Search Results (Refine Search)
- Results Type: Overview
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2019-18588 |
Dell EMC Unisphere for PowerMax versions prior to 9.1.0.9, Dell EMC Unisphere for PowerMax versions prior to 9.0.2.16, and Dell EMC PowerMax OS 5978.221.221 and 5978.479.479 contain a Cross-Site Scripting (XSS) vulnerability. An authenticated malicious user may potentially exploit this vulnerability to inject javascript code and affect other authenticated users' sessions. Published: January 10, 2020; 2:15:11 PM -0500 |
V4.0:(not available) V3.1: 5.4 MEDIUM V2.0: 3.5 LOW |
CVE-2011-5020 |
An SQL Injection vulnerability exists in the ID parameter in Online TV Database 2011. Published: January 10, 2020; 2:15:11 PM -0500 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2019-19819 |
The JBIG2Globals library in npdf.dll in Nitro Free PDF Reader 12.0.0.112 has a CAPPDAnnotHandlerUtils::PDAnnotHandlerDestroyData2+0x90ec NULL Pointer Dereference via crafted Unicode content. Published: January 10, 2020; 1:15:12 PM -0500 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2019-19817 |
The JBIG2Decode library in npdf.dll in Nitro Free PDF Reader 12.0.0.112 has a CAPPDAnnotHandlerUtils::PDAnnotHandlerDestroyData2+0x2e8a Out-of-Bounds Read via crafted Unicode content. Published: January 10, 2020; 1:15:12 PM -0500 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2019-18194 |
TotalAV 2020 4.14.31 has a quarantine flaw that allows privilege escalation. Exploitation uses an NTFS directory junction to restore a malicious DLL from quarantine into the system32 folder. Published: January 10, 2020; 1:15:12 PM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 6.9 MEDIUM |
CVE-2019-14306 |
Ricoh SP C250DN 1.06 devices have Incorrect Access Control (issue 2 of 2). Published: January 10, 2020; 1:15:11 PM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2019-14304 |
Ricoh SP C250DN 1.06 devices allow CSRF. Published: January 10, 2020; 1:15:11 PM -0500 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2019-14302 |
On Ricoh SP C250DN 1.06 devices, a debug port can be used. Published: January 10, 2020; 1:15:11 PM -0500 |
V4.0:(not available) V3.1: 6.8 MEDIUM V2.0: 7.2 HIGH |
CVE-2019-14301 |
Ricoh SP C250DN 1.06 devices have Incorrect Access Control (issue 1 of 2). Published: January 10, 2020; 1:15:11 PM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2020-6162 |
An issue was discovered in Bftpd 5.3. Under certain circumstances, an out-of-bounds read is triggered due to an uninitialized value. The daemon crashes at startup in the hidegroups_init function in dirlist.c. Published: January 10, 2020; 12:15:13 PM -0500 |
V4.0:(not available) V3.1: 9.1 CRITICAL V2.0: 5.8 MEDIUM |
CVE-2019-19820 |
An invalid pointer vulnerability in IOCTL Handling in the kyrld.sys driver in Kyrol Internet Security 9.0.6.9 allows an attacker to achieve privilege escalation, denial-of-service, and code execution via usermode because 0x9C402405 using METHOD_NEITHER results in a read primitive. Published: January 10, 2020; 12:15:13 PM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2012-4030 |
Chamilo before 1.8.8.6 does not adequately handle user supplied input by the index.php script, which could allow remote attackers to delete arbitrary files. Published: January 10, 2020; 12:15:13 PM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 6.4 MEDIUM |
CVE-2012-3824 |
In Arial Campaign Enterprise before 11.0.551, multiple pages are accessible without authentication or authorization. Published: January 10, 2020; 12:15:13 PM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2012-3823 |
Arial Campaign Enterprise before 11.0.551 stores passwords in clear text and these may be retrieved. Published: January 10, 2020; 12:15:13 PM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2012-3822 |
Arial Campaign Enterprise before 11.0.551 has unauthorized access to the User-Edit.asp page, which allows remote attackers to enumerate users' credentials. Published: January 10, 2020; 12:15:13 PM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2019-4559 |
IBM QRadar SIEM 7.3.0 through 7.3.3 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 166355. Published: January 10, 2020; 11:15:10 AM -0500 |
V4.0:(not available) V3.1: 5.3 MEDIUM V2.0: 5.0 MEDIUM |
CVE-2019-4508 |
IBM QRadar SIEM 7.3.0 through 7.3.3 uses weak credential storage in some instances which could be decrypted by a local attacker. IBM X-Force ID: 164429. Published: January 10, 2020; 11:15:10 AM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 2.1 LOW |
CVE-2020-1767 |
Agent A is able to save a draft (i.e. for customer reply). Then Agent B can open the draft, change the text completely and send it in the name of Agent A. For the customer it will not be visible that the message was sent by another agent. This issue affects: ((OTRS)) Community Edition 6.0.x version 6.0.24 and prior versions. OTRS 7.0.x version 7.0.13 and prior versions. Published: January 10, 2020; 10:15:12 AM -0500 |
V4.0:(not available) V3.1: 4.3 MEDIUM V2.0: 3.5 LOW |
CVE-2020-1766 |
Due to improper handling of uploaded images it is possible in very unlikely and rare conditions to force the agents browser to execute malicious javascript from a special crafted SVG file rendered as inline jpg file. This issue affects: ((OTRS)) Community Edition 5.0.x version 5.0.39 and prior versions; 6.0.x version 6.0.24 and prior versions. OTRS 7.0.x version 7.0.13 and prior versions. Published: January 10, 2020; 10:15:12 AM -0500 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2020-1765 |
An improper control of parameters allows the spoofing of the from fields of the following screens: AgentTicketCompose, AgentTicketForward, AgentTicketBounce and AgentTicketEmailOutbound. This issue affects: ((OTRS)) Community Edition 5.0.x version 5.0.39 and prior versions; 6.0.x version 6.0.24 and prior versions. OTRS 7.0.x version 7.0.13 and prior versions. Published: January 10, 2020; 10:15:11 AM -0500 |
V4.0:(not available) V3.1: 5.3 MEDIUM V2.0: 5.0 MEDIUM |