Total
232 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-3232 | 1 Cisco | 2 Asr 920-12sz-im, Ios Xe | 2024-11-21 | 7.7 High |
| A vulnerability in the Simple Network Management Protocol (SNMP) implementation in Cisco ASR 920 Series Aggregation Services Router model ASR920-12SZ-IM could allow an authenticated, remote attacker to cause the device to reload. The vulnerability is due to incorrect handling of data that is returned for Cisco Discovery Protocol queries to SNMP. An attacker could exploit this vulnerability by sending a request for Cisco Discovery Protocol information by using SNMP. An exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. | ||||
| CVE-2020-1651 | 1 Juniper | 16 Junos, Mx10, Mx10000 and 13 more | 2024-11-21 | 6.5 Medium |
| On Juniper Networks MX series, receipt of a stream of specific Layer 2 frames may cause a memory leak resulting in the packet forwarding engine (PFE) on the line card to crash and restart, causing traffic interruption. By continuously sending this stream of specific layer 2 frame, an attacker connected to the same broadcast domain can repeatedly crash the PFE, causing a prolonged Denial of Service (DoS). This issue affects Juniper Networks Junos OS on MX Series: 17.2 versions prior to 17.2R3-S4; 17.2X75 versions prior to 17.2X75-D105.19; 17.3 versions prior to 17.3R3-S7; 17.4 versions prior to 17.4R1-S3, 17.4R2; 18.1 versions prior to 18.1R2. This issue does not affect Juniper Networks Junos OS releases prior to 17.2R1. | ||||
| CVE-2019-9870 | 1 Oembed Project | 1 Oembed | 2024-11-21 | N/A |
| plugin.js in the w8tcha oEmbed plugin before 2019-03-14 for CKEditor mishandles SCRIPT elements. | ||||
| CVE-2019-9673 | 1 Freenetproject | 1 Freenet | 2024-11-21 | N/A |
| Freenet 1483 has a MIME type bypass that allows arbitrary JavaScript execution via a crafted Freenet URI. | ||||
| CVE-2019-9573 | 1 Mishubd | 1 Wp Human Resource Management | 2024-11-21 | N/A |
| The WP Human Resource Management plugin before 2.2.6 for WordPress mishandles leave applications. | ||||
| CVE-2019-9563 | 1 Bluemind | 1 Bluemind | 2024-11-21 | N/A |
| In BlueMind 3.5.x before 3.5.11 Hotfix 7 and 4.x before 4.0-beta3, the contact application mishandles temporary uploads. | ||||
| CVE-2019-6440 | 1 Zemana | 1 Antimalware | 2024-11-21 | N/A |
| Zemana AntiMalware before 3.0.658 Beta mishandles update logic. | ||||
| CVE-2019-4236 | 2 Hp, Ibm | 2 Hp-ux, Spectrum Protect | 2024-11-21 | 4.4 Medium |
| A IBM Spectrum Protect 7.l client backup or archive operation running for an HP-UX VxFS object is silently skipping Access Control List (ACL) entries from backup or archive if there are more than twelve ACL entries associated with the object in total. As a result, it could allow a local attacker to restore or retrieve the object with incorrect ACL entries. IBM X-Force ID: 159418. | ||||
| CVE-2019-3554 | 1 Facebook | 1 Wangle | 2024-11-21 | N/A |
| Wangle's AcceptRoutingHandler incorrectly casts a socket when accepting a TLS 1.3 connection, leading to a potential denial of service attack against systems accepting such connections. This affects versions of Wangle prior to v2019.01.14.00 | ||||
| CVE-2019-1083 | 1 Microsoft | 9 .net Framework, Windows 10, Windows 7 and 6 more | 2024-11-21 | N/A |
| A denial of service vulnerability exists when Microsoft Common Object Runtime Library improperly handles web requests, aka '.NET Denial of Service Vulnerability'. | ||||
| CVE-2019-14794 | 1 Metabox | 1 Meta Box | 2024-11-21 | N/A |
| The Meta Box plugin before 4.16.2 for WordPress mishandles the uploading of files to custom folders. | ||||
| CVE-2019-13917 | 2 Debian, Exim | 2 Debian Linux, Exim | 2024-11-21 | N/A |
| Exim 4.85 through 4.92 (fixed in 4.92.1) allows remote code execution as root in some unusual configurations that use the ${sort } expansion for items that can be controlled by an attacker (e.g., $local_part or $domain). | ||||
| CVE-2019-13624 | 1 Onosproject | 1 Onos | 2024-11-21 | N/A |
| In ONOS 1.15.0, apps/yang/web/src/main/java/org/onosproject/yang/web/YangWebResource.java mishandles backquote characters within strings that can be used in a shell command. | ||||
| CVE-2019-12828 | 1 Ea | 1 Origin | 2024-11-21 | N/A |
| An issue was discovered in Electronic Arts Origin before 10.5.39. Due to improper sanitization of the origin:// and origin2:// URI schemes, it is possible to inject additional arguments into the Origin process and ultimately leverage code execution by loading a backdoored Qt plugin remotely via the platformpluginpath argument supplied with a Windows network share. | ||||
| CVE-2019-11070 | 3 Redhat, Webkitgtk, Wpewebkit | 3 Enterprise Linux, Webkitgtk, Wpe Webkit | 2024-11-21 | N/A |
| WebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly apply configured HTTP proxy settings when downloading livestream video (HLS, DASH, or Smooth Streaming), an error resulting in deanonymization. This issue was corrected by changing the way livestreams are downloaded. | ||||
| CVE-2019-10477 | 2 Fusioninventory, Glpi-project | 2 Fusioninventory, Glpi | 2024-11-21 | N/A |
| The FusionInventory plugin before 1.4 for GLPI 9.3.x and before 1.1 for GLPI 9.4.x mishandles sendXML actions. | ||||
| CVE-2019-0982 | 1 Microsoft | 1 Asp.net Core | 2024-11-21 | N/A |
| A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'. | ||||
| CVE-2019-0981 | 2 Microsoft, Redhat | 12 .net Core, .net Framework, Windows 10 and 9 more | 2024-11-21 | N/A |
| A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests, aka '.Net Framework and .Net Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0820, CVE-2019-0980. | ||||
| CVE-2019-0980 | 2 Microsoft, Redhat | 12 .net Core, .net Framework, Windows 10 and 9 more | 2024-11-21 | N/A |
| A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests, aka '.Net Framework and .Net Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0820, CVE-2019-0981. | ||||
| CVE-2019-0947 | 1 Microsoft | 1 Office | 2024-11-21 | N/A |
| A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka 'Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0945, CVE-2019-0946. | ||||