Export limit exceeded: 85274 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (85274 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-10167 | 1 Redhat | 10 Advanced Virtualization, Enterprise Linux, Enterprise Linux Desktop and 7 more | 2024-11-21 | 7.8 High |
| The virConnectGetDomainCapabilities() libvirt API, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accepts an "emulatorbin" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an arbitrary path for this argument, causing libvirtd to execute a crafted executable with its own privileges. | ||||
| CVE-2019-10166 | 1 Redhat | 10 Advanced Virtualization, Enterprise Linux, Enterprise Linux Desktop and 7 more | 2024-11-21 | 7.8 High |
| It was discovered that libvirtd, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, would permit readonly clients to use the virDomainManagedSaveDefineXML() API, which would permit them to modify managed save state files. If a managed save had already been created by a privileged user, a local attacker could modify this file such that libvirtd would execute an arbitrary program when the domain was resumed. | ||||
| CVE-2019-10164 | 4 Fedoraproject, Opensuse, Postgresql and 1 more | 7 Fedora, Leap, Postgresql and 4 more | 2024-11-21 | 8.8 High |
| PostgreSQL versions 10.x before 10.9 and versions 11.x before 11.4 are vulnerable to a stack-based buffer overflow. Any authenticated user can overflow a stack-based buffer by changing the user's own password to a purpose-crafted value. This often suffices to execute arbitrary code as the PostgreSQL operating system account. | ||||
| CVE-2019-10162 | 2 Opensuse, Powerdns | 2 Leap, Authoritative | 2024-11-21 | 7.5 High |
| A vulnerability has been found in PowerDNS Authoritative Server before versions 4.1.10, 4.0.8 allowing an authorized user to cause the server to exit by inserting a crafted record in a MASTER type zone under their control. The issue is due to the fact that the Authoritative Server will exit when it runs into a parsing error while looking up the NS/A/AAAA records it is about to use for an outgoing notify. | ||||
| CVE-2019-10161 | 2 Canonical, Redhat | 6 Ubuntu Linux, Advanced Virtualization, Enterprise Linux and 3 more | 2024-11-21 | 7.8 High |
| It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients to use the virDomainSaveImageGetXMLDesc() API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. An attacker with access to the libvirtd socket could use this to probe the existence of arbitrary files, cause denial of service or cause libvirtd to execute arbitrary programs. | ||||
| CVE-2019-10154 | 1 Moodle | 1 Moodle | 2024-11-21 | 7.5 High |
| A flaw was found in Moodle before versions 3.7, 3.6.4. A web service fetching messages was not restricted to the current user's conversations. | ||||
| CVE-2019-10152 | 3 Libpod Project, Opensuse, Redhat | 3 Libpod, Leap, Rhel Extras Other | 2024-11-21 | 7.2 High |
| A path traversal vulnerability has been discovered in podman before version 1.4.0 in the way it handles symlinks inside containers. An attacker who has compromised an existing container can cause arbitrary files on the host filesystem to be read/written when an administrator tries to copy a file from/to the container. | ||||
| CVE-2019-10147 | 1 Redhat | 1 Rkt | 2024-11-21 | 7.7 High |
| rkt through version 1.30.0 does not isolate processes in containers that are run with `rkt enter`. Processes run with `rkt enter` are not limited by cgroups during stage 2 (the actual environment in which the applications run). Compromised containers could exploit this flaw to access host resources. | ||||
| CVE-2019-10145 | 1 Redhat | 1 Rkt | 2024-11-21 | 7.7 High |
| rkt through version 1.30.0 does not isolate processes in containers that are run with `rkt enter`. Processes run with `rkt enter` do not have seccomp filtering during stage 2 (the actual environment in which the applications run). Compromised containers could exploit this flaw to access host resources. | ||||
| CVE-2019-10144 | 1 Redhat | 1 Rkt | 2024-11-21 | 7.7 High |
| rkt through version 1.30.0 does not isolate processes in containers that are run with `rkt enter`. Processes run with `rkt enter` are given all capabilities during stage 2 (the actual environment in which the applications run). Compromised containers could exploit this flaw to access host resources. | ||||
| CVE-2019-10143 | 3 Fedoraproject, Freeradius, Redhat | 3 Fedora, Freeradius, Enterprise Linux | 2024-11-21 | 7.0 High |
