Lista CVE - 2019 / Ottobre
Visualizzazione 301 - 400 di 1566 CVE per Ottobre 2019 (Pagina 4 di 16)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2019-17242 | 2019-10-08 | IrfanView 4.53 allows a User Mode Write AV starting at... |
| CVE-2019-17243 | 2019-10-08 | IrfanView 4.53 allows Data from a Faulting Address to control... |
| CVE-2019-17244 | 2019-10-08 | IrfanView 4.53 allows Data from a Faulting Address to control... |
| CVE-2019-17245 | 2019-10-08 | IrfanView 4.53 allows a User Mode Write AV starting at... |
| CVE-2019-17246 | 2019-10-08 | IrfanView 4.53 allows a User Mode Write AV starting at... |
| CVE-2019-17247 | 2019-10-08 | IrfanView 4.53 allows Data from a Faulting Address to control... |
| CVE-2019-17248 | 2019-10-08 | IrfanView 4.53 allows a User Mode Write AV starting at... |
| CVE-2019-17249 | 2019-10-08 | IrfanView 4.53 allows a User Mode Write AV starting at... |
| CVE-2019-17250 | 2019-10-08 | IrfanView 4.53 allows a User Mode Write AV starting at... |
| CVE-2019-17251 | 2019-10-08 | IrfanView 4.53 allows a User Mode Write AV starting at... |
| CVE-2019-17252 | 2019-10-08 | IrfanView 4.53 allows a User Mode Write AV starting at... |
| CVE-2019-17253 | 2019-10-08 | IrfanView 4.53 allows a User Mode Write AV starting at... |
| CVE-2019-17254 | 2019-10-08 | IrfanView 4.53 allows Data from a Faulting Address to control... |
| CVE-2019-17255 | 2019-10-08 | IrfanView 4.53 allows a User Mode Write AV starting at... |
| CVE-2019-17256 | 2019-10-08 | IrfanView 4.53 allows a User Mode Write AV starting at... |
| CVE-2019-17257 | 2019-10-08 | IrfanView 4.53 allows a Exception Handler Chain to be Corrupted... |
| CVE-2019-17258 | 2019-10-08 | IrfanView 4.53 allows Data from a Faulting Address to control... |
| CVE-2019-14656 | 2019-10-08 | Yealink phones through 2019-08-04 do not properly check user roles... |
| CVE-2019-14657 | 2019-10-08 | Yealink phones through 2019-08-04 have an issue with OpenVPN file... |
| CVE-2019-16416 | 2019-10-08 | HRworks 3.36.9 allows XSS via the purpose of a travel-expense... |
| CVE-2019-16417 | 2019-10-08 | HRworks FLOW 3.36.9 allows XSS via the purpose of a... |
| CVE-2019-16929 | 2019-10-08 | Auth0 auth0.net before 6.5.4 has Incorrect Access Control because IdentityTokenValidator... |
| CVE-2018-21020 | 2019-10-08 | In very rare cases, a PHP type juggling vulnerability in... |
| CVE-2018-21021 | 2019-10-08 | img_gantt.php in Centreon Web before 2.8.27 allows attackers to perform... |
| CVE-2019-17352 | 2019-10-08 | In JFinal cos before 2019-08-13, as used in JFinal 4.4,... |
| CVE-2018-21022 | 2019-10-08 | makeXML_ListServices.php in Centreon Web before 2.8.28 allows attackers to perform... |
| CVE-2018-21023 | 2019-10-08 | getStats.php in Centreon Web before 2.8.28 allows authenticated attackers to... |
| CVE-2018-21025 | 2019-10-08 | In Centreon VM through 19.04.3, centreon-backup.pl allows attackers to become... |
| CVE-2019-17104 | 2019-10-08 | In Centreon VM through 19.04.3, the cookie configuration within the... |
| CVE-2019-17106 | 2019-10-08 | In Centreon Web through 2.8.29, disclosure of external components' passwords... |
| CVE-2019-17107 | 2019-10-08 | minPlayCommand.php in Centreon Web before 2.8.27 allows authenticated attackers to... |
| CVE-2019-17108 | 2019-10-08 | Local file inclusion in brokerPerformance.php in Centreon Web before 2.8.28... |
| CVE-2019-17271 | 2019-10-08 | vBulletin 5.5.4 allows SQL Injection via the ajax/api/hook/getHookList or ajax/api/widget/getWidgetList... |
| CVE-2019-13336 | 2019-10-08 | The dbell Wi-Fi Smart Video Doorbell DB01-S Gen 1 allows... |
