Export limit exceeded: 331894 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 331894 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 74479 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (74479 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-12430 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 8.8 High |
| An issue was discovered in GitLab Community and Enterprise Edition 11.11. A specially crafted payload would allow an authenticated malicious user to execute commands remotely through the repository download feature. It allows Command Injection. | ||||
| CVE-2019-12425 | 1 Apache | 1 Ofbiz | 2024-11-21 | 7.5 High |
| Apache OFBiz 17.12.01 is vulnerable to Host header injection by accepting arbitrary host | ||||
| CVE-2019-12423 | 3 Apache, Oracle, Redhat | 14 Cxf, Commerce Guided Search, Communications Diameter Signaling Router and 11 more | 2024-11-21 | 7.5 High |
| Apache CXF ships with a OpenId Connect JWK Keys service, which allows a client to obtain the public keys in JWK format, which can then be used to verify the signature of tokens issued by the service. Typically, the service obtains the public key from a local keystore (JKS/PKCS12) by specifing the path of the keystore and the alias of the keystore entry. This case is not vulnerable. However it is also possible to obtain the keys from a JWK keystore file, by setting the configuration parameter "rs.security.keystore.type" to "jwk". For this case all keys are returned in this file "as is", including all private key and secret key credentials. This is an obvious security risk if the user has configured the signature keystore file with private or secret key credentials. From CXF 3.3.5 and 3.2.12, it is mandatory to specify an alias corresponding to the id of the key in the JWK file, and only this key is returned. In addition, any private key information is omitted by default. "oct" keys, which contain secret keys, are not returned at all. | ||||
| CVE-2019-12422 | 2 Apache, Redhat | 2 Shiro, Jboss Fuse | 2024-11-21 | 7.5 High |
| Apache Shiro before 1.4.2, when using the default "remember me" configuration, cookies could be susceptible to a padding attack. | ||||
| CVE-2019-12421 | 1 Apache | 1 Nifi | 2024-11-21 | 8.8 High |
| When using an authentication mechanism other than PKI, when the user clicks Log Out in NiFi versions 1.0.0 to 1.9.2, NiFi invalidates the authentication token on the client side but not on the server side. This permits the user's client-side token to be used for up to 12 hours after logging out to make API requests to NiFi. | ||||
| CVE-2019-12420 | 3 Apache, Debian, Redhat | 3 Spamassassin, Debian Linux, Enterprise Linux | 2024-11-21 | 7.5 High |
| In Apache SpamAssassin before 3.4.3, a message can be crafted in a way to use excessive resources. Upgrading to SA 3.4.3 as soon as possible is the recommended fix but details will not be shared publicly. | ||||
| CVE-2019-12418 | 7 Apache, Canonical, Debian and 4 more | 7 Tomcat, Ubuntu Linux, Debian Linux and 4 more | 2024-11-21 | 7.0 High |
| When Apache Tomcat 9.0.0.M1 to 9.0.28, 8.5.0 to 8.5.47, 7.0.0 and 7.0.97 is configured with the JMX Remote Lifecycle Listener, a local attacker without access to the Tomcat process or configuration files is able to manipulate the RMI registry to perform a man-in-the-middle attack to capture user names and passwords used to access the JMX interface. The attacker can then use these credentials to access the JMX interface and gain complete control over the Tomcat instance. | ||||
| CVE-2019-12412 | 1 Apache | 1 Libapreq2 | 2024-11-21 | 7.5 High |
| A flaw in the libapreq2 v2.07 to v2.13 multipart parser can deference a null pointer leading to a process crash. A remote attacker could send a request causing a process crash which could lead to a denial of service attack. | ||||
| CVE-2019-12410 | 1 Apache | 1 Arrow | 2024-11-21 | 7.5 High |
