National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

There are 129,600 matching records.
Displaying matches 81 through 100.
Vuln ID Summary CVSS Severity
CVE-2019-20397

A double-free is present in libyang before v1.0-r1 in the function yyparse() when an organization field is not terminated. Applications that use libyang to parse untrusted input yang files may be vulnerable to this flaw, which would cause a crash or potentially code execution.

Published: January 22, 2020; 05:15:10 PM -05:00
V3.1: 8.8 HIGH
    V2: 6.8 MEDIUM
CVE-2019-20396

A segmentation fault is present in yyparse in libyang before v1.0-r1 due to a malformed pattern statement value during lys_parse_path parsing.

Published: January 22, 2020; 05:15:10 PM -05:00
V3.1: 6.5 MEDIUM
    V2: 4.3 MEDIUM
CVE-2019-20395

A stack consumption issue is present in libyang before v1.0-r1 due to the self-referential union type containing leafrefs. Applications that use libyang to parse untrusted input yang files may crash.

Published: January 22, 2020; 05:15:10 PM -05:00
V3.1: 6.5 MEDIUM
    V2: 4.3 MEDIUM
CVE-2019-20394

A double-free is present in libyang before v1.0-r3 in the function yyparse() when a type statement in used in a notification statement. Applications that use libyang to parse untrusted input yang files may be vulnerable to this flaw, which would cause a crash or potentially code execution.

Published: January 22, 2020; 05:15:10 PM -05:00
V3.1: 8.8 HIGH
    V2: 6.8 MEDIUM
CVE-2019-20393

A double-free is present in libyang before v1.0-r1 in the function yyparse() when an empty description is used. Applications that use libyang to parse untrusted input yang files may be vulnerable to this flaw, which would cause a crash or potentially code execution.

Published: January 22, 2020; 05:15:10 PM -05:00
V3.1: 8.8 HIGH
    V2: 6.8 MEDIUM
CVE-2019-20392

An invalid memory access flaw is present in libyang before v1.0-r1 in the function resolve_feature_value() when an if-feature statement is used inside a list key node, and the feature used is not defined. Applications that use libyang to parse untrusted input yang files may crash.

Published: January 22, 2020; 05:15:10 PM -05:00
V3.1: 6.5 MEDIUM
    V2: 4.3 MEDIUM
CVE-2019-20391

An invalid memory access flaw is present in libyang before v1.0-r3 in the function resolve_feature_value() when an if-feature statement is used inside a bit. Applications that use libyang to parse untrusted input yang files may crash.

Published: January 22, 2020; 05:15:10 PM -05:00
V3.1: 6.5 MEDIUM
    V2: 4.3 MEDIUM
CVE-2019-19842

emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=spectra-analysis to admin/_cmdstat.jsp via the mac attribute.

Published: January 22, 2020; 04:15:10 PM -05:00
(not available)
CVE-2019-19841

emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=packet-capture to admin/_cmdstat.jsp via the mac attribute.

Published: January 22, 2020; 04:15:10 PM -05:00
(not available)
CVE-2019-19840

A stack-based buffer overflow in zap_parse_args in zap.c in zap in Ruckus Unleashed through 200.7.10.102.64 allows remote code execution via an unauthenticated HTTP request.

Published: January 22, 2020; 04:15:10 PM -05:00
(not available)
CVE-2011-3622

A Cross-Site Scripting (XSS) vulnerability exists in the admin login screen in Phorum before 5.2.18.

Published: January 22, 2020; 03:15:11 PM -05:00
(not available)
CVE-2020-5221

In uftpd before 2.11, it is possible for an unauthenticated user to perform a directory traversal attack using multiple different FTP commands and read and write to arbitrary locations on the filesystem due to the lack of a well-written chroot jail in compose_abspath(). This has been fixed in version 2.11

Published: January 22, 2020; 02:15:13 PM -05:00
(not available)
CVE-2019-19843

Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote credential fetch via an unauthenticated HTTP request involving a symlink with /tmp and web/user/wps_tool_cache.

Published: January 22, 2020; 02:15:12 PM -05:00
V3.1: 9.8 CRITICAL
    V2: 7.5 HIGH
CVE-2019-19836

AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote code execution via a POST request that uses tools/_rcmdstat.jsp to write to a specified filename.

Published: January 22, 2020; 02:15:12 PM -05:00
V3.1: 9.8 CRITICAL
    V2: 7.5 HIGH
CVE-2019-19834

Directory Traversal in ruckus_cli2 in Ruckus Wireless Unleashed through 200.7.10.102.64 allows a remote attacker to jailbreak the CLI via enable->debug->script->exec with ../../../bin/sh as the parameter.

Published: January 22, 2020; 02:15:12 PM -05:00
V3.1: 7.2 HIGH
    V2: 6.5 MEDIUM
CVE-2019-16792

Waitress through version 1.3.1 allows request smuggling by sending the Content-Length header twice. Waitress would header fold a double Content-Length header and due to being unable to cast the now comma separated value to an integer would set the Content-Length to 0 internally. If two Content-Length headers are sent in a single request, Waitress would treat the request as having no body, thereby treating the body of the request as a new request in HTTP pipelining. This issue is fixed in Waitress 1.4.0.

Published: January 22, 2020; 02:15:11 PM -05:00
(not available)
CVE-2016-4761

WebKitGTK+ before 2.14.0: A use-after-free vulnerability can allow remote attackers to cause a DoS

Published: January 22, 2020; 02:15:10 PM -05:00
(not available)
CVE-2012-4919

Gallery Plugin1.4 for WordPress has a Remote File Include Vulnerability

Published: January 22, 2020; 02:15:10 PM -05:00
(not available)
CVE-2019-5647

The Chrome Plugin for Rapid7 AppSpider can incorrectly keep browser sessions active after recording a macro, even after a restart of the Chrome browser. This behavior could make future session hijacking attempts easier, since the user could believe a session was closed when it was not. This issue affects Rapid7 AppSpider version 3.8.213 and prior versions, and is fixed in version 3.8.215.

Published: January 22, 2020; 01:15:12 PM -05:00
(not available)
CVE-2011-3621

A reverse proxy issue exists in FluxBB before 1.4.7 when FORUM_BEHIND_REVERSE_PROXY is enabled.

Published: January 22, 2020; 01:15:11 PM -05:00
(not available)