|
220211
|
9.8 |
CRITICAL
Network
|
ftpgetter
|
ftpgetter
|
FTPGetter Standard v.5.97.0.177 allows remote code execution when a user initiates an FTP connection to an attacker-controlled machine that sends crafted responses. Long responses can also crash the …
|
CWE-787
Out-of-bounds Write
|
CVE-2019-9760
|
2024-11-21 13:52 |
2019-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220212
|
5.5 |
MEDIUM
Local
|
tinycc
|
tinycc
|
An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. Compiling a crafted source file leads to an 1 byte out of bounds write in the end_macro function in tccpp.c.
|
CWE-787
Out-of-bounds Write
|
CVE-2019-9754
|
2024-11-21 13:52 |
2019-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220213
|
5.4 |
MEDIUM
Network
|
otrs
opensuse
|
otrs
leap
backports_sle
|
An issue was discovered in Open Ticket Request System (OTRS) 5.x before 5.0.34, 6.x before 6.0.16, and 7.x before 7.0.4. An attacker who is logged into OTRS as an agent or a customer user may upload …
|
CWE-79
Cross-site Scripting
|
CVE-2019-9752
|
2024-11-21 13:52 |
2019-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220214
|
4.8 |
MEDIUM
Network
|
otrs
|
otrs
|
An issue was discovered in Open Ticket Request System (OTRS) 6.x before 6.0.17 and 7.x before 7.0.5. An attacker who is logged into OTRS as an admin user may manipulate the URL to cause execution of …
|
CWE-79
Cross-site Scripting
|
CVE-2019-9751
|
2024-11-21 13:52 |
2019-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220215
|
9.1 |
CRITICAL
Network
|
iotivity
|
iotivity
|
In IoTivity through 1.3.1, the CoAP server interface can be used for Distributed Denial of Service attacks using source IP address spoofing and UDP-based traffic amplification. The reflected traffic …
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2019-9750
|
2024-11-21 13:52 |
2019-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220216
|
7.5 |
HIGH
Network
|
treasuredata
|
fluent_bit
|
An issue was discovered in the MQTT input plugin in Fluent Bit through 1.0.4. When this plugin acts as an MQTT broker (server), it mishandles incoming network messages. After processing a crafted pac…
|
CWE-681
Incorrect Conversion between Numeric Types
|
CVE-2019-9749
|
2024-11-21 13:52 |
2019-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220217
|
9.1 |
CRITICAL
Network
|
tinysvcmdns_project
|
tinysvcmdns
|
In tinysvcmdns through 2018-01-16, an mDNS server processing a crafted packet can perform arbitrary data read operations up to 16383 bytes from the start of the buffer. This can lead to a segmentatio…
|
CWE-125
Out-of-bounds Read
|
CVE-2019-9748
|
2024-11-21 13:52 |
2019-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220218
|
7.5 |
HIGH
Network
|
tinysvcmdns_project
|
tinysvcmdns
|
In tinysvcmdns through 2018-01-16, a maliciously crafted mDNS (Multicast DNS) packet triggers an infinite loop while parsing an mDNS query. When mDNS compressed labels point to each other, the functi…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2019-9747
|
2024-11-21 13:52 |
2019-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220219
|
7.5 |
HIGH
Network
|
webmproject
|
libwebm
|
In libwebm before 2019-03-08, a NULL pointer dereference caused by the functions OutputCluster and OutputTracks in webm_info.cc will trigger an abort, which allows a DoS attack, a similar issue to CV…
|
CWE-476
NULL Pointer Dereference
|
CVE-2019-9746
|
2024-11-21 13:52 |
2019-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220220
|
7.5 |
HIGH
Network
|
gdata-software
|
total_security
|
gdwfpcd.sys in G Data Total Security before 2019-02-22 allows an attacker to bypass ACLs because Interpreted Device Characteristics lacks FILE_DEVICE_SECURE_OPEN and therefore files and directories "…
|
CWE-862
Missing Authorization
|
CVE-2019-9742
|
2024-11-21 13:52 |
2019-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
