CVE List - 2019 / January
Showing 1 - 100 of 1212 CVEs for January 2019 (Page 1 of 13)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2019-3494 | 2019-01-01 | Simply-Blog through 2019-01-01 has SQL Injection via the admin/deleteCategories.php delete... |
| CVE-2018-20650 | 2019-01-01 | A reachable Object::dictLookup assertion in Poppler 0.72.0 allows attackers to... |
| CVE-2018-20651 | 2019-01-01 | A NULL pointer dereference was discovered in elf_link_add_object_symbols in elflink.c... |
| CVE-2018-20652 | 2019-01-01 | An attempted excessive memory allocation was discovered in the function... |
| CVE-2019-3500 | 2019-01-02 | aria2c in aria2 1.33.1, when --log is used, can store... |
| CVE-2019-3501 | 2019-01-02 | The OUGC Awards plugin before 1.8.19 for MyBB allows XSS... |
| CVE-2018-17188 | 2019-01-02 | Prior to CouchDB version 2.3.0, CouchDB allowed for runtime-configuration of... |
| CVE-2018-20657 | 2019-01-02 | The demangle_template function in cplus-dem.c in GNU libiberty, as distributed... |
| CVE-2018-5197 | 2019-01-02 | A vulnerability in the ExtCommon.dll user extension module version 9.2,... |
| CVE-2018-20658 | 2019-01-02 | The server in Core FTP 2.0 build 653 on 32-bit... |
| CVE-2019-3572 | 2019-01-02 | An issue was discovered in libming 0.4.8. There is a... |
| CVE-2019-3573 | 2019-01-02 | In libsixel v1.8.2, there is an infinite loop in the... |
| CVE-2019-3574 | 2019-01-02 | In libsixel v1.8.2, there is a heap-based buffer over-read in... |
| CVE-2018-7900 | 2019-01-02 | There is an information leak vulnerability in some Huawei HG... |
| CVE-2018-20659 | 2019-01-02 | An issue was discovered in Bento4 1.5.1-627. The AP4_StcoAtom class... |
| CVE-2019-3576 | 2019-01-02 | inxedu through 2018-12-24 has a SQL Injection vulnerability that can... |
| CVE-2019-3577 | 2019-01-02 | An issue was discovered in Waimai Super Cms 20150505. web/Lib/Action/ProductAction.class.php... |
| CVE-2018-13045 | 2019-01-02 | SQL injection vulnerability in the "Bazar" page in Yeswiki Cercopitheque... |
| CVE-2018-14718 | 2019-01-02 | FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to... |
| CVE-2018-14719 | 2019-01-02 | FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to... |
| CVE-2018-14720 | 2019-01-02 | FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct... |
| CVE-2018-14721 | 2019-01-02 | FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to... |
| CVE-2018-15490 | 2019-01-02 | An issue was discovered in ExpressVPN on Windows. The Xvpnd.exe... |
| CVE-2018-19360 | 2019-01-02 | FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have... |
| CVE-2018-19361 | 2019-01-02 | FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have... |
| CVE-2018-19362 | 2019-01-02 | FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have... |
| CVE-2018-19371 | 2019-01-02 | The SaveUserSettings service in Content Manager in SDL Web 8.5.0... |
| CVE-2018-19478 | 2019-01-02 | In Artifex Ghostscript before 9.26, a carefully crafted PDF file... |
| CVE-2018-20100 | 2019-01-02 | An issue was discovered on August Connect devices. Insecure data... |
| CVE-2018-20114 | 2019-01-02 | On D-Link DIR-818LW Rev.A 2.05.B03 and DIR-860L Rev.B 2.03.B03 devices,... |
| CVE-2018-20166 | 2019-01-02 | A file-upload vulnerability exists in Rukovoditel 2.3.1. index.php?module=configuration/save allows the... |
| CVE-2018-20211 | 2019-01-02 | ExifTool 8.32 allows local users to gain privileges by creating... |
| CVE-2018-20326 | 2019-01-02 | ChinaMobile PLC Wireless Router GPN2.4P21-C-CN devices with firmware W2001EN-00 have... |
| CVE-2018-18264 | 2019-01-03 | Kubernetes Dashboard before 1.10.1 allows attackers to bypass authentication and... |
| CVE-2018-18893 | 2019-01-03 | Jinjava before 2.4.6 does not block the getClass method, related... |
| CVE-2018-20131 | 2019-01-03 | The Code42 app before 6.8.4, as used in Code42 for... |
| CVE-2019-3580 | 2019-01-03 | OpenRefine through 3.1 allows arbitrary file write because Directory Traversal... |
| CVE-2018-17172 | 2019-01-03 | The web application on Xerox AltaLink B80xx before 100.008.028.05200, C8030/C8035... |
| CVE-2018-20662 | 2019-01-03 | In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause... |
| CVE-2018-16879 | 2019-01-03 | Ansible Tower before version 3.3.3 does not set a secure... |
| CVE-2017-11004 | 2019-01-03 | A non-secure user may be able to access certain registers... |
| CVE-2017-18141 | 2019-01-03 | When a 3rd party TEE has been loaded it is... |
| CVE-2017-18319 | 2019-01-03 | Information leak in UIM API debug messages in snapdragon mobile... |
| CVE-2017-18320 | 2019-01-03 | QSEE unload attempt on a 3rd party TEE without previously... |
| CVE-2017-18321 | 2019-01-03 | Security keys used by the terminal and NW for a... |
| CVE-2017-18322 | 2019-01-03 | Cryptographic key material leaked in WCDMA debug messages in snapdragon... |
| CVE-2017-18323 | 2019-01-03 | Cryptographic key material leaked in TDSCDMA RRC debug messages in... |
| CVE-2017-18324 | 2019-01-03 | Cryptographic key material leaked in debug messages - GERAN in... |
| CVE-2017-18326 | 2019-01-03 | Cryptographic keys are printed in modem debug messages in snapdragon... |
| CVE-2017-18327 | 2019-01-03 | Security keys are logged when any WCDMA call is configured... |
| CVE-2017-18328 | 2019-01-03 | Use after free in QSH client rule processing in snapdragon... |
| CVE-2017-18329 | 2019-01-03 | Possible Buffer overflow when transmitting an RTP packet in snapdragon... |
| CVE-2017-18330 | 2019-01-03 | Buffer overflow in AES-CCM and AES-GCM encryption via initialization vector... |
| CVE-2018-16876 | 2019-01-03 | ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a... |
| CVE-2018-16870 | 2019-01-03 | It was found that wolfssl before 3.15.7 is vulnerable to... |
| CVE-2018-16882 | 2019-01-03 | A use-after-free issue was found in the way the Linux... |
| CVE-2018-16885 | 2019-01-03 | A flaw was found in the Linux kernel that allows... |
| CVE-2019-3701 | 2019-01-03 | An issue was discovered in can_can_gw_rcv in net/can/gw.c in the... |
| CVE-2018-17161 | 2019-01-03 | In FreeBSD before 11.2-STABLE(r348229), 11.2-RELEASE-p7, 12.0-STABLE(r342228), and 12.0-RELEASE-p1, insufficient validation... |
| CVE-2018-20664 | 2019-01-03 | Zoho ManageEngine ADSelfService Plus 5.x before build 5701 has XXE... |
| CVE-2019-3905 | 2019-01-03 | Zoho ManageEngine ADSelfService Plus 5.x before build 5703 has SSRF. |
| CVE-2018-20663 | 2019-01-03 | The Reporting Addon (aka Reports Addon) through 2019-01-02 for CUBA... |
| CVE-2018-14481 | 2019-01-03 | Osclass 3.7.4 has XSS via the query string to index.php,... |
| CVE-2018-19414 | 2019-01-03 | Multiple cross-site scripting (XSS) vulnerabilities in Plikli CMS 4.0.0 allow... |
| CVE-2018-19415 | 2019-01-03 | Multiple SQL injection vulnerabilities in Plikli CMS 4.0.0 allow remote... |
| CVE-2018-19505 | 2019-01-03 | Remedy AR System Server in BMC Remedy 7.1 may fail... |
| CVE-2018-19523 | 2019-01-03 | DriverAgent 2.2015.7.14, which includes DrvAgent64.sys 1.0.0.1, allows a user to... |
