| ID | CVSS | Sažetak | Zadnje ažurirano | Objavljeno |
|---|---|---|---|---|
| CVE-2019-17446 | 4.6 | An issue was discovered in Eracent EPA Agent through 10.2.26. The agent executable, when installed for non-root operations (scanning), can be used to start external programs with elevated permissions because of an Untrusted Search Path. | 2019-12-04 14:47:00 | 2019-11-22 18:15:00 |
| CVE-2019-19197 | 7.2 | IOCTL Handling in the kyrld.sys driver in Kyrol Internet Security 9.0.6.9 allows an attacker to achieve privilege escalation, denial-of-service, and code execution via usermode because 0x9C402401 using METHOD_NEITHER results in a read primitive. | 2019-12-04 14:29:00 | 2019-11-21 19:15:00 |
| CVE-2014-2904 | 5.0 | wolfssl before 3.2.0 has a server certificate that is not properly authorized for server authentication. | 2019-12-04 14:16:00 | 2019-11-21 23:15:00 |
| CVE-2014-2902 | 5.0 | wolfssl before 3.2.0 does not properly authorize CA certificate for signing other certificates. | 2019-12-04 14:16:00 | 2019-11-21 23:15:00 |
| CVE-2014-2901 | 5.0 | wolfssl before 3.2.0 does not properly issue certificates for a server's hostname. | 2019-12-04 14:16:00 | 2019-11-21 23:15:00 |
| CVE-2018-8879 | 7.5 | Stack-based buffer overflow in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices allows remote attackers to execute arbitrary code by providing a long string to the blocking.asp page via | 2019-12-04 14:08:00 | 2019-11-21 16:15:00 |
| CVE-2019-19202 | 6.5 | In Vtiger 7.x before 7.2.0, the My Preferences saving functionality allows a user without administrative privileges to change his own role by adding roleid=H2 to a POST request. | 2019-12-04 13:32:00 | 2019-11-21 20:15:00 |
| CVE-2019-6853 | 4.3 | A CWE-79: Failure to Preserve Web Page Structure vulnerability exists in Andover Continuum (models 9680, 5740 and 5720, bCX4040, bCX9640, 9900, 9940, 9924 and 9702) , which could enable a successful Cross-site Scripting (XSS attack) when using the pr | 2019-12-03 21:16:00 | 2019-11-20 22:15:00 |
| CVE-2019-3466 | 7.2 | The pg_ctlcluster script in postgresql-common in versions prior to 210 didn't drop privileges when creating socket/statistics temporary directories, which could result in local privilege escalation. | 2019-12-03 21:15:00 | 2019-11-20 18:15:00 |
| CVE-2011-2726 | 5.0 | An access bypass issue was found in Drupal 7.x before version 7.5. If a Drupal site has the ability to attach File upload fields to any entity type in the system or has the ability to point individual File upload fields to the private file directory | 2019-12-03 19:49:00 | 2019-11-15 17:15:00 |
| ID | CVSS | Sažetak | Zadnje ažurirano | Objavljeno |
|---|---|---|---|---|
| CVE-2018-4451 | 9.3 | This issue is fixed in macOS Mojave 10.14. A memory corruption issue was addressed with improved input validation. | 2020-10-30 02:01:00 | 2020-10-27 20:15:00 |
| CVE-2019-8712 | 10.0 | A memory corruption issue was addressed with improved memory handling. This issue is fixed in watchOS 6, iOS 13, tvOS 13. An application may be able to execute arbitrary code with system privileges. | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2019-8709 | 9.3 | A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iOS 13. An application may be abl | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2019-8824 | 9.3 | A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006. An application may be able to execute arbitrary code with kernel privileges | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2018-4452 | 9.3 | A memory consumption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.3, Security Update 2019-001 High Sierra, Security Update 2019-001 Sierra, macOS Mojave 10.14.2, Security Update 2018-003 High Sierra, Se | 2020-10-30 02:00:00 | 2020-10-27 20:15:00 |
| CVE-2019-8716 | 10.0 | A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006. An application may be able to execute arbitrary code with system privileges. | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2019-8836 | 9.3 | A memory corruption issue was addressed with improved memory handling. This issue is fixed in watchOS 6.1.2, iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1. An application may be able to execute arbitrary code with kernel privileges. | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2019-8740 | 9.3 | A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 13.1 and iPadOS 13.1, watchOS 6, tvOS 13. An application may be able to execute arbitrary code with kernel privileges. | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2020-27976 | 10.0 | osCommerce Phoenix CE before 1.0.5.4 allows OS command injection remotely. Within admin/mail.php, a from POST parameter can be passed to the application. This affects the PHP mail function, and the sendmail -f option. | 2020-10-29 23:35:00 | 2020-10-28 15:15:00 |
| CVE-2019-8539 | 9.3 | A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. A malicious application may be able to execute arbitrary co | 2020-10-30 15:13:00 | 2020-10-27 20:15:00 |
Stranica
/33997
Zapisa po stranici: