Last 20 Scored Vulnerability IDs & Summaries
CVSS Severity
-
CVE-2018-11684 —
Liblouis 3.5.0 has a stack-based Buffer Overflow in the function includeFile in compileTranslationTable.c.
Published: June 04, 2018; 02:29:00 AM -04:00
-
CVE-2019-1834 —
A vulnerability in the internal packet processing of Cisco Aironet Series Access Points (APs) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected AP if the switch interface where the AP is con... read CVE-2019-1834
Published: April 17, 2019; 10:29:05 PM -04:00
-
CVE-2019-1835 —
A vulnerability in the CLI of Cisco Aironet Access Points (APs) could allow an authenticated, local attacker to access sensitive information stored in an AP. The vulnerability is due to improper sanitization of user-supplied input in specific CLI com... read CVE-2019-1835
Published: April 17, 2019; 10:29:05 PM -04:00
-
CVE-2018-17289 —
An XML external entity (XXE) vulnerability in Kofax Front Office Server Administration Console version 4.1.1.11.0.5212 allows remote authenticated users to read arbitrary files via crafted XML inside an imported package configuration (.ZIP file) with... read CVE-2018-17289
Published: April 18, 2019; 02:29:00 PM -04:00
-
CVE-2018-17288 —
Kofax Front Office Server version 4.1.1.11.0.5212 (both Thin Client and Administration Console) suffers from multiple authenticated stored XSS vulnerabilities via the (1) "Filename" field in /Kofax/KFS/ThinClient/document/upload/ - (Thin Client) or (... read CVE-2018-17288
Published: April 18, 2019; 02:29:00 PM -04:00
-
CVE-2018-20200 —
CertificatePinner.java in OkHttp 3.x through 3.12.0 allows man-in-the-middle attackers to bypass certificate pinning by changing SSLContext and the boolean values while hooking the application.
Published: April 18, 2019; 03:29:01 PM -04:00
-
CVE-2019-11331 —
Network Time Protocol (NTP), as specified in RFC 5905, uses port 123 even for modes where a fixed port number is not required, which makes it easier for remote attackers to conduct off-path attacks.
Published: April 18, 2019; 06:29:00 PM -04:00
-
CVE-2018-11577 —
Liblouis 3.5.0 has a Segmentation fault in lou_logPrint in logging.c.
Published: May 30, 2018; 08:29:00 PM -04:00
-
CVE-2019-9161 —
WAC on the Sangfor Sundray WLAN Controller version 3.7.4.2 and earlier has a Remote Code Execution issue allowing remote attackers to achieve full access to the system, because shell metacharacters in the nginx_webconsole.php Cookie header can be use... read CVE-2019-9161
Published: April 18, 2019; 07:29:00 PM -04:00
-
CVE-2019-1830 —
A vulnerability in Locally Significant Certificate (LSC) management for the Cisco Wireless LAN Controller (WLC) could allow an authenticated, remote attacker to cause the device to unexpectedly restart, which causes a denial of service (DoS) conditio... read CVE-2019-1830
Published: April 17, 2019; 10:29:05 PM -04:00
-
CVE-2019-1837 —
A vulnerability in the User Data Services (UDS) API of Cisco Unified Communications Manager (Unified CM) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the management GUI. The vulnerability is due to i... read CVE-2019-1837
Published: April 17, 2019; 10:29:05 PM -04:00
-
CVE-2019-1840 —
A vulnerability in the DHCPv6 input packet processor of Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to restart the server and cause a denial of service (DoS) condition on the affected system. The vulnerability is due... read CVE-2019-1840
Published: April 17, 2019; 10:29:06 PM -04:00
-
CVE-2019-10893 —
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.793 (Free/Open Source Version) and 0.9.8.753 (Pro) is vulnerable to Stored/Persistent XSS for Admin Email fields on the "CWP Settings > "Edit Settings" screen. By changing the email ID to any XS... read CVE-2019-10893
Published: April 18, 2019; 04:29:00 PM -04:00
-
CVE-2018-11685 —
Liblouis 3.5.0 has a stack-based Buffer Overflow in the function compileHyphenation in compileTranslationTable.c.
Published: June 04, 2018; 02:29:00 AM -04:00
-
CVE-2019-1841 —
A vulnerability in the Software Image Management feature of Cisco DNA Center could allow an authenticated, remote attacker to access to internal services without additional authentication. The vulnerability is due to insufficient validation of user-s... read CVE-2019-1841
Published: April 17, 2019; 10:29:06 PM -04:00
-
CVE-2019-11017 —
On D-Link DI-524 V2.06RU devices, multiple Stored and Reflected XSS vulnerabilities were found in the Web Configuration: /spap.htm, /smap.htm, and /cgi-bin/smap, as demonstrated by the cgi-bin/smap RC parameter.
Published: April 18, 2019; 02:29:00 PM -04:00
-
CVE-2019-11034 —
When processing certain files, PHP EXIF extension in versions 7.1.x below 7.2.8, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_process_IFD_TAG function. This may lead to information disclosure or crash.
Published: April 18, 2019; 01:29:00 PM -04:00
-
CVE-2019-1831 —
A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured content filters on the device. The vulnerability is due to improper... read CVE-2019-1831
Published: April 17, 2019; 10:29:05 PM -04:00
-
CVE-2019-11339 —
The studio profile decoder in libavcodec/mpeg4videodec.c in FFmpeg 4.0 before 4.0.4 and 4.1 before 4.1.2 allows remote attackers to cause a denial of service (out-of-array access) or possibly have unspecified other impact via crafted MPEG-4 video dat... read CVE-2019-11339
Published: April 18, 2019; 08:29:00 PM -04:00
-
CVE-2019-11338 —
libavcodec/hevcdec.c in FFmpeg 4.1.2 mishandles detection of duplicate first slices, which allows remote attackers to cause a denial of service (NULL pointer dereference and out-of-array access) or possibly have unspecified other impact via crafted H... read CVE-2019-11338
Published: April 18, 2019; 08:29:00 PM -04:00