National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

There are 127,498 matching records.
Displaying matches 1 through 20.
Vuln ID Summary CVSS Severity
CVE-2019-19807

In the Linux kernel before 5.3.11, sound/core/timer.c has a use-after-free caused by erroneous code refactoring, aka CID-e7af6307a8a5. This is related to snd_timer_open and snd_timer_close_locked. The timeri variable was originally intended to be for a newly created timer instance, but was used for a different purpose after refactoring.

Published: December 15, 2019; 06:15:11 PM -05:00
(not available)
CVE-2014-8650

python-requests-Kerberos through 0.5 does not handle mutual authentication

Published: December 15, 2019; 05:15:12 PM -05:00
(not available)
CVE-2014-8561

imagemagick 6.8.9.6 has remote DOS via infinite loop

Published: December 15, 2019; 05:15:11 PM -05:00
(not available)
CVE-2014-4913

ZF2014-03 has a potential cross site scripting vector in multiple view helpers

Published: December 15, 2019; 05:15:11 PM -05:00
(not available)
CVE-2014-3701

eDeploy has tmp file race condition flaws

Published: December 15, 2019; 05:15:11 PM -05:00
(not available)
CVE-2014-3699

eDeploy has RCE via cPickle deserialization of untrusted data

Published: December 15, 2019; 05:15:11 PM -05:00
(not available)
CVE-2014-3652

JBoss KeyCloak: Open redirect vulnerability via failure to validate the redirect URL.

Published: December 15, 2019; 05:15:11 PM -05:00
(not available)
CVE-2014-3643

jersey: XXE via parameter entities not disabled by the jersey SAX parser

Published: December 15, 2019; 05:15:11 PM -05:00
(not available)
CVE-2014-3536

CFME (CloudForms Management Engine) 5: RHN account information is logged to top_output.log during registration

Published: December 15, 2019; 05:15:11 PM -05:00
(not available)
CVE-2019-19797

read_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write.

Published: December 15, 2019; 03:15:11 PM -05:00
(not available)
CVE-2019-5252

There is an improper authentication vulnerability in Huawei smartphones (Y9, Honor 8X, Honor 9 Lite, Honor 9i, Y6 Pro). The applock does not perform a sufficient authentication in a rare condition. Successful exploit could allow the attacker to use the application locked by applock in an instant.

Published: December 13, 2019; 07:15:11 PM -05:00
(not available)
CVE-2019-5235

Some Huawei smart phones have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone to be abnormal.

Published: December 13, 2019; 07:15:10 PM -05:00
(not available)
CVE-2019-5277

Huawei CloudUSM-EUA V600R006C10;V600R019C00 have an information leak vulnerability. Due to improper configuration, the attacker may cause information leak by successful exploitation.

Published: December 13, 2019; 06:15:12 PM -05:00
(not available)
CVE-2019-5264

There is an information disclosure vulnerability in certain Huawei smartphones (Mate 10;Mate 10 Pro;Honor V10;Changxiang 7S;P-smart;Changxiang 8 Plus;Y9 2018;Honor 9 Lite;Honor 9i;Mate 9). The software does not properly handle certain information of applications locked by applock in a rare condition. Successful exploit could cause information disclosure.

Published: December 13, 2019; 06:15:12 PM -05:00
(not available)
CVE-2019-5258

Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a buffer overflow vulnerability. An attacker who logs in to the board may send crafted messages from the internal network port or tamper with inter-process message packets to exploit this vulnerability. Due to insufficient validation of the message, successful exploit may cause the affected board to be abnormal.

Published: December 13, 2019; 06:15:11 PM -05:00
(not available)
CVE-2019-5257

Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace) have a resource management vulnerability. An attacker who logs in to the board may send crafted messages from the internal network.

Published: December 13, 2019; 06:15:11 PM -05:00
(not available)
CVE-2019-5256

Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a null pointer dereference vulnerability. The system dereferences a pointer that it expects to be valid, but is NULL. A local attacker could exploit this vulnerability by sending crafted parameters. A successful exploit could cause a denial of service and the process reboot.

Published: December 13, 2019; 06:15:11 PM -05:00
(not available)
CVE-2019-5255

Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a DoS vulnerability. An attacker may send crafted messages from a FTP client to exploit this vulnerability. Due to insufficient validation of the message, successful exploit may cause the system out-of-bounds read and result in a denial of service condition of the affected service.

Published: December 13, 2019; 06:15:11 PM -05:00
(not available)
CVE-2019-5254

Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have an out-of-bounds read vulnerability. An attacker who logs in to the board may send crafted messages from the internal network port or tamper with inter-process message packets to exploit this vulnerability. Due to insufficient validation of the message, successful exploit may cause the affected board to be abnormal.

Published: December 13, 2019; 06:15:11 PM -05:00
(not available)
CVE-2019-5278

There is an out-of-bounds read vulnerability in the Advanced Packages feature of the Gauss100 OLTP database in CampusInsight before V100R019C00SPC200. Attackers who gain the specific permission can use this vulnerability by sending elaborate SQL statements to the database. Successful exploit of this vulnerability may cause the database to crash.

Published: December 13, 2019; 05:15:11 PM -05:00
(not available)