CVE List - 2019 / April
Showing 1001 - 1100 of 1531 CVEs for April 2019 (Page 11 of 16)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2019-11411 | 2019-04-21 | An issue was discovered in Artifex MuJS 1.0.5. The Number#toFixed()... |
| CVE-2019-11412 | 2019-04-21 | An issue was discovered in Artifex MuJS 1.0.5. jscompile.c can... |
| CVE-2019-11413 | 2019-04-21 | An issue was discovered in Artifex MuJS 1.0.5. It has... |
| CVE-2019-11414 | 2019-04-21 | An issue was discovered on Intelbras IWR 3000N 1.5.0 devices.... |
| CVE-2019-11415 | 2019-04-21 | An issue was discovered on Intelbras IWR 3000N 1.5.0 devices.... |
| CVE-2019-11416 | 2019-04-21 | A CSRF issue was discovered on Intelbras IWR 3000N 1.5.0... |
| CVE-2018-20818 | 2019-04-21 | A buffer overflow vulnerability was discovered in the OpenPLC controller,... |
| CVE-2019-11417 | 2019-04-21 | system.cgi on TRENDnet TV-IP110WN cameras has a buffer overflow caused... |
| CVE-2019-11418 | 2019-04-21 | apply.cgi on the TRENDnet TEW-632BRP 1.010B32 router has a buffer... |
| CVE-2019-11426 | 2019-04-21 | An XSS issue was discovered in app/admincp/template/admincp.header.php in idreamsoft iCMS... |
| CVE-2019-11427 | 2019-04-21 | An XSS issue was discovered in app/search/search.app.php in idreamsoft iCMS... |
| CVE-2019-11428 | 2019-04-21 | I, Librarian 4.10 has XSS via the export.php export_files parameter. |
| CVE-2019-11444 | 2019-04-22 | An issue was discovered in Liferay Portal CE 7.1.2 GA3.... |
| CVE-2019-11445 | 2019-04-22 | OpenKM 6.3.2 through 6.3.7 allows an attacker to upload a... |
| CVE-2019-11446 | 2019-04-22 | An issue was discovered in ATutor through 2.2.4. It allows... |
| CVE-2019-11447 | 2019-04-22 | An issue was discovered in CutePHP CuteNews 2.1.2. An attacker... |
| CVE-2019-11448 | 2019-04-22 | An issue was discovered in Zoho ManageEngine Applications Manager 11.0... |
| CVE-2019-11449 | 2019-04-22 | I, Librarian 4.10 has XSS via the notes.php notes parameter. |
| CVE-2019-11450 | 2019-04-22 | whatsns 4.0 allows index.php?question/ajaxadd.html title SQL injection. |
| CVE-2019-11451 | 2019-04-22 | whatsns 4.0 allows index.php?inform/add.html qid SQL injection. |
| CVE-2019-11452 | 2019-04-22 | whatsns 4.0 allows index.php?admin_category/remove.html cid[] SQL injection. |
| CVE-2019-11243 | 2019-04-22 | In Kubernetes v1.12.0-v1.12.4 and v1.13.0, the rest.AnonymousClientConfig() method returns a... |
| CVE-2019-11244 | 2019-04-22 | kubectl creates world-writeable cached schema files |
| CVE-2019-11454 | 2019-04-22 | Persistent cross-site scripting (XSS) in http/cervlet.c in Tildeslash Monit before... |
| CVE-2019-11455 | 2019-04-22 | A buffer over-read in Util_urlDecode in util.c in Tildeslash Monit... |
| CVE-2019-3899 | 2019-04-22 | It was found that default configuration of Heketi does not... |
| CVE-2019-6155 | 2019-04-22 | A potential vulnerability was found in an SMI handler in... |
| CVE-2019-6157 | 2019-04-22 | In various firmware versions of Lenovo System x, the integrated... |
| CVE-2019-3901 | 2019-04-22 | A race condition in perf_event_open() allows local attackers to leak... |
| CVE-2019-3902 | 2019-04-22 | A flaw was found in Mercurial before 4.9. It was... |
| CVE-2019-11456 | 2019-04-22 | Gila CMS 1.10.1 allows fm/save CSRF for executing arbitrary PHP... |
| CVE-2011-1830 | 2019-04-22 | Ekiga attempts to dlopen /tmp/ekiga_test.so |
| CVE-2011-3145 | 2019-04-22 | mount.ecrpytfs_private sets group owner of /etc/mtab to user's primary group |
| CVE-2011-3147 | 2019-04-22 | qcow format could expose host filesystem information |
| CVE-2011-3151 | 2019-04-22 | SELinux initscript misuse of touch |
| CVE-2014-1426 | 2019-04-22 | get_file_by_name does not check owner |
| CVE-2014-1427 | 2019-04-22 | MAAS API vulnerable to CSRF attack |
| CVE-2014-1428 | 2019-04-22 | uuid.uuid1() is not suitable as an unguessable identifier/token |
| CVE-2015-1316 | 2019-04-22 | Juju Joyent provider uploads user's private ssh key by default |
| CVE-2015-1320 | 2019-04-22 | Probe-and-enlist for SeaMicro chassis writes password to the log |
| CVE-2015-1326 | 2019-04-22 | python-dbusmock arbitrary code execution or file overwrite when templates are loaded from /tmp |
| CVE-2015-1327 | 2019-04-22 | Content-hub DBUS API doesn't prevent confined apps from passing paths to files without access |
| CVE-2015-1340 | 2019-04-22 | chmod race in doUidshiftIntoContainer |
| CVE-2015-1341 | 2019-04-22 | Apport privilege escalation through Python module imports |
| CVE-2015-1343 | 2019-04-22 | unity-scope-gdrive search feature logs search terms to syslog |
| CVE-2016-1573 | 2019-04-22 | Using a specially crafted fallback art property, scopes can execute arbitrary QML code in context of unity8-dash |
| CVE-2016-1579 | 2019-04-22 | UDM doesn't check for confinement before running post-processing commands |
| CVE-2016-1584 | 2019-04-22 | Unity8 converged application lifecycle allows background applications to use on-screen keyboard when not top-most |
| CVE-2016-1585 | 2019-04-22 | AppArmor mount rules grant excessive permissions |
| CVE-2016-1586 | 2019-04-22 | A malicious webview could install long-lived unload handlers that re-use... |
| CVE-2016-1587 | 2019-04-22 | The Snapweb interface before version 0.21.2 was exposing controls to... |
| CVE-2019-9955 | 2019-04-22 | On Zyxel ATP200, ATP500, ATP800, USG20-VPN, USG20W-VPN, USG40, USG40W, USG60,... |
| CVE-2019-10241 | 2019-04-22 | In Eclipse Jetty version 9.2.26 and older, 9.3.25 and older,... |
| CVE-2019-10246 | 2019-04-22 | In Eclipse Jetty version 9.2.27, 9.3.26, and 9.4.16, the server... |
| CVE-2019-10247 | 2019-04-22 | In Eclipse Jetty version 7.x, 8.x, 9.2.27 and older, 9.3.26... |
| CVE-2019-10248 | 2019-04-22 | Eclipse Vorto versions prior to 0.11 resolved Maven build artifacts... |
| CVE-2019-11459 | 2019-04-22 | The tiff_document_render() and tiff_document_get_thumbnail() functions in the TIFF document backend... |
| CVE-2019-11460 | 2019-04-22 | An issue was discovered in GNOME gnome-desktop 3.26, 3.28, and... |
| CVE-2019-11461 | 2019-04-22 | An issue was discovered in GNOME Nautilus 3.30 prior to... |
| CVE-2019-5427 | 2019-04-22 | c3p0 version < 0.9.5.4 may be exploited by a billion... |
| CVE-2019-11384 | 2019-04-22 | The Zalora application 6.15.1 for Android stores confidential information insecurely... |
| CVE-2019-11383 | 2019-04-22 | An issue was discovered in the Medha WiFi FTP Server... |
| CVE-2019-0218 | 2019-04-22 | A vulnerability was discovered wherein a specially crafted URL could... |
| CVE-2019-8452 | 2019-04-22 | A hard-link created from log file archive of Check Point... |
| CVE-2019-11463 | 2019-04-23 | A memory leak in archive_read_format_zip_cleanup in archive_read_support_format_zip.c in libarchive 3.3.4-dev... |
| CVE-2013-7470 | 2019-04-23 | cipso_v4_validate in include/net/cipso_ipv4.h in the Linux kernel before 3.11.7, when... |
| CVE-2019-11469 | 2019-04-23 | Zoho ManageEngine Applications Manager 12 through 14 allows FaultTemplateOptions.jsp resourceid... |