| While investigating UBSAN errors in https://github.com/apache/arrow/pull/5365 it was discovered Apache Arrow versions 0.12.0 to 0.14.1, left memory Array data uninitialized when reading RLE null data from parquet. This affected the C++, Python, Ruby and R implementations. The uninitialized memory could potentially be shared if are transmitted over the wire (for instance with Flight) or persisted in the streaming IPC and file formats. | ||||
| CVE-2019-12408 | 1 Apache | 1 Arrow | 2024-11-21 | 7.5 High |
| It was discovered that the C++ implementation (which underlies the R, Python and Ruby implementations) of Apache Arrow 0.14.0 to 0.14.1 had a uninitialized memory bug when building arrays with null values in some cases. This can lead to uninitialized memory being unintentionally shared if Arrow Arrays are transmitted over the wire (for instance with Flight) or persisted in the streaming IPC and file formats. | ||||
| CVE-2019-12402 | 4 Apache, Fedoraproject, Oracle and 1 more | 20 Commons Compress, Fedora, Banking Payments and 17 more | 2024-11-21 | 7.5 High |
| The file name encoding algorithm used internally in Apache Commons Compress 1.15 to 1.18 can get into an infinite loop when faced with specially crafted inputs. This can lead to a denial of service attack if an attacker can choose the file names inside of an archive created by Compress. | ||||
| CVE-2019-12401 | 1 Apache | 1 Solr | 2024-11-21 | 7.5 High |
| Solr versions 1.3.0 to 1.4.1, 3.1.0 to 3.6.2 and 4.0.0 to 4.10.4 are vulnerable to an XML resource consumption attack (a.k.a. Lol Bomb) via it’s update handler.?By leveraging XML DOCTYPE and ENTITY type elements, the attacker can create a pattern that will expand when the server parses the XML causing OOMs. | ||||
| CVE-2019-12399 | 3 Apache, Oracle, Redhat | 14 Kafka, Banking Corporate Lending Process Management, Banking Credit Facilities Process Management and 11 more | 2024-11-21 | 7.5 High |
| When Connect workers in Apache Kafka 2.0.0, 2.0.1, 2.1.0, 2.1.1, 2.2.0, 2.2.1, or 2.3.0 are configured with one or more config providers, and a connector is created/updated on that Connect cluster to use an externalized secret variable in a substring of a connector configuration property value, then any client can issue a request to the same Connect cluster to obtain the connector's task configuration and the response will contain the plaintext secret rather than the externalized secrets variables. | ||||
| CVE-2019-12393 | 1 Anviz | 1 Management System | 2024-11-21 | 7.5 High |
| Anviz access control devices are vulnerable to replay attacks which could allow attackers to intercept and replay open door requests. | ||||
| CVE-2019-12391 | 1 Anviz | 1 Management System | 2024-11-21 | 7.5 High |
| The Anviz Management System for access control has insufficient logging for device events such as door open requests. | ||||
| CVE-2019-12389 | 1 Anviz | 1 Anviz Firmware | 2024-11-21 | 7.5 High |
| Anviz access control devices expose credentials (names and passwords) by allowing remote attackers to query this information without credentials via port tcp/5010. | ||||
| CVE-2019-12388 | 1 Anviz | 1 Anviz Firmware | 2024-11-21 | 7.5 High |
| Anviz access control devices perform cleartext transmission of sensitive information (passwords/pins and names) when replying to query on port tcp/5010. | ||||
| CVE-2019-12360 | 1 Glyphandcog | 1 Xpdfreader | 2024-11-21 | 7.1 High |
| A stack-based buffer over-read exists in FoFiTrueType::dumpString in fofi/FoFiTrueType.cc in Xpdf 4.01.01. It can, for example, be triggered by sending crafted TrueType data in a PDF document to the pdftops tool. It might allow an attacker to cause Denial of Service or leak memory data into dump content. | ||||
| CVE-2019-12359 | 1 Zzcms | 1 Zzcms | 2024-11-21 | 7.2 High |
| An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /admin/ztliuyan_sendmail.php (when the attacker has admin authority) via the id parameter. | ||||
| CVE-2019-12358 | 1 Zzcms | 1 Zzcms | 2024-11-21 | 8.8 High |
| An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /dl/dl_sendsms.php (when the attacker has dls_print authority) via a dlid cookie. | ||||