|
221821
|
6.5 |
MEDIUM
Network
|
gnu
|
recutils
|
An issue was discovered in GNU Recutils 1.8. There is a double-free problem in the function rec_mset_elem_destroy() in the file rec-mset.c.
|
CWE-415
Double Free
|
CVE-2019-6455
|
2024-11-21 13:46 |
2019-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221822
|
8.1 |
HIGH
Adjacent
|
estrongs
|
es_file_explorer_file_manager
|
The ES File Explorer File Manager application through 4.1.9.7.4 for Android allows remote attackers to read arbitrary files or execute applications via TCP port 59777 requests on the local Wi-Fi netw…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2019-6447
|
2024-11-21 13:46 |
2019-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221823
|
6.1 |
MEDIUM
Network
|
joomla
|
joomla\!
|
An issue was discovered in Joomla! before 3.9.2. Inadequate escaping in mod_banners leads to a stored XSS vulnerability.
|
CWE-79
Cross-site Scripting
|
CVE-2019-6264
|
2024-11-21 13:46 |
2019-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221824
|
4.8 |
MEDIUM
Network
|
joomla
|
joomla\!
|
An issue was discovered in Joomla! before 3.9.2. Inadequate checks of the Global Configuration Text Filter settings allowed stored XSS.
|
CWE-79
Cross-site Scripting
|
CVE-2019-6263
|
2024-11-21 13:46 |
2019-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221825
|
5.4 |
MEDIUM
Network
|
joomla
|
joomla\!
|
An issue was discovered in Joomla! before 3.9.2. Inadequate checks of the Global Configuration helpurl settings allowed stored XSS.
|
CWE-79
Cross-site Scripting
|
CVE-2019-6262
|
2024-11-21 13:46 |
2019-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221826
|
6.1 |
MEDIUM
Network
|
joomla
|
joomla\!
|
An issue was discovered in Joomla! before 3.9.2. Inadequate escaping in com_contact leads to a stored XSS vulnerability.
|
CWE-79
Cross-site Scripting
|
CVE-2019-6261
|
2024-11-21 13:46 |
2019-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221827
|
9.8 |
CRITICAL
Network
|
numpy
fedoraproject
|
numpy
fedora
|
An issue was discovered in NumPy 1.16.0 and earlier. It uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, as demonstrate…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2019-6446
|
2024-11-21 13:46 |
2019-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221828
|
6.5 |
MEDIUM
Network
|
ntpsec
|
ntpsec
|
An issue was discovered in NTPsec before 1.1.3. An authenticated attacker can cause a NULL pointer dereference and ntpd crash in ntp_control.c, related to ctl_getitem.
|
CWE-476
NULL Pointer Dereference
|
CVE-2019-6445
|
2024-11-21 13:46 |
2019-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221829
|
9.1 |
CRITICAL
Network
|
ntpsec
|
ntpsec
|
An issue was discovered in NTPsec before 1.1.3. process_control() in ntp_control.c has a stack-based buffer over-read because attacker-controlled data is dereferenced by ntohl() in ntpd.
|
CWE-125
Out-of-bounds Read
|
CVE-2019-6444
|
2024-11-21 13:46 |
2019-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221830
|
9.1 |
CRITICAL
Network
|
ntpsec
|
ntpsec
|
An issue was discovered in NTPsec before 1.1.3. Because of a bug in ctl_getitem, there is a stack-based buffer over-read in read_sysvars in ntp_control.c in ntpd.
|
CWE-125
Out-of-bounds Read
|
CVE-2019-6443
|
2024-11-21 13:46 |
2019-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
