21 13:46 |
2019-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218813
|
9.8 |
CRITICAL
Network
|
zemana
|
antimalware
|
Zemana AntiMalware before 3.0.658 Beta mishandles update logic.
|
CWE-19
Data Processing Errors
|
CVE-2019-6440
|
2024-11-21 13:46 |
2019-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218814
|
9.8 |
CRITICAL
Network
|
wolfssl
|
wolfssl
|
examples/benchmark/tls_bench.c in a benchmark tool in wolfSSL through 3.15.7 has a heap-based buffer overflow.
|
CWE-787
Out-of-bounds Write
|
CVE-2019-6439
|
2024-11-21 13:46 |
2019-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218815
|
9.8 |
CRITICAL
Network
|
skymoonlabs
|
cleanto
|
Cleanto 5.0 has SQL Injection via the assets/lib/export_ajax.php id parameter.
|
CWE-89
SQL Injection
|
CVE-2019-6296
|
2024-11-21 13:46 |
2019-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218816
|
9.8 |
CRITICAL
Network
|
skymoonlabs
|
cleanto
|
Cleanto 5.0 has SQL Injection via the assets/lib/service_method_ajax.php service_id parameter.
|
CWE-89
SQL Injection
|
CVE-2019-6295
|
2024-11-21 13:46 |
2019-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218817
|
8.8 |
HIGH
Network
|
easycms
|
easycms
|
An issue was discovered in EasyCMS 1.5. There is CSRF via the index.php?s=/admin/articlem/insert/navTabId/listarticle/callbackType/closeCurrent URI.
|
CWE-352
Origin Validation Error
|
CVE-2019-6294
|
2024-11-21 13:46 |
2019-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218818
|
8.8 |
HIGH
Network
|
dedecms
|
dedecms
|
uploads/include/dialog/select_soft.php in DedeCMS V57_UTF8_SP2 allows remote attackers to execute arbitrary PHP code by uploading with a safe file extension and then renaming with a mixed-case variat…
|
CWE-178
CWE-706
Improper Handling of Case Sensitivity
Use of Incorrectly-Resolved Name or Reference
|
CVE-2019-6289
|
2024-11-21 13:46 |
2019-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218819
|
5.5 |
MEDIUM
Local
|
westes
|
flex
|
An issue was discovered in the function mark_beginning_as_normal in nfa.c in flex 2.6.4. There is a stack exhaustion problem caused by the mark_beginning_as_normal function making recursive calls to …
|
CWE-674
Uncontrolled Recursion
|
CVE-2019-6293
|
2024-11-21 13:46 |
2019-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218820
|
6.5 |
MEDIUM
Network
|
yaml-cpp_project
|
yaml-cpp
|
An issue was discovered in singledocparser.cpp in yaml-cpp (aka LibYaml-C++) 0.6.2. Stack Exhaustion occurs in YAML::SingleDocParser, and there is a stack consumption problem caused by recursive stac…
|
CWE-674
Uncontrolled Recursion
|
CVE-2019-6292
|
2024-11-21 13:46 |
2019-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