| It was discovered freeradius up to and including version 3.0.19 does not correctly configure logrotate, allowing a local attacker who already has control of the radiusd user to escalate his privileges to root, by tricking logrotate into writing a radiusd-writable file to a directory normally inaccessible by the radiusd user. NOTE: the upstream software maintainer has stated "there is simply no way for anyone to gain privileges through this alleged issue." | ||||
| CVE-2019-10139 | 2 Ovirt, Redhat | 2 Cockpit-ovirt, Enterprise Linux | 2024-11-21 | 7.8 High |
| During HE deployment via cockpit-ovirt, cockpit-ovirt generates an ansible variable file `/var/lib/ovirt-hosted-engine-setup/cockpit/ansibleVarFileXXXXXX.var` which contains the admin and the appliance passwords as plain-text. At the of the deployment procedure, these files are deleted. | ||||
| CVE-2019-10138 | 2 Python, Redhat | 2 Novajoin, Openstack | 2024-11-21 | 8.8 High |
| A flaw was discovered in the python-novajoin plugin, all versions up to, excluding 1.1.1, for Red Hat OpenStack Platform. The novajoin API lacked sufficient access control, allowing any keystone authenticated user to generate FreeIPA tokens. | ||||
| CVE-2019-10135 | 1 Osbs-client Project | 1 Osbs-client | 2024-11-21 | 7.2 High |
| A flaw was found in the yaml.load() function in the osbs-client versions since 0.46 before 0.56.1. Insecure use of the yaml.load() function allowed the user to load any suspicious object for code execution via the parsing of malicious YAML files. | ||||
| CVE-2019-10131 | 5 Canonical, Debian, Imagemagick and 2 more | 5 Ubuntu Linux, Debian Linux, Imagemagick and 2 more | 2024-11-21 | 7.1 High |
| An off-by-one read vulnerability was discovered in ImageMagick before version 7.0.7-28 in the formatIPTCfromBuffer function in coders/meta.c. A local attacker may use this flaw to read beyond the end of the buffer or to crash the program. | ||||
| CVE-2019-10128 | 2 Microsoft, Postgresql | 2 Windows, Postgresql | 2024-11-21 | 7.8 High |
| A vulnerability was found in postgresql versions 11.x prior to 11.3. The Windows installer for EnterpriseDB-supplied PostgreSQL does not lock down the ACL of the binary installation directory or the ACL of the data directory; it keeps the inherited ACL. In the default configuration, this allows a local attacker to read arbitrary data directory files, essentially bypassing database-imposed read access limitations. In plausible non-default configurations, an attacker having both an unprivileged Windows account and an unprivileged PostgreSQL account can cause the PostgreSQL service account to execute arbitrary code. | ||||
| CVE-2019-10127 | 2 Microsoft, Postgresql | 2 Windows, Postgresql | 2024-11-21 | 8.8 High |
| A vulnerability was found in postgresql versions 11.x prior to 11.3. The Windows installer for BigSQL-supplied PostgreSQL does not lock down the ACL of the binary installation directory or the ACL of the data directory; it keeps the inherited ACL. In the default configuration, an attacker having both an unprivileged Windows account and an unprivileged PostgreSQL account can cause the PostgreSQL service account to execute arbitrary code. An attacker having only the unprivileged Windows account can read arbitrary data directory files, essentially bypassing database-imposed read access limitations. An attacker having only the unprivileged Windows account can also delete certain data directory files. | ||||
| CVE-2019-10101 | 1 Jetbrains | 1 Kotlin | 2024-11-21 | 8.1 High |
| JetBrains Kotlin versions before 1.3.30 were resolving artifacts using an http connection during the build process, potentially allowing an MITM attack. | ||||
| CVE-2019-10099 | 1 Apache | 1 Spark | 2024-11-21 | 7.5 High |
| Prior to Spark 2.3.3, in certain situations Spark would write user data to local disk unencrypted, even if spark.io.encryption.enabled=true. This includes cached blocks that are fetched to disk (controlled by spark.maxRemoteBlockSizeFetchToMem); in SparkR, using parallelize; in Pyspark, using broadcast and parallelize; and use of python udfs. | ||||
| CVE-2019-10097 | 3 Apache, Oracle, Redhat | 11 Http Server, Communications Element Manager, Communications Session Report Manager and 8 more | 2024-11-21 | 7.2 High |
| In Apache HTTP Server 2.4.32-2.4.39, when mod_remoteip was configured to use a trusted intermediary proxy server using the "PROXY" protocol, a specially crafted PROXY header could trigger a stack buffer overflow or NULL pointer deference. This vulnerability could only be triggered by a trusted proxy and not by untrusted HTTP clients. | ||||