Svi - CERT CVE

ID CVSS Sažetak Zadnje ažurirano Objavljeno
CVE-2023-27601 7.5 OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.7 and 3.2.4, OpenSIPS crashes when a malformed SDP body is received and is processed by the `delete_sdp_line` function in the sipmsgops module. This issue ca 2023-11-07 04:10:00
CVE-2023-27600 7.5 OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.7 and 3.2.4, OpenSIPS crashes when a malformed SDP body is received and is processed by the `delete_sdp_line` function in the sipmsgops module. This issue ca 2023-11-07 04:10:00
CVE-2023-27781 7.8 jpegoptim v1.5.2 was discovered to contain a heap overflow in the optimize function at jpegoptim.c. 2023-11-07 04:10:00
CVE-2023-28371 9.8 In Stellarium through 1.2, attackers can write to files that are typically unintended, such as ones with absolute pathnames or .. directory traversal. 2023-11-07 04:10:00
CVE-2023-27583 9.8 PanIndex is a network disk directory index. In Panindex prior to version 3.1.3, a hard-coded JWT key `PanIndex` is used. An attacker can use the hard-coded JWT key to sign JWT token and perform any actions as a user with admin privileges. Version 3. 2023-11-07 04:10:00
CVE-2023-27577 4.9 flarum is a forum software package for building communities. In versions prior to 1.7.0 an admin account which has already been compromised by an attacker may use a vulnerability in the `LESS` parser which can be exploited to read sensitive files on 2023-11-07 04:10:00
CVE-2023-26155 9.8 All versions of the package node-qpdf are vulnerable to Command Injection such that the package-exported method encrypt() fails to sanitize its parameter input, which later flows into a sensitive command execution API. As a result, attackers may inje 2023-11-07 04:09:00
CVE-2023-25607 7.8 An improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78 ] in FortiManager 7.2.0 through 7.2.2, 7.0.0 through 7.0.7, 6.4.0 through 6.4.11, 6.2 all versions, 6.0 all versions, FortiAnalyzer 7. 2023-11-07 04:09:00
CVE-2023-25604 5.5 An insertion of sensitive information into log file vulnerability in Fortinet FortiGuest 1.0.0 allows a local attacker to access plaintext passwords in the RADIUS logs. 2023-11-07 04:09:00
CVE-2023-26153 9.8 Versions of the package geokit-rails before 2.5.0 are vulnerable to Command Injection due to unsafe deserialisation of YAML within the 'geo_location' cookie. This issue can be exploited remotely via a malicious cookie value. **Note:** An attacker 2023-11-07 04:09:00
ID CVSS Sažetak Zadnje ažurirano Objavljeno
CVE-2018-4451 9.3 This issue is fixed in macOS Mojave 10.14. A memory corruption issue was addressed with improved input validation. 2020-10-30 02:01:00
CVE-2019-8712 10.0 A memory corruption issue was addressed with improved memory handling. This issue is fixed in watchOS 6, iOS 13, tvOS 13. An application may be able to execute arbitrary code with system privileges. 2021-07-21 11:39:00
CVE-2019-8709 9.3 A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iOS 13. An application may be abl 2021-07-21 11:39:00
CVE-2019-8824 9.3 A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006. An application may be able to execute arbitrary code with kernel privileges 2021-07-21 11:39:00
CVE-2018-4452 9.3 A memory consumption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.3, Security Update 2019-001 High Sierra, Security Update 2019-001 Sierra, macOS Mojave 10.14.2, Security Update 2018-003 High Sierra, Se 2020-10-30 02:00:00
CVE-2019-8716 10.0 A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006. An application may be able to execute arbitrary code with system privileges. 2021-07-21 11:39:00
CVE-2019-8836 9.3 A memory corruption issue was addressed with improved memory handling. This issue is fixed in watchOS 6.1.2, iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1. An application may be able to execute arbitrary code with kernel privileges. 2021-07-21 11:39:00
CVE-2019-8740 9.3 A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 13.1 and iPadOS 13.1, watchOS 6, tvOS 13. An application may be able to execute arbitrary code with kernel privileges. 2021-07-21 11:39:00
CVE-2020-27976 10.0 osCommerce Phoenix CE before 1.0.5.4 allows OS command injection remotely. Within admin/mail.php, a from POST parameter can be passed to the application. This affects the PHP mail function, and the sendmail -f option. 2020-10-29 23:35:00
CVE-2019-8539 9.3 A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. A malicious application may be able to execute arbitrary co 2020-10-30 15:13:00
Stranica
/36374
Zapisa po stranici: