Search Results (Refine Search)
- Results Type: Overview
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2018-20863 |
cPanel before 76.0.8 allows remote attackers to execute arbitrary code via mailing-list attachments (SEC-452). Published: July 30, 2019; 11:15:10 AM -0400 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2018-20862 |
cPanel before 76.0.8 unsafely performs PostgreSQL password changes (SEC-366). Published: July 30, 2019; 11:15:10 AM -0400 |
V4.0:(not available) V3.0: 7.8 HIGH V2.0: 2.1 LOW |
CVE-2019-4456 |
IBM Daeja ViewONE Professional, Standard & Virtual 5.0.5 and 5.0.6 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 163620. Published: July 30, 2019; 10:15:15 AM -0400 |
V4.0:(not available) V3.1: 7.1 HIGH V2.0: 5.5 MEDIUM |
CVE-2019-4285 |
IBM WebSphere Application Server - Liberty Admin Center could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could send a specially-crafted HTTP request to hijack the victim's click actions or launch other client-side browser attacks. IBM X-Force ID: 160513. Published: July 30, 2019; 10:15:15 AM -0400 |
V4.0:(not available) V3.1: 5.4 MEDIUM V2.0: 3.5 LOW |
CVE-2019-4062 |
IBM i2 Intelligent Analyis Platform 9.0.0 through 9.1.1 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 157007. Published: July 30, 2019; 10:15:15 AM -0400 |
V4.0:(not available) V3.1: 7.1 HIGH V2.0: 5.5 MEDIUM |
CVE-2019-14392 |
cPanel before 80.0.22 allows remote code execution by a demo account because of incorrect URI dispatching (SEC-501). Published: July 30, 2019; 10:15:15 AM -0400 |
V4.0:(not available) V3.0: 8.8 HIGH V2.0: 6.5 MEDIUM |
CVE-2019-11775 |
All builds of Eclipse OpenJ9 prior to 0.15 contain a bug where the loop versioner may fail to privatize a value that is pulled out of the loop by versioning - for example if there is a condition that is moved out of the loop that reads a field we may not privatize the value of that field in the modified copy of the loop allowing the test to see one value of the field and subsequently the loop to see a modified field value without retesting the condition moved out of the loop. This can lead to a variety of different issues but read out of array bounds is one major consequence of these problems. Published: July 30, 2019; 10:15:14 AM -0400 |
V4.0:(not available) V3.1: 7.4 HIGH V2.0: 5.8 MEDIUM |
CVE-2018-20867 |
cPanel before 76.0.8 has an open redirect when resetting connections (SEC-462). Published: July 30, 2019; 10:15:14 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 5.8 MEDIUM |
CVE-2019-14444 |
apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation (in byte_put_little_endian function in elfcomm.c) via an ELF file, as demonstrated by readelf. Published: July 30, 2019; 9:15:18 AM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2019-14443 |
An issue was discovered in Libav 12.3. Division by zero in range_decode_culshift in libavcodec/apedec.c allows remote attackers to cause a denial of service (application crash), as demonstrated by avconv. Published: July 30, 2019; 9:15:18 AM -0400 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2019-14442 |
In mpc8_read_header in libavformat/mpc8.c in Libav 12.3, an input file can result in an avio_seek infinite loop and hang, with 100% CPU consumption. Attackers could leverage this vulnerability to cause a denial of service via a crafted file. Published: July 30, 2019; 9:15:18 AM -0400 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0: 7.1 HIGH |
CVE-2019-14441 |
An issue was discovered in Libav 12.3. An access violation allows remote attackers to cause a denial of service (application crash), as demonstrated by avconv. This is related to ff_mpa_synth_filter_float in avcodec/mpegaudiodsp_template.c. NOTE: This may be a duplicate of CVE-2018-19129 Published: July 30, 2019; 9:15:18 AM -0400 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2019-14391 |
cPanel before 82.0.2 does not properly enforce Reseller package creation ACLs (SEC-514). Published: July 30, 2019; 9:15:18 AM -0400 |
V4.0:(not available) V3.0: 3.3 LOW V2.0: 2.1 LOW |
CVE-2019-14390 |
cPanel before 82.0.2 has stored XSS in the WHM Modify Account interface (SEC-512). Published: July 30, 2019; 9:15:18 AM -0400 |
V4.0:(not available) V3.0: 5.4 MEDIUM V2.0: 3.5 LOW |
CVE-2019-14389 |
cPanel before 82.0.2 allows local users to discover the MySQL root password (SEC-510). Published: July 30, 2019; 9:15:18 AM -0400 |
V4.0:(not available) V3.0: 7.8 HIGH V2.0: 2.1 LOW |
CVE-2019-14388 |
cPanel before 82.0.2 allows unauthenticated file creation because Exim log parsing is mishandled (SEC-507). Published: July 30, 2019; 9:15:18 AM -0400 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2019-14387 |
cPanel before 82.0.2 has Self XSS in the cPanel and webmail master templates (SEC-506). Published: July 30, 2019; 9:15:18 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2019-14386 |
cPanel before 82.0.2 has stored XSS in the WHM Tomcat Manager interface (SEC-504). Published: July 30, 2019; 9:15:18 AM -0400 |
V4.0:(not available) V3.0: 5.4 MEDIUM V2.0: 3.5 LOW |
CVE-2019-14381 |
libopenmpt before 0.4.3 allows a crash due to a NULL pointer dereference when doing a portamento from an OPL instrument to an empty instrument note map slot. Published: July 30, 2019; 9:15:17 AM -0400 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2019-14327 |
A CSRF vulnerability in Settings form in the Custom Simple Rss plugin 2.0.6 for WordPress allows attackers to change the plugin settings. Published: July 30, 2019; 9:15:17 AM -0400 |
V4.0:(not available) V3.0: 6.5 MEDIUM V2.0: 4.3 MEDIUM |