| CVE-2019-17359 | 2019-10-08 | The ASN.1 parser in Bouncy Castle Crypto (aka BC Java)... |
| CVE-2018-21024 | 2019-10-08 | licenseUpload.php in Centreon Web before 2.8.27 allows attackers to upload... |
| CVE-2019-17187 | 2019-10-08 | /var/WEB-GUI/cgi-bin/downloadfile.cgi on FiberHome HG2201T 1.00.M5007_JS_201804 devices allows pre-authentication Directory Traversal... |
| CVE-2019-17105 | 2019-10-08 | The token generator in index.php in Centreon Web before 2.8.27... |
| CVE-2019-17134 | 2019-10-08 | Amphora Images in OpenStack Octavia >=0.10.0 <2.1.2, >=3.0.0 <3.2.0, >=4.0.0... |
| CVE-2019-17186 | 2019-10-08 | /var/WEB-GUI/cgi-bin/telnet.cgi on FiberHome HG2201T 1.00.M5007_JS_201804 devices allows pre-authentication remote code... |
| CVE-2019-10969 | 2019-10-08 | Moxa EDR 810, all versions 5.1 and prior, allows an... |
| CVE-2019-10963 | 2019-10-08 | Moxa EDR 810, all versions 5.1 and prior, allows an... |
| CVE-2019-14845 | 2019-10-08 | A vulnerability was found in OpenShift builds, versions 4.1 up... |
| CVE-2019-14846 | 2019-10-08 | In Ansible, all Ansible Engine versions up to ansible-engine 2.8.5,... |
| CVE-2019-10215 | 2019-10-08 | Bootstrap-3-Typeahead after version 4.0.2 is vulnerable to a cross-site scripting... |
| CVE-2019-10756 | 2019-10-08 | It is possible to inject JavaScript within node-red-dashboard versions prior... |
| CVE-2019-10757 | 2019-10-08 | knex.js versions before 0.19.5 are vulnerable to SQL Injection attack.... |
| CVE-2019-0367 | 2019-10-08 | SAP NetWeaver Process Integration (B2B Toolkit), before versions 1.0 and... |
| CVE-2019-0368 | 2019-10-08 | SAP Customer Relationship Management (Email Management), versions: S4CRM before 1.0... |
| CVE-2019-0369 | 2019-10-08 | SAP Financial Consolidation, before versions 10.0 and 10.1, does not... |
| CVE-2019-0370 | 2019-10-08 | Due to missing input validation, SAP Financial Consolidation, before versions... |
| CVE-2019-0374 | 2019-10-08 | SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface), before... |
| CVE-2019-0375 | 2019-10-08 | SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface), before... |
| CVE-2019-0376 | 2019-10-08 | SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface), before... |
| CVE-2019-0377 | 2019-10-08 | SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface), before... |
| CVE-2019-0378 | 2019-10-08 | SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface), before... |
| CVE-2019-0379 | 2019-10-08 | SAP Process Integration, business-to-business add-on, versions 1.0, 2.0, does not... |
| CVE-2019-0381 | 2019-10-08 | A binary planting in SAP SQL Anywhere, before version 17.0,... |
| CVE-2019-0380 | 2019-10-08 | Under certain conditions, SAP Landscape Management enterprise edition, before version... |
| CVE-2019-3980 | 2019-10-08 | The Solarwinds Dameware Mini Remote Client agent v12.1.0.89 supports smart... |
| CVE-2019-17362 | 2019-10-09 | In LibTomCrypt through 1.18.2, the der_decode_utf8_string function (in der_decode_utf8_string.c) does... |
| CVE-2019-17382 | 2019-10-09 | An issue was discovered in zabbix.php?action=dashboard.view&dashboardid=1 in Zabbix through 4.4.... |
| CVE-2019-17402 | 2019-10-09 | Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong... |
| CVE-2019-16905 | 2019-10-09 | OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled... |
| CVE-2019-17368 | 2019-10-09 | S-CMS v1.5 has XSS in tpl.php via the member/member_login.php from... |
| CVE-2019-17369 | 2019-10-09 | OTCMS v3.85 has CSRF in the admin/member_deal.php Admin Panel page,... |
| CVE-2019-17370 | 2019-10-09 | OTCMS v3.85 allows arbitrary PHP Code Execution because admin/sysCheckFile_deal.php blocks... |
| CVE-2019-13051 | 2019-10-09 | Pi-Hole 4.3 allows Command Injection. |
| CVE-2019-15719 | 2019-10-09 | Altair PBS Professional through 19.1.2 allows Privilege Escalation because an... |
| CVE-2019-17353 | 2019-10-09 | An issue discovered on D-Link DIR-615 devices with firmware version... |
| CVE-2019-17354 | 2019-10-09 | wan.htm page on Zyxel NBG-418N v2 with firmware version V1.00(AARP.9)C0... |
| CVE-2019-17372 | 2019-10-09 | Certain NETGEAR devices allow remote attackers to disable all authentication... |
| CVE-2019-17373 | 2019-10-09 | Certain NETGEAR devices allow unauthenticated access to critical .cgi and... |
| CVE-2019-17371 | 2019-10-09 | gif2png 2.5.13 has a memory leak in the writefile function. |
| CVE-2019-11212 | 2019-10-09 | TIBCO MDM Exposes Cross-Site Scripting Vulnerabilities |
| CVE-2018-5732 | 2019-10-09 | A specially constructed response from a malicious server can cause a buffer overflow in dhclient |
| CVE-2018-5743 | 2019-10-09 | Limiting simultaneous TCP clients was ineffective |
| CVE-2018-5744 | 2019-10-09 | A specially crafted packet can cause named to leak memory |
| CVE-2018-5745 | 2019-10-09 | An assertion failure can occur if a trust anchor rolls over to an unsupported key algorithm when using managed-keys |
| CVE-2019-6465 | 2019-10-09 | Zone transfer controls for writable DLZ zones were not effective |
| CVE-2019-6467 | 2019-10-09 | An error in the nxdomain redirect feature can cause BIND to exit with an INSIST assertion failure in query.c |
| CVE-2019-6468 | 2019-10-09 | BIND Supported Preview Edition can exit with an assertion failure if nxdomain-redirect is used |
| CVE-2019-6469 | 2019-10-09 | BIND Supported Preview Edition can exit with an assertion failure if ECS is in use |
| CVE-2019-6471 | 2019-10-09 | A race condition when discarding malformed packets can cause BIND to exit with an assertion failure |
| CVE-2019-3652 | 2019-10-09 | ENS code injection in EPSetup.exe |
| CVE-2019-3653 | 2019-10-09 | ESConfig Tool access not controlled |
| CVE-2019-17383 | 2019-10-09 | The netaddr gem before 2.0.4 for Ruby has misconfigured file... |
| CVE-2019-11341 | 2019-10-09 | On certain Samsung P(9.0) phones, an attacker with physical access... |
| CVE-2019-4512 | 2019-10-09 | IBM Maximo Asset Management 7.6.1.1 generates an error message that... |
| CVE-2019-4558 | 2019-10-09 | A security vulnerability has been identified in all levels of... |
| CVE-2019-14808 | 2019-10-09 | An issue was discovered in the RENPHO application 3.0.0 for... |
| CVE-2019-15859 | 2019-10-09 | Password disclosure in the web interface on socomec DIRIS A-40... |
| CVE-2019-17128 | 2019-10-09 | Netreo OmniCenter through 12.1.1 allows unauthenticated SQL Injection (Boolean Based... |
| CVE-2019-17375 | 2019-10-09 | cPanel before 82.0.15 allows API token credentials to persist after... |
| CVE-2019-17376 | 2019-10-09 | cPanel before 82.0.15 allows self XSS in the SSL Certificate... |
| CVE-2019-17377 | 2019-10-09 | cPanel before 82.0.15 allows self XSS in LiveAPI example scripts... |
| CVE-2019-17378 | 2019-10-09 | cPanel before 82.0.15 allows self XSS in the SSL Key... |
| CVE-2019-17379 | 2019-10-09 | cPanel before 82.0.15 allows self stored XSS in the WHM... |
| CVE-2019-17380 | 2019-10-09 | cPanel before 82.0.15 allows self XSS in the WHM Update... |
| CVE-2019-15226 | 2019-10-09 | Upon receiving each incoming request header data, Envoy will iterate... |