National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • CVSS Version: 3
  • CVSS V3 Severity: Critical (9-10)
  • CVSS V3 Metrics: AV:N
There are 6,041 matching records.
Displaying matches 1 through 20.
Vuln ID Summary CVSS Severity
CVE-2019-8341

An issue was discovered in Jinja2 2.10. The from_string function is prone to Server Side Template Injection (SSTI) where it takes the "source" parameter as a template object, renders it, and then returns it. The attacker can exploit it with {{INJECTION COMMANDS}} in a URI.

Published: February 15, 2019; 02:29:00 AM -05:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2019-6545

AVEVA Software, LLC InduSoft Web Studio prior to Version 8.1 SP3 and InTouch Edge HMI (formerly InTouch Machine Edition) prior to Version 2017 Update. An unauthenticated remote user could use a specially crafted database connection configuration file to execute an arbitrary process on the server machine.

Published: February 12, 2019; 08:29:00 PM -05:00
V3: 9.8 CRITICAL
V2: 10.0 HIGH
CVE-2019-6543

AVEVA Software, LLC InduSoft Web Studio prior to Version 8.1 SP3 and InTouch Edge HMI (formerly InTouch Machine Edition) prior to Version 2017 Update. Code is executed under the program runtime privileges, which could lead to the compromise of the machine.

Published: February 12, 2019; 08:29:00 PM -05:00
V3: 9.8 CRITICAL
V2: 10.0 HIGH
CVE-2018-19645

An Authentication Bypass issue exists in Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5.

Published: February 12, 2019; 03:29:00 PM -05:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2019-7743

An issue was discovered in Joomla! before 3.9.3. The phar:// stream wrapper can be used for objection injection attacks because there is no protection mechanism (such as the TYPO3 PHAR stream wrapper) to prevent use of the phar:// handler for non .phar-files.

Published: February 12, 2019; 01:29:00 PM -05:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2019-6533

Registers used to store Modbus values can be read and written from the web interface without authentication in the PR100088 Modbus gateway versions prior to Release R02 (or Software Version 1.1.13166).

Published: February 12, 2019; 12:29:00 PM -05:00
V3: 9.1 CRITICAL
V2: 6.4 MEDIUM
CVE-2018-20781

In pam/gkr-pam-module.c in GNOME Keyring before 3.27.2, the user's password is kept in a session-child process spawned from the LightDM daemon. This can expose the credential in cleartext.

Published: February 12, 2019; 12:29:00 PM -05:00
V3: 9.8 CRITICAL
V2: 5.0 MEDIUM
CVE-2018-9583

In bta_ag_parse_cmer of bta_ag_cmd.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote code execution in the bluetooth server with no additional execution privileges needed. User interaction is not needed for exploitation. Android ID: A-112860487.

Published: February 11, 2019; 06:29:00 PM -05:00
V3: 9.8 CRITICAL
V2: 10.0 HIGH
CVE-2019-7747

DbNinja 3.2.7 allows session fixation via the data.php sessid parameter.

Published: February 11, 2019; 04:29:00 PM -05:00
V3: 9.6 CRITICAL
V2: 6.8 MEDIUM
CVE-2019-7736

D-Link DIR-600M C1 3.04 devices allow authentication bypass via a direct request to the wan.htm page.

Published: February 11, 2019; 12:29:00 PM -05:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2019-7731

MyWebSQL 3.7 has a remote code execution (RCE) vulnerability after an attacker writes shell code into the database, and executes the Backup Database function with a .php filename for the backup's archive file.

Published: February 11, 2019; 12:29:00 PM -05:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2019-7720

taocms through 2014-05-24 allows eval injection by placing PHP code in the install.php db_name parameter and then making a config.php request.

Published: February 10, 2019; 11:29:00 PM -05:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2019-7719

Nibbleblog 4.0.5 allows eval injection by placing PHP code in the install.php username parameter and then making a content/private/shadow.php request.

Published: February 10, 2019; 11:29:00 PM -05:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2018-20779

Traq 3.7.1 allows SQL Injection via a tickets?search= URI.

Published: February 10, 2019; 09:29:01 PM -05:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2018-20771

An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is unauthenticated Remote Command Execution.

Published: February 10, 2019; 12:29:00 PM -05:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2018-20770

An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is Blind SQL Injection.

Published: February 10, 2019; 12:29:00 PM -05:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2018-20768

An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. An attacker can execute PHP code by leveraging a writable file.

Published: February 10, 2019; 12:29:00 PM -05:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2019-7692

install/install.php in CIM 0.9.3 allows remote attackers to execute arbitrary PHP code via a crafted prefix value because of configuration file mishandling in the N=83 case, as demonstrated by a call to the PHP fputs function that creates a .php file in the public folder.

Published: February 10, 2019; 11:29:00 AM -05:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2018-13792

Multiple SQL injection vulnerabilities in the monitoring feature in the HTTP API in ABBYY FlexiCapture before 12 Release 2 allow an attacker to execute arbitrary SQL commands via the mask, sortOrder, filter, or Order parameter.

Published: February 09, 2019; 09:29:00 PM -05:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2019-7678

A directory traversal vulnerability was discovered in Enphase Envoy R3.*.* via images/, include/, include/js, or include/css on TCP port 8888.

Published: February 09, 2019; 05:29:00 PM -05:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH