Search Results (Refine Search)
- Results Type: Overview
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2019-17244 |
IrfanView 4.53 allows Data from a Faulting Address to control Code Flow starting at JPEG_LS+0x0000000000001d8a. Published: October 08, 2019; 8:15:10 AM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2019-17243 |
IrfanView 4.53 allows Data from a Faulting Address to control Code Flow starting at JPEG_LS+0x0000000000003155. Published: October 08, 2019; 8:15:10 AM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2019-17242 |
IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x000000000000966f. Published: October 08, 2019; 8:15:10 AM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 4.6 MEDIUM |
CVE-2019-17241 |
IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x000000000000d563. Published: October 08, 2019; 8:15:10 AM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 4.6 MEDIUM |
CVE-2019-17349 |
An issue was discovered in Xen through 4.12.x allowing Arm domU attackers to cause a denial of service (infinite loop) involving a LoadExcl or StoreExcl operation. Published: October 07, 2019; 9:15:11 PM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2019-17348 |
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service because of an incompatibility between Process Context Identifiers (PCID) and shadow-pagetable switching. Published: October 07, 2019; 9:15:10 PM -0400 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2019-17347 |
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges because a guest can manipulate its virtualised %cr4 in a way that is incompatible with Linux (and possibly other guest kernels). Published: October 07, 2019; 9:15:10 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 4.6 MEDIUM |
CVE-2019-17346 |
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges because of an incompatibility between Process Context Identifiers (PCID) and TLB flushes. Published: October 07, 2019; 9:15:10 PM -0400 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0: 7.2 HIGH |
CVE-2019-17345 |
An issue was discovered in Xen 4.8.x through 4.11.x allowing x86 PV guest OS users to cause a denial of service because mishandling of failed IOMMU operations causes a bug check during the cleanup of a crashed guest. Published: October 07, 2019; 9:15:10 PM -0400 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2019-17344 |
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service by leveraging a long-running operation that exists to support restartability of PTE updates. Published: October 07, 2019; 9:15:10 PM -0400 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2019-17343 |
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges by leveraging incorrect use of the HVM physmap concept for PV domains. Published: October 07, 2019; 9:15:10 PM -0400 |
V4.0:(not available) V3.1: 6.8 MEDIUM V2.0: 4.6 MEDIUM |
CVE-2019-17342 |
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges by leveraging a race condition that arose when XENMEM_exchange was introduced. Published: October 07, 2019; 9:15:10 PM -0400 |
V4.0:(not available) V3.1: 7.0 HIGH V2.0: 4.4 MEDIUM |
CVE-2019-17341 |
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges by leveraging a page-writability race condition during addition of a passed-through PCI device. Published: October 07, 2019; 9:15:10 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 6.9 MEDIUM |
CVE-2019-17340 |
An issue was discovered in Xen through 4.11.x allowing x86 guest OS users to cause a denial of service or gain privileges because grant-table transfer requests are mishandled. Published: October 07, 2019; 9:15:10 PM -0400 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0: 6.1 MEDIUM |
CVE-2019-17351 |
An issue was discovered in drivers/xen/balloon.c in the Linux kernel before 5.2.3, as used in Xen through 4.12.x, allowing guest OS users to cause a denial of service because of unrestricted resource consumption during the mapping of guest memory, aka CID-6ef36ab967c7. Published: October 07, 2019; 8:15:10 PM -0400 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2019-17350 |
An issue was discovered in Xen through 4.12.x allowing Arm domU attackers to cause a denial of service (infinite loop) involving a compare-and-exchange operation. Published: October 07, 2019; 8:15:10 PM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2019-17233 |
Functions/EWD_UFAQ_Import.php in the ultimate-faqs plugin through 1.8.24 for WordPress allows HTML content injection. Published: October 07, 2019; 7:15:10 PM -0400 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2019-17232 |
Functions/EWD_UFAQ_Import.php in the ultimate-faqs plugin through 1.8.24 for WordPress allows unauthenticated options import. Published: October 07, 2019; 7:15:10 PM -0400 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2019-17239 |
includes/settings/class-alg-download-plugins-settings.php in the download-plugins-dashboard plugin through 1.5.0 for WordPress has multiple unauthenticated stored XSS issues. Published: October 07, 2019; 6:15:10 PM -0400 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2019-16913 |
PC Protect Antivirus v4.14.31 installs by default to %PROGRAMFILES(X86)%\PCProtect with very weak folder permissions, granting any user full permission "Everyone: (F)" to the contents of the directory and its subfolders. In addition, the program installs a service called SecurityService that runs as LocalSystem. This allows any user to escalate privileges to "NT AUTHORITY\SYSTEM" by substituting the service's binary with a Trojan horse. Published: October 07, 2019; 6:15:10 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 7.2 HIGH |