CVE List - 2019 / May
Showing 1001 - 1100 of 1316 CVEs for May 2019 (Page 11 of 14)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2016-8901 | 2019-05-23 | b2evolution 6.7.6 suffer from an Object Injection vulnerability in /htsrv/call_plugin.php. |
| CVE-2016-8899 | 2019-05-23 | Exponent CMS version 2.3.9 suffers from a Object Injection vulnerability... |
| CVE-2016-8897 | 2019-05-23 | Exponent CMS version 2.3.9 suffers from a sql injection vulnerability... |
| CVE-2016-7550 | 2019-05-23 | asterisk 13.10.0 is affected by: denial of service issues in... |
| CVE-2019-10866 | 2019-05-23 | In the Form Maker plugin before 1.13.3 for WordPress, it's... |
| CVE-2019-10855 | 2019-05-23 | Computrols CBAS 18.0.0 mishandles password hashes. The approach is MD5... |
| CVE-2019-10854 | 2019-05-23 | Computrols CBAS 18.0.0 allows Authenticated Command Injection. |
| CVE-2019-10853 | 2019-05-23 | Computrols CBAS 18.0.0 allows Authentication Bypass. |
| CVE-2019-10852 | 2019-05-23 | Computrols CBAS 18.0.0 allows Authenticated Blind SQL Injection via the... |
| CVE-2019-10851 | 2019-05-23 | Computrols CBAS 18.0.0 has hard-coded encryption keys. |
| CVE-2019-10850 | 2019-05-23 | Computrols CBAS 18.0.0 has Default Credentials. |
| CVE-2019-10849 | 2019-05-23 | Computrols CBAS 18.0.0 allows unprotected Subversion (SVN) directory / source... |
| CVE-2019-5787 | 2019-05-23 | Use-after-garbage-collection in Blink in Google Chrome prior to 73.0.3683.75 allowed... |
| CVE-2019-5788 | 2019-05-23 | An integer overflow that leads to a use-after-free in Blink... |
| CVE-2019-5789 | 2019-05-23 | An integer overflow that leads to a use-after-free in WebMIDI... |
| CVE-2019-5790 | 2019-05-23 | An integer overflow leading to an incorrect capacity of a... |
| CVE-2019-5791 | 2019-05-23 | Inappropriate optimization in V8 in Google Chrome prior to 73.0.3683.75... |
| CVE-2019-5792 | 2019-05-23 | Integer overflow in PDFium in Google Chrome prior to 73.0.3683.75... |
| CVE-2019-10846 | 2019-05-23 | Computrols CBAS 18.0.0 allows Unauthenticated Reflected Cross-Site Scripting vulnerabilities in... |
| CVE-2019-5793 | 2019-05-23 | Insufficient policy enforcement in extensions in Google Chrome prior to... |
| CVE-2019-5794 | 2019-05-23 | Incorrect handling of cancelled requests in Navigation in Google Chrome... |
| CVE-2019-5795 | 2019-05-23 | Integer overflow in PDFium in Google Chrome prior to 73.0.3683.75... |
| CVE-2018-19614 | 2019-05-23 | XSS exists in the /cmdexec/cmdexe?cmd= function in Westermo DR-250 Pre-5162... |
| CVE-2019-5796 | 2019-05-23 | Data race in extensions guest view in Google Chrome prior... |
| CVE-2019-5798 | 2019-05-23 | Lack of correct bounds checking in Skia in Google Chrome... |
| CVE-2019-5799 | 2019-05-23 | Incorrect inheritance of a new document's policy in Content Security... |
| CVE-2019-5800 | 2019-05-23 | Insufficient policy enforcement in Blink in Google Chrome prior to... |
| CVE-2019-5801 | 2019-05-23 | Incorrect eliding of URLs in Omnibox in Google Chrome on... |
| CVE-2019-5802 | 2019-05-23 | Incorrect handling of download origins in Navigation in Google Chrome... |
| CVE-2019-5803 | 2019-05-23 | Insufficient policy enforcement in Content Security Policy in Google Chrome... |
| CVE-2019-12309 | 2019-05-23 | dotCMS before 5.1.0 has a path traversal vulnerability exploitable by... |
| CVE-2019-5804 | 2019-05-23 | Incorrect command line processing in Chrome in Google Chrome prior... |
| CVE-2019-10143 | 2019-05-24 | It was discovered freeradius up to and including version 3.0.19... |
