Export limit exceeded: 364868 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 364868 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (364868 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-14744 | 6 Canonical, Debian, Fedoraproject and 3 more | 10 Ubuntu Linux, Debian Linux, Fedora and 7 more | 2024-11-21 | 7.8 High |
| In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates to libKF5ConfigCore.so, and the mishandling of .desktop and .directory files, as demonstrated by a shell command on an Icon line in a .desktop file. | ||||
| CVE-2019-14743 | 2 Microsoft, Valvesoftware | 2 Windows, Steam Client | 2024-11-21 | N/A |
| In Valve Steam Client for Windows through 2019-08-07, HKLM\SOFTWARE\Wow6432Node\Valve\Steam has explicit "Full control" for the Users group, which allows local users to gain NT AUTHORITY\SYSTEM access. | ||||
| CVE-2019-14737 | 1 Ubisoft | 1 Uplay | 2024-11-21 | 7.8 High |
| Ubisoft Uplay 92.0.0.6280 has Insecure Permissions. | ||||
| CVE-2019-14734 | 2 Adplug Project, Fedoraproject | 2 Adplug, Fedora | 2024-11-21 | 8.8 High |
| AdPlug 2.3.1 has multiple heap-based buffer overflows in CmtkLoader::load() in mtk.cpp. | ||||
| CVE-2019-14733 | 2 Adplug Project, Fedoraproject | 2 Adplug, Fedora | 2024-11-21 | 8.8 High |
| AdPlug 2.3.1 has multiple heap-based buffer overflows in CradLoader::load() in rad.cpp. | ||||
| CVE-2019-14732 | 2 Adplug Project, Fedoraproject | 2 Adplug, Fedora | 2024-11-21 | 8.8 High |
| AdPlug 2.3.1 has multiple heap-based buffer overflows in Ca2mLoader::load() in a2m.cpp. | ||||
| CVE-2019-14731 | 1 Cnezsoft | 1 Zentao | 2024-11-21 | N/A |
| An issue was discovered in ZenTao 11.5.1. There is an XSS (stored) vulnerability that leads to the capture of other people's cookies via the Rich Text Box. | ||||
| CVE-2019-14730 | 1 Control-webpanel | 1 Webpanel | 2024-11-21 | 4.3 Medium |
| In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete a domain from a victim's account via an attacker account. | ||||
| CVE-2019-14729 | 1 Control-webpanel | 1 Webpanel | 2024-11-21 | 4.3 Medium |
| In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete a sub-domain from a victim's account via an attacker account. | ||||
| CVE-2019-14728 | 1 Control-webpanel | 1 Webpanel | 2024-11-21 | 4.3 Medium |
| In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to add an e-mail forwarding destination to a victim's account via an attacker account. | ||||
| CVE-2019-14727 | 1 Control-webpanel | 1 Webpanel | 2024-11-21 | 4.3 Medium |
| In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to change the e-mail password of a victim account via an attacker account. | ||||
| CVE-2019-14726 | 1 Control-webpanel | 1 Webpanel | 2024-11-21 | 5.4 Medium |
| In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to access and delete DNS records of a victim's account via an attacker account. | ||||
| CVE-2019-14725 | 1 Control-webpanel | 1 Webpanel | 2024-11-21 | 4.3 Medium |
| In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to change the e-mail usage value of a victim account via an attacker account. | ||||
| CVE-2019-14724 | 1 Control-webpanel | 1 Webpanel | 2024-11-21 | 7.5 High |
| In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to edit an e-mail forwarding destination of a victim's account via an attacker account. | ||||
| CVE-2019-14723 | 1 Control-webpanel | 1 Webpanel | 2024-11-21 | 4.3 Medium |
| In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete a victim's e-mail account via an attacker account. | ||||
| CVE-2019-14722 | 1 Control-webpanel | 1 Webpanel | 2024-11-21 | 4.3 Medium |
| In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete an e-mail forwarding destination from a victim's account via an attacker account. | ||||
| CVE-2019-14721 | 1 Control-webpanel | 1 Webpanel | 2024-11-21 | 6.5 Medium |
| In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to remove a target user from phpMyAdmin via an attacker account. | ||||
| CVE-2019-14719 | 1 Verifone | 2 Mx900, Mx900 Firmware | 2024-11-21 | 7.8 High |
| Verifone MX900 series Pinpad Payment Terminals with OS 30251000 allow multiple arbitrary command injections, as demonstrated by the file manager. | ||||
| CVE-2019-14718 | 1 Verifone | 2 Mx900, Mx900 Firmware | 2024-11-21 | 6.7 Medium |
| Verifone MX900 series Pinpad Payment Terminals with OS 30251000 have Insecure Permissions, with resultant svc_netcontrol arbitrary command injection and privilege escalation. | ||||
| CVE-2019-14717 | 1 Verifone | 2 Verix Os, Vx520 | 2024-11-21 | 7.8 High |
| Verifone Verix OS on VerixV Pinpad Payment Terminals with QT000530 have a Buffer Overflow via the Run system call. | ||||