Export limit exceeded: 42885 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (42885 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-13522 | 1 Ezautomation | 1 Ez Plc Editor | 2024-11-21 | 7.8 High |
| An attacker could use a specially crafted project file to corrupt the memory and execute code under the privileges of the EZ PLC Editor Versions 1.8.41 and prior. | ||||
| CVE-2019-13520 | 1 Fujielectric | 2 Alpha5 Smart Loader, Alpha5 Smart Loader Firmware | 2024-11-21 | 7.8 High |
| Multiple buffer overflow issues have been identified in Alpha5 Smart Loader: All versions prior to 4.2. An attacker could use specially crafted project files to overflow the buffer and execute code under the privileges of the application. | ||||
| CVE-2019-13518 | 1 Ezautomation | 1 Ez Touch Editor | 2024-11-21 | N/A |
| An attacker could use a specially crafted project file to overflow the buffer and execute code under the privileges of the EZ Touch Editor Versions 2.1.0 and prior. | ||||
| CVE-2019-13513 | 1 Deltaww | 1 Delta Industrial Automation Dopsoft | 2024-11-21 | 7.8 High |
| In Delta Industrial Automation DOPSoft, Version 4.00.06.15 and prior, processing a specially crafted project file may trigger multiple out-of-bounds read vulnerabilities, which may allow information disclosure, remote code execution, or crash of the application. | ||||
| CVE-2019-13512 | 1 Fujielectric | 1 Frenic Loader | 2024-11-21 | 3.3 Low |
| Fuji Electric FRENIC Loader 3.5.0.0 and prior is vulnerable to an out-of-bounds read vulnerability, which may allow an attacker to read limited information from the device. | ||||
| CVE-2019-13509 | 1 Docker | 1 Docker | 2024-11-21 | N/A |
| In Docker CE and EE before 18.09.8 (as well as Docker EE before 17.06.2-ee-23 and 18.x before 18.03.1-ee-10), Docker Engine in debug mode may sometimes add secrets to the debug log. This applies to a scenario where docker stack deploy is run to redeploy a stack that includes (non external) secrets. It potentially applies to other API users of the stack API if they resend the secret. | ||||
| CVE-2019-13508 | 2 Canonical, Freetds | 2 Ubuntu Linux, Freetds | 2024-11-21 | 9.8 Critical |
| FreeTDS through 1.1.11 has a Buffer Overflow. | ||||
| CVE-2019-13504 | 2 Debian, Exiv2 | 2 Debian Linux, Exiv2 | 2024-11-21 | 6.5 Medium |
| There is an out-of-bounds read in Exiv2::MrwImage::readMetadata in mrwimage.cpp in Exiv2 through 0.27.2. | ||||
| CVE-2019-13503 | 1 Cesanta | 1 Mongoose | 2024-11-21 | 7.5 High |
| mq_parse_http in mongoose.c in Mongoose 6.15 has a heap-based buffer over-read. | ||||
| CVE-2019-13484 | 2 Debian, Xymon | 2 Debian Linux, Xymon | 2024-11-21 | N/A |
| In Xymon through 4.3.28, a buffer overflow exists in the status-log viewer CGI because of expansion in appfeed.c. | ||||
| CVE-2019-13470 | 1 Matrixssl | 1 Matrixssl | 2024-11-21 | N/A |
| MatrixSSL before 4.2.1 has an out-of-bounds read during ASN.1 handling. | ||||
| CVE-2019-13452 | 2 Debian, Xymon | 2 Debian Linux, Xymon | 2024-11-21 | N/A |
| In Xymon through 4.3.28, a buffer overflow vulnerability exists in reportlog.c. | ||||
| CVE-2019-13451 | 2 Debian, Xymon | 2 Debian Linux, Xymon | 2024-11-21 | N/A |
| In Xymon through 4.3.28, a buffer overflow vulnerability exists in history.c. | ||||
| CVE-2019-13445 | 1 Ros | 1 Ros-comm | 2024-11-21 | 9.8 Critical |
| An issue was discovered in the ROS communications-related packages (aka ros_comm or ros-melodic-ros-comm) through 1.14.3. parseOptions() in tools/rosbag/src/record.cpp has an integer overflow when a crafted split option can be entered on the command line. | ||||
| CVE-2019-13418 | 1 Search-guard | 1 Search Guard | 2024-11-21 | 7.5 High |
| Search Guard versions before 24.0 had an issue that values of string arrays in documents are not properly anonymized. | ||||
| CVE-2019-13393 | 1 Netgear | 2 Cg3700b, Cg3700b Firmware | 2024-11-21 | 7.5 High |
| The Voo branded NETGEAR CG3700b custom firmware V2.02.03 uses the same default 8 character passphrase for the administrative console and the WPA2 pre-shared key. Either an attack against HTTP Basic Authentication or an attack against WPA2 could be used to determine this passphrase. | ||||
| CVE-2019-13391 | 1 Imagemagick | 1 Imagemagick | 2024-11-21 | N/A |
| In ImageMagick 7.0.8-50 Q16, ComplexImages in MagickCore/fourier.c has a heap-based buffer over-read because of incorrect calls to GetCacheViewVirtualPixels. | ||||
| CVE-2019-13331 | 2 Foxitsoftware, Microsoft | 2 Reader, Windows | 2024-11-21 | 7.8 High |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPG files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8838. | ||||
| CVE-2019-13326 | 2 Foxitsoftware, Microsoft | 2 Reader, Windows | 2024-11-21 | 7.8 High |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of fields within Acroform objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8864. | ||||
| CVE-2019-13325 | 2 Foxitsoftware, Microsoft | 2 Foxit Studio Photo, Windows | 2024-11-21 | 7.8 High |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.909. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of EPS files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8922. | ||||