| CVE-2019-12312 | 2019-05-24 | In Libreswan 3.27 an assertion failure can lead to a... |
| CVE-2019-12313 | 2019-05-24 | XSS exists in Shave before 2.5.3 because output encoding is... |
| CVE-2019-12314 | 2019-05-24 | Deltek Maconomy 2.2.5 is prone to local file inclusion via... |
| CVE-2019-12315 | 2019-05-24 | Samsung SCX-824 printers allow a reflected Cross-Site-Scripting (XSS) vulnerability that... |
| CVE-2019-12195 | 2019-05-24 | TP-Link TL-WR840N v5 00000005 devices allow XSS via the network... |
| CVE-2019-12155 | 2019-05-24 | interface_release_resource in hw/display/qxl.c in QEMU 3.1.x through 4.0.0 has a... |
| CVE-2019-12150 | 2019-05-24 | Karamasoft UltimateEditor 1 does not ensure that an uploaded file... |
| CVE-2019-11876 | 2019-05-24 | In PrestaShop 1.7.5.2, the shop_country parameter in the install/index.php installation... |
| CVE-2019-11875 | 2019-05-24 | In AutomateAppCore.dll in Blue Prism Robotic Process Automation 6.4.0.8445, a... |
| CVE-2019-11604 | 2019-05-24 | An issue was discovered in Quest KACE Systems Management Appliance... |
| CVE-2016-8900 | 2019-05-24 | Exponent CMS version 2.3.9 suffers from a Object Injection vulnerability... |
| CVE-2016-8898 | 2019-05-24 | Exponent CMS version 2.3.9 suffers from a sql injection vulnerability... |
| CVE-2019-2726 | 2019-05-24 | Vulnerability in the Enterprise Manager Ops Center component of Oracle... |
| CVE-2016-10245 | 2019-05-24 | Insufficient sanitization of the query parameter in templates/html/search_opensearch.php could lead... |
| CVE-2019-10848 | 2019-05-24 | Computrols CBAS 18.0.0 allows Username Enumeration. |
| CVE-2018-11923 | 2019-05-24 | Improper buffer length check before copying can lead to integer... |
| CVE-2018-11271 | 2019-05-24 | Improper authentication can happen on Remote command handling due to... |
| CVE-2018-11924 | 2019-05-24 | Improper buffer length validation in WLAN function can lead to... |
| CVE-2018-11925 | 2019-05-24 | Data length received from firmware is not validated against the... |
| CVE-2018-11927 | 2019-05-24 | Improper input validation on input which is used as an... |
| CVE-2019-10847 | 2019-05-24 | Computrols CBAS 18.0.0 allows Cross-Site Request Forgery. |
| CVE-2018-11928 | 2019-05-24 | Lack of check on length parameter may cause buffer overflow... |
| CVE-2018-11930 | 2019-05-24 | Improper input validation on input data which is used to... |
| CVE-2018-11936 | 2019-05-24 | Index of array is processed in a wrong way inside... |
| CVE-2018-11937 | 2019-05-24 | Lack of input validation before copying can lead to a... |
| CVE-2018-11940 | 2019-05-24 | Lack of check in length before using memcpy in WLAN... |
| CVE-2018-19613 | 2019-05-24 | Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers allow CSRF. |
| CVE-2018-11949 | 2019-05-24 | Failure to initialize the extra buffer can lead to an... |
| CVE-2018-11953 | 2019-05-24 | While processing ssid IE length from remote AP, possible out-of-bounds... |
| CVE-2018-11967 | 2019-05-24 | Signature verification of the skel library could potentially be disabled... |
| CVE-2018-11968 | 2019-05-24 | Improper check before assigning value can lead to integer overflow... |
| CVE-2018-11976 | 2019-05-24 | ECDSA signature code leaks private keys from secure world to... |
| CVE-2018-12004 | 2019-05-24 | Secure keypad is unlocked with secure display still intact in... |
| CVE-2018-12005 | 2019-05-24 | An unprivileged user can issue a binder call and cause... |