| CVE-2018-17169 | 2019-04-23 | An XML external entity (XXE) vulnerability in PrinterOn version 4.1.4... |
| CVE-2018-20819 | 2019-04-23 | io/ZlibCompression.cc in the decompression component in Dropbox Lepton 1.2.1 allows... |
| CVE-2018-20820 | 2019-04-23 | read_ujpg in jpgcoder.cc in Dropbox Lepton 1.2.1 allows attackers to... |
| CVE-2018-20821 | 2019-04-23 | The parsing component in LibSass through 3.5.5 allows attackers to... |
| CVE-2018-20822 | 2019-04-23 | LibSass 3.5.4 allows attackers to cause a denial-of-service (uncontrolled recursion... |
| CVE-2019-11470 | 2019-04-23 | The cineon parsing component in ImageMagick 7.0.8-26 Q16 allows attackers... |
| CVE-2019-11471 | 2019-04-23 | libheif 1.4.0 has a use-after-free in heif::HeifContext::Image::set_alpha_channel in heif_context.h because... |
| CVE-2019-11472 | 2019-04-23 | ReadXWDImage in coders/xwd.c in the XWD image parsing component of... |
| CVE-2019-11473 | 2019-04-23 | coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause a denial... |
| CVE-2019-11474 | 2019-04-23 | coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause a denial... |
| CVE-2017-12619 | 2019-04-23 | Apache Zeppelin prior to 0.7.3 was vulnerable to session fixation... |
| CVE-2018-1317 | 2019-04-23 | In Apache Zeppelin prior to 0.8.0 the cron scheduler was... |
| CVE-2018-1328 | 2019-04-23 | Apache Zeppelin prior to 0.8.0 had a stored XSS issue... |
| CVE-2019-0223 | 2019-04-23 | While investigating bug PROTON-2014, we discovered that under some circumstances... |
| CVE-2019-7303 | 2019-04-23 | Snapd seccomp filter TIOCSTI ioctl bypass |
| CVE-2019-7304 | 2019-04-23 | Local privilege escalation via snapd socket |
| CVE-2019-11076 | 2019-04-23 | Cribl UI 1.5.0 allows remote attackers to run arbitrary commands... |
| CVE-2019-10864 | 2019-04-23 | The WP Statistics plugin through 12.6.2 for WordPress has XSS,... |
| CVE-2018-2880 | 2019-04-23 | Vulnerability in the MICROS Retail-J component of Oracle Retail Applications... |
| CVE-2018-3120 | 2019-04-23 | Vulnerability in the MICROS Lucas component of Oracle Retail Applications... |
| CVE-2018-3123 | 2019-04-23 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent:... |
| CVE-2018-3312 | 2019-04-23 | Vulnerability in the Oracle Retail Customer Engagement component of Oracle... |
| CVE-2018-3314 | 2019-04-23 | Vulnerability in the MICROS Relate CRM Software component of Oracle... |
| CVE-2019-2424 | 2019-04-23 | Vulnerability in the Oracle Retail Convenience Store Back Office component... |
| CVE-2019-2516 | 2019-04-23 | Vulnerability in the Portable Clusterware component of Oracle Database Server.... |
| CVE-2019-2517 | 2019-04-23 | Vulnerability in the Core RDBMS component of Oracle Database Server.... |
| CVE-2019-2518 | 2019-04-23 | Vulnerability in the Java VM component of Oracle Database Server.... |
| CVE-2019-2551 | 2019-04-23 | Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business... |
| CVE-2019-2557 | 2019-04-23 | Vulnerability in the Oracle Application Testing Suite component of Oracle... |
| CVE-2019-2558 | 2019-04-23 | Vulnerability in the Oracle Retail Point-of-Service component of Oracle Retail... |
| CVE-2019-2564 | 2019-04-23 | Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle... |
| CVE-2019-2565 | 2019-04-23 | Vulnerability in the JD Edwards World Technical Foundation component of... |
| CVE-2019-2566 | 2019-04-23 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent:... |