Export limit exceeded: 75923 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (75923 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-15639 | 1 Digium | 1 Asterisk | 2024-11-21 | 7.5 High |
| main/translate.c in Sangoma Asterisk 13.28.0 and 16.5.0 allows a remote attacker to send a specific RTP packet during a call and cause a crash in a specific scenario. | ||||
| CVE-2019-15638 | 1 Copadata | 1 Zenon | 2024-11-21 | 7.8 High |
| COPA-DATA zenone32 zenon Editor through 8.10 has an Uncontrolled Search Path Element. | ||||
| CVE-2019-15637 | 4 Apple, Linux, Microsoft and 1 more | 7 Macos, Linux Kernel, Windows and 4 more | 2024-11-21 | 8.1 High |
| Numerous Tableau products are vulnerable to XXE via a malicious workbook, extension, or data source, leading to information disclosure or a DoS. This affects Tableau Server, Tableau Desktop, Tableau Reader, and Tableau Public Desktop. | ||||
| CVE-2019-15629 | 1 Trendmicro | 1 Password Manager | 2024-11-21 | 7.5 High |
| Trend Micro Password Manager versions 3.x, 5.0, and 5.1 for Android is affected by a FLAG_MISUSE vulnerability that could be exploited to allow the application to share information to third-party applications on the device. | ||||
| CVE-2019-15628 | 2 Microsoft, Trendmicro | 5 Windows, Antivirus \+ Security 2020, Internet Security 2020 and 2 more | 2024-11-21 | 7.8 High |
| Trend Micro Security (Consumer) 2020 (v16.0.1221 and below) is affected by a DLL hijacking vulnerability that could allow an attacker to use a specific service as an execution and/or persistence mechanism which could execute a malicious program each time the service is started. | ||||
| CVE-2019-15627 | 2 Microsoft, Trendmicro | 2 Windows, Deep Security | 2024-11-21 | 7.1 High |
| Versions 10.0, 11.0 and 12.0 of the Trend Micro Deep Security Agent are vulnerable to an arbitrary file delete attack, which may lead to availability impact. Local OS access is required. Please note that only Windows agents are affected. | ||||
| CVE-2019-15626 | 1 Trendmicro | 1 Deep Security | 2024-11-21 | 7.5 High |
| The Deep Security Manager application (Versions 10.0, 11.0 and 12.0), when configured in a certain way, may transmit initial LDAP communication in clear text. This may result in confidentiality impact but does not impact integrity or availability. | ||||
| CVE-2019-15613 | 2 Nextcloud, Opensuse | 2 Nextcloud Server, Backports | 2024-11-21 | 8.0 High |
| A bug in Nextcloud Server 17.0.1 causes the workflow rules to depend their behaviour on the file extension when checking file mimetypes. | ||||
| CVE-2019-15600 | 1 Http Server Project | 1 Http Server | 2024-11-21 | 7.5 High |
| A Path traversal exists in http_server which allows an attacker to read arbitrary system files. | ||||
| CVE-2019-15596 | 1 Statics-server Project | 1 Statics-server | 2024-11-21 | 7.5 High |
| A path traversal in statics-server exists in all version that allows an attacker to perform a path traversal when a symlink is used within the working directory. | ||||
| CVE-2019-15595 | 1 Ui | 1 Unifi Video Controller | 2024-11-21 | 8.8 High |
| A privilege escalation exists in UniFi Video Controller =<3.10.6 that would allow an attacker on the local machine to run arbitrary commands. | ||||
| CVE-2019-15590 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 7.5 High |
| An access control issue exists in < 12.3.5, < 12.2.8, and < 12.1.14 for GitLab Community Edition (CE) and Enterprise Edition (EE) where private merge requests and issues would be disclosed with the Group Search feature provided by Elasticsearch integration | ||||
| CVE-2019-15589 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 8.8 High |
| An improper access control vulnerability exists in Gitlab <v12.3.2, <v12.2.6, <v12.1.12 which would allow a blocked user would be able to use GIT clone and pull if he had obtained a CI/CD token before. | ||||
| CVE-2019-15588 | 1 Sonatype | 1 Nexus Repository Manager | 2024-11-21 | 7.2 High |
| There is an OS Command Injection in Nexus Repository Manager <= 2.14.14 (bypass CVE-2019-5475) that could allow an attacker a Remote Code Execution (RCE). All instances using CommandLineExecutor.java with user-supplied data is vulnerable, such as the Yum Configuration Capability. | ||||
| CVE-2019-15583 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 7.5 High |
| An information disclosure exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE). When an issue was moved to a public project from a private one, the associated private labels and the private project namespace would be disclosed through the GitLab API. | ||||
| CVE-2019-15576 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 7.5 High |
| An information disclosure vulnerability exists in GitLab CE/EE <v12.3.2, <v12.2.6, and <v12.1.12 that allowed an attacker to view private system notes from a GraphQL endpoint. | ||||
| CVE-2019-15575 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 7.5 High |
| A command injection exists in GitLab CE/EE <v12.3.2, <v12.2.6, and <v12.1.12 that allowed an attacker to inject commands via the API through the blobs scope. | ||||
| CVE-2019-15550 | 1 Simdjson Project | 1 Simdjson | 2024-11-21 | 7.5 High |
| An issue was discovered in the simd-json crate before 0.1.15 for Rust. There is an out-of-bounds read and an incorrect crossing of a page boundary. | ||||
| CVE-2019-15544 | 2 Apache, Rust-protobuf Project | 2 Hbase, Rust-protobuf | 2024-11-21 | 7.5 High |
| An issue was discovered in the protobuf crate before 2.6.0 for Rust. Attackers can exhaust all memory via Vec::reserve calls. | ||||
| CVE-2019-15538 | 7 Canonical, Debian, Fedoraproject and 4 more | 29 Ubuntu Linux, Debian Linux, Fedora and 26 more | 2024-11-21 | 7.5 High |
| An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. XFS partially wedges when a chgrp fails on account of being out of disk quota. xfs_setattr_nonsize is failing to unlock the ILOCK after the xfs_qm_vop_chown_reserve call fails. This is primarily a local DoS attack vector, but it might result as well in remote DoS if the XFS filesystem is exported for instance via NFS. | ||||