| CVE-2018-19861 | 2019-01-03 | Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers... |
| CVE-2018-19862 | 2019-01-03 | Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers... |
| CVE-2018-19992 | 2019-01-03 | A stored cross-site scripting (XSS) vulnerability in Dolibarr 8.0.2 allows... |
| CVE-2018-19993 | 2019-01-03 | A reflected cross-site scripting (XSS) vulnerability in Dolibarr 8.0.2 allows... |
| CVE-2018-19994 | 2019-01-03 | An error-based SQL injection vulnerability in product/card.php in Dolibarr version... |
| CVE-2018-19995 | 2019-01-03 | A stored cross-site scripting (XSS) vulnerability in Dolibarr 8.0.2 allows... |
| CVE-2018-19998 | 2019-01-03 | SQL injection vulnerability in user/card.php in Dolibarr version 8.0.2 allows... |
| CVE-2018-20512 | 2019-01-03 | EPON CPE-WiFi devices 2.0.4-X000 are vulnerable to escalation of privileges... |
| CVE-2019-3575 | 2019-01-03 | Sqla_yaml_fixtures 0.9.1 allows local users to execute arbitrary python code... |
| CVE-2018-18004 | 2019-01-03 | Incorrect Access Control in mod_inetd.cgi in VIVOTEK Network Camera Series... |
| CVE-2018-18005 | 2019-01-03 | Cross-site scripting in event_script.js in VIVOTEK Network Camera Series products... |
| CVE-2018-18244 | 2019-01-03 | Cross-site scripting in syslog.html in VIVOTEK Network Camera Series products... |
| CVE-2018-19600 | 2019-01-03 | Rhymix CMS 1.9.8.1 allows XSS via an index.php?module=admin&act=dispModuleAdminFileBox SVG upload. |
| CVE-2018-19601 | 2019-01-03 | Rhymix CMS 1.9.8.1 allows SSRF via an index.php?module=admin&act=dispModuleAdminFileBox SVG upload. |
| CVE-2018-15780 | 2019-01-03 | DSA-2018-224: RSA Archer GRC Platform Improper Access Control Vulnerability |
| CVE-2018-18995 | 2019-01-03 | Pluto Safety PLC Gateway Ethernet devices ABB GATE-E1 and GATE-E2... |
| CVE-2018-18997 | 2019-01-03 | Pluto Safety PLC Gateway Ethernet devices in ABB GATE-E1 and... |
| CVE-2018-19249 | 2019-01-03 | The Stripe API v1 allows remote attackers to bypass intended... |
| CVE-2018-3986 | 2019-01-03 | An exploitable information disclosure vulnerability exists in the "Secret Chats"... |
| CVE-2018-4012 | 2019-01-03 | An exploitable buffer overflow vulnerability exists in the HTTP header-parsing... |
| CVE-2018-8827 | 2019-01-03 | The admin web interface on Technicolor MediaAccess TG789vac v2 HP... |
| CVE-2019-5005 | 2019-01-03 | An issue was discovered in Foxit Reader and PhantomPDF before... |
| CVE-2019-5006 | 2019-01-03 | An issue was discovered in Foxit Reader and PhantomPDF before... |
| CVE-2019-5007 | 2019-01-03 | An issue was discovered in Foxit Reader and PhantomPDF before... |
| CVE-2019-5009 | 2019-01-04 | Vtiger CRM 7.1.0 before Hotfix2 allows uploading files with the... |
| CVE-2019-5310 | 2019-01-04 | YUNUCMS 1.1.8 has XSS in app/admin/controller/System.php because crafted data can... |
| CVE-2019-5311 | 2019-01-04 | An issue was discovered in YUNUCMS V1.1.8. app/index/controller/Show.php has an... |
| CVE-2018-1657 | 2019-01-04 | IBM Publishing Engine 2.1.2, 6.0.5, and 6.0.6 is vulnerable to... |
| CVE-2018-1859 | 2019-01-04 | IBM API Connect 5.0.0.0 through 5.0.8.4 could allow a user... |
| CVE-2018-1888 | 2019-01-04 | An untrusted search path vulnerability in IBM i Access for... |
| CVE-2018-1951 | 2019-01-04 | IBM Publishing Engine 2.1.2, 6.0.5, and 6.0.6 is vulnerable to... |
| CVE-2018-20671 | 2019-01-04 | load_specific_debug_section in objdump.c in GNU Binutils through 2.31.1 contains an... |
| CVE-2019-5312 | 2019-01-04 | An issue was discovered in weixin-java-tools v3.3.0. There is an... |