| CVE-2018-12012 | 2019-05-24 | While updating blacklisting region shared buffered memory region is not... |
| CVE-2018-12013 | 2019-05-24 | Improper authentication in locked memory region can lead to unprivilged... |
| CVE-2018-13885 | 2019-05-24 | Possible memory overread may be lead to access of sensitive... |
| CVE-2018-13886 | 2019-05-24 | Unchecked OTA field in GNSS XTRA3 lead to integer overflow... |
| CVE-2018-13887 | 2019-05-24 | Untrusted header fields in GNSS XTRA3 function can lead to... |
| CVE-2018-13895 | 2019-05-24 | Due to the missing permissions on several content providers of... |
| CVE-2018-13899 | 2019-05-24 | Processing messages after error may result in user after free... |
| CVE-2018-13920 | 2019-05-24 | Use-after-free condition due to Improper handling of hrtimers when the... |
| CVE-2018-13925 | 2019-05-24 | Error in parsing PMT table frees the memory allocated for... |
| CVE-2019-2244 | 2019-05-24 | Possible integer underflow can happen when calculating length of elementary... |
| CVE-2019-2245 | 2019-05-24 | Possible integer underflow can happen when calculating length of elementary... |
| CVE-2019-2247 | 2019-05-24 | Possibility of double free issue while running multiple instances of... |
| CVE-2019-2248 | 2019-05-24 | Buffer overflow can occur if invalid header tries to overwrite... |
| CVE-2019-2250 | 2019-05-24 | Kernel can write to arbitrary memory address passed by user... |
| CVE-2018-19612 | 2019-05-24 | The /uploadfile? functionality in Westermo DR-250 Pre-5162 and DR-260 Pre-5162... |
| CVE-2019-8346 | 2019-05-24 | In Zoho ManageEngine ADSelfService Plus 5.x through 5704, an authorization.do... |
| CVE-2018-18060 | 2019-05-24 | An issue was discovered in Bitdefender Engines before 7.76808. A... |
| CVE-2018-18059 | 2019-05-24 | An issue was discovered in Bitdefender Engines before 7.76675. A... |
| CVE-2018-18058 | 2019-05-24 | An issue was discovered in Bitdefender Engines before 7.76662. A... |
| CVE-2018-10815 | 2019-05-24 | An issue was discovered in Cloudera Manager before 5.13.4, 5.14.x... |
| CVE-2018-17843 | 2019-05-24 | SQL injection exists in ADD Clicking MLM Software 1.0, Binary... |
| CVE-2018-12624 | 2019-05-24 | An issue was discovered in Eventum 3.5.0. /htdocs/post_note.php has XSS... |
| CVE-2019-10685 | 2019-05-24 | A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in... |
| CVE-2019-7815 | 2019-05-24 | Adobe Acrobat and Reader versions 2019.010.20091 and earlier, 2019.010.20091 and... |
| CVE-2019-7816 | 2019-05-24 | ColdFusion versions Update 2 and earlier, Update 9 and earlier,... |
| CVE-2016-10751 | 2019-05-24 | osClass 3.6.1 allows oc-admin/plugins.php Directory Traversal via the plugin parameter.... |
| CVE-2016-10752 | 2019-05-24 | serendipity_moveMediaDirectory in Serendipity 2.0.3 allows remote attackers to upload and... |
| CVE-2016-10753 | 2019-05-24 | e107 2.1.2 allows PHP Object Injection with resultant SQL injection,... |
| CVE-2016-10754 | 2019-05-24 | modules/Calendar/Activity.php in Vtiger CRM 6.5.0 allows SQL injection via the... |
| CVE-2016-10755 | 2019-05-24 | AbanteCart 1.2.8 allows SQL Injection via the source_language parameter to... |
| CVE-2016-10756 | 2019-05-24 | Kliqqi 3.0.0.5 allows CSRF with resultant Arbitrary File Upload because... |
| CVE-2016-10757 | 2019-05-24 | In Redaxo 5.2.0, the cron management of the admin panel... |
| CVE-2016-10758 | 2019-05-24 | PHPKIT 1.6.6 allows arbitrary File Upload, as demonstrated by a... |