|
224111
|
9.8 |
CRITICAL
Network
|
nibbleblog
|
nibbleblog
|
Nibbleblog 4.0.5 allows eval injection by placing PHP code in the install.php username parameter and then making a content/private/shadow.php request.
|
CWE-94
Code Injection
|
CVE-2019-7719
|
2024-11-21 13:48 |
2019-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224112
|
8.1 |
HIGH
Network
|
metinfo
|
metinfo
|
An issue was discovered in Metinfo 6.x. An attacker can leverage a race condition in the backend database backup function to execute arbitrary PHP code via admin/index.php?n=databack&c=index&a=dogets…
|
CWE-362
Race Condition
|
CVE-2019-7718
|
2024-11-21 13:48 |
2019-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224113
|
6.5 |
MEDIUM
Network
|
webassembly
|
binaryen
|
wasm::WasmBinaryBuilder::readUserSection in wasm-binary.cpp in Binaryen 1.38.22 triggers an attempt at excessive memory allocation, as demonstrated by wasm-merge and wasm-opt.
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2019-7704
|
2024-11-21 13:48 |
2019-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224114
|
6.5 |
MEDIUM
Network
|
webassembly
|
binaryen
|
In Binaryen 1.38.22, there is a use-after-free problem in wasm::WasmBinaryBuilder::visitCall in wasm-binary.cpp. Remote attackers could leverage this vulnerability to cause a denial-of-service via a …
|
CWE-416
Use After Free
|
CVE-2019-7703
|
2024-11-21 13:48 |
2019-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224115
|
6.5 |
MEDIUM
Network
|
webassembly
|
binaryen
|
A NULL pointer dereference was discovered in wasm::SExpressionWasmBuilder::parseExpression in wasm-s-parser.cpp in Binaryen 1.38.22. A crafted wasm input can cause a segmentation fault, leading to de…
|
CWE-476
NULL Pointer Dereference
|
CVE-2019-7702
|
2024-11-21 13:48 |
2019-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224116
|
6.5 |
MEDIUM
Network
|
webassembly
|
binaryen
|
A heap-based buffer over-read was discovered in wasm::SExpressionParser::skipWhitespace() in wasm-s-parser.cpp in Binaryen 1.38.22. A crafted wasm input can cause a segmentation fault, leading to den…
|
CWE-125
Out-of-bounds Read
|
CVE-2019-7701
|
2024-11-21 13:48 |
2019-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224117
|
6.5 |
MEDIUM
Network
|
webassembly
|
binaryen
|
A heap-based buffer over-read was discovered in wasm::WasmBinaryBuilder::visitCall in wasm-binary.cpp in Binaryen 1.38.22. A crafted wasm input can cause a segmentation fault, leading to denial-of-se…
|
CWE-125
Out-of-bounds Read
|
CVE-2019-7700
|
2024-11-21 13:48 |
2019-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224118
|
6.5 |
MEDIUM
Network
|
axiosys
|
bento4
|
A heap-based buffer over-read occurs in AP4_BitStream::WriteBytes in Codecs/Ap4BitStream.cpp in Bento4 v1.5.1-627. Remote attackers could leverage this vulnerability to cause an exception via crafted…
|
CWE-125
Out-of-bounds Read
|
CVE-2019-7699
|
2024-11-21 13:48 |
2019-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224119
|
6.5 |
MEDIUM
Network
|
axiosys
|
bento4
|
An issue was discovered in AP4_Array<AP4_CttsTableEntry>::EnsureCapacity in Core/Ap4Array.h in Bento4 1.5.1-627. Crafted MP4 input triggers an attempt at excessive memory allocation, as demonstrated …
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2019-7698
|
2024-11-21 13:48 |
2019-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224120
|
6.5 |
MEDIUM
Network
|
axiosys
|
bento4
|
An issue was discovered in Bento4 v1.5.1-627. There is an assertion failure in AP4_AtomListWriter::Action in Core/Ap4Atom.cpp, leading to a denial of service (program crash), as demonstrated by mp42h…
|
CWE-617
Reachable Assertion
|
CVE-2019-7697
|
2024-11-21 13:48 |
2019-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
