Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used.

Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used.

Multiple cross-site scripting (XSS) vulnerabilities in includes/core/um-actions-login.php in the "Ultimate Member - User Profile & Membership" plugin before 2.0.28 for WordPress allow remote attackers to inject arbitrary web script or HTML via the "Primary button Text" or "Second button text" field.

In Apache Tika 1.19 (CVE-2018-11761), we added an entity expansion limit for XML parsing. However, Tika reuses SAXParsers and calls reset() after each parse, which, for Xerces2 parsers, as per the documentation, removes the user-specified SecurityManager and thus removes entity expansion limits after the first parse. Apache Tika versions from 0.1 to 1.19 are therefore still vulnerable to entity expansions which can lead to a denial of service attack. Users should upgrade to 1.19.1 or later.

An issue was discovered in Joomla! before 3.8.13. Inadequate checks in com_contact could allow mail submission in disabled forms.

An issue was discovered in Joomla! before 3.8.13. com_installer actions do not have sufficient CSRF hardening in the backend.

An issue was discovered in Joomla! before 3.8.13. Inadequate checks on the tags search fields can lead to an access level violation.

An issue was discovered in Joomla! before 3.8.13. com_joomlaupdate allows the execution of arbitrary code. The default ACL config enabled the ability of Administrator-level users to access com_joomlaupdate and trigger code execution.

An issue was discovered in Joomla! before 3.8.13. If an attacker gets access to the mail account of an user who can approve admin verifications in the registration process, he can activate himself.

An XXE vulnerability in LeviStudioU, Versions 1.8.29 and 1.8.44 can be exploited when the application processes specially crafted project XML files.

An out-of-bounds vulnerability in LeviStudioU, Versions 1.8.29 and 1.8.44 can be exploited when the application processes specially crafted project files.

VMware ESXi (6.7, 6.5, 6.0), Workstation (15.x and 14.x) and Fusion (11.x and 10.x) contain a denial-of-service vulnerability due to an infinite loop in a 3D-rendering shader. Successfully exploiting this issue may allow an attacker with normal user privileges in the guest to make the VM unresponsive, and in some cases, possibly result other VMs on the host or the host itself becoming unresponsive.

An issue was discovered in libgig 4.1.0. There is an operator new[] failure (due to a big pSampleLoops heap request) in DLS::Sampler::Sampler in DLS.cpp.

An issue was discovered in libgig 4.1.0. There is a heap-based buffer over-read in RIFF::List::GetListTypeString in RIFF.cpp.

An issue was discovered in libgig 4.1.0. There is an FPE (divide-by-zero error) in DLS::Sample::Sample in DLS.cpp.

An issue was discovered in libgig 4.1.0. There is a heap-based buffer over-read in DLS::Region::GetSample() in DLS.cpp.

An issue was discovered in libgig 4.1.0. There is operator new[] failure (due to a big pWavePoolTable heap request) in DLS::File::File in DLS.cpp.

An issue was discovered in libgig 4.1.0. There is a NULL pointer dereference in the function DLS::File::GetFirstSample() in DLS.cpp.

Cross-site request forgery (CSRF) vulnerability in /admin.php?c=member&m=edit&uid=1 in dayrui FineCms 5.4 allows remote attackers to change the administrator's password.

An issue was discovered in GoPro gpmf-parser before 1.2.1. There is a divide-by-zero error in GPMF_ScaledData in GPMF_parser.c.