Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-3631 | 2023-03-03 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none. | |||||
| CVE-2018-3625 | 2023-03-03 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none. | |||||
| CVE-2018-3623 | 2023-03-03 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none. | |||||
| CVE-2018-3622 | 2023-03-03 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none. | |||||
| CVE-2018-3618 | 2023-03-03 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none. | |||||
| CVE-2018-3614 | 2023-03-03 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none. | |||||
| CVE-2019-3742 | 1 Dell | 1 Digital Delivery | 2023-03-03 | 7.2 HIGH | 7.8 HIGH |
| Dell/Alienware Digital Delivery versions prior to 3.5.2013 contain a privilege escalation vulnerability. A local non-privileged malicious user could exploit a named pipe that performs binary deserialization via a process hollowing technique to inject malicous code to run an executable with elevated privileges. | |||||
| CVE-2019-1924 | 1 Cisco | 3 Webex Business Suite, Webex Meetings Online, Webex Meetings Server | 2023-03-03 | 9.3 HIGH | 7.8 HIGH |
| Multiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit these vulnerabilities by sending a user a malicious ARF or WRF file through a link or email attachment and persuading the user to open the file with the affected software on the local system. A successful exploit could allow the attacker to execute arbitrary code on the affected system with the privileges of the targeted user. | |||||
| CVE-2023-0568 | 1 Php | 1 Php | 2023-03-03 | N/A | 8.1 HIGH |
| In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function allocate buffer one byte too small. When resolving paths with lengths close to system MAXPATHLEN setting, this may lead to the byte after the allocated buffer being overwritten with NUL value, which might lead to unauthorized data access or modification. | |||||
| CVE-2018-20860 | 2 Openmpt, Opensuse | 2 Libopenmpt, Leap | 2023-03-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| libopenmpt before 0.3.13 allows a crash with malformed MED files. | |||||
| CVE-2019-5460 | 2 Opensuse, Videolan | 3 Backports, Leap, Vlc Media Player | 2023-03-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| Double Free in VLC versions <= 3.0.6 leads to a crash. | |||||
| CVE-2022-48319 | 1 Tribe29 | 1 Checkmk | 2023-03-03 | N/A | 5.5 MEDIUM |
| Sensitive host secret disclosed in cmk-update-agent.log file in Tribe29's Checkmk <= 2.1.0p13, Checkmk <= 2.0.0p29, and all versions of Checkmk 1.6.0 (EOL) allows an attacker to gain access to the host secret through the unprotected agent updater log file. | |||||
| CVE-2019-7615 | 1 Elastic | 1 Apm-agent-ruby | 2023-03-03 | 5.8 MEDIUM | 7.4 HIGH |
| A TLS certificate validation flaw was found in Elastic APM agent for Ruby versions before 2.9.0. When specifying a trusted server CA certificate via the 'server_ca_cert' setting, the Ruby agent would not properly verify the certificate returned by the APM server. This could result in a man in the middle style attack against the Ruby agent. | |||||
| CVE-2022-46784 | 1 Squaredup | 1 Dashboard Server | 2023-03-03 | N/A | 6.1 MEDIUM |
| SquaredUp Dashboard Server SCOM edition before 5.7.1 GA allows open redirection. (The issue was originally found in 5.5.1 GA.) | |||||
| CVE-2019-14523 | 1 Schismtracker | 1 Schism Tracker | 2023-03-03 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in Schism Tracker through 20190722. There is an integer underflow via a large plen in fmt_okt_load_song in the Amiga Oktalyzer parser in fmt/okt.c. | |||||
| CVE-2019-1901 | 1 Cisco | 24 Nexus 93108tc-ex, Nexus 93108tc-fx, Nexus 93120tx and 21 more | 2023-03-03 | 8.3 HIGH | 8.8 HIGH |
| A vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an adjacent, unauthenticated attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges. The vulnerability is due to improper input validation of certain type, length, value (TLV) fields of the LLDP frame header. An attacker could exploit this vulnerability by sending a crafted LLDP packet to the targeted device. A successful exploit may lead to a buffer overflow condition that could either cause a DoS condition or allow the attacker to execute arbitrary code with root privileges. Note: This vulnerability cannot be exploited by transit traffic through the device; the crafted packet must be targeted to a directly connected interface. This vulnerability affects Cisco Nexus 9000 Series Fabric Switches in ACI mode if they are running a Cisco Nexus 9000 Series ACI Mode Switch Software release prior to 13.2(7f) or any 14.x release. | |||||
| CVE-2022-46785 | 1 Squaredup | 1 Dashboard Server | 2023-03-03 | N/A | 6.1 MEDIUM |
| SquaredUp Dashboard Server SCOM edition before 5.7.1 GA allows XSS (issue 1 of 2). | |||||
| CVE-2014-8184 | 1 Liblouis | 1 Liblouis | 2023-03-03 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability was found in liblouis, versions 2.5.x before 2.5.4. A stack-based buffer overflow was found in findTable() in liblouis. An attacker could create a malicious file that would cause applications that use liblouis (such as Orca) to crash, or potentially execute arbitrary code when opened. | |||||
| CVE-2019-14697 | 1 Musl-libc | 1 Musl | 2023-03-03 | 7.5 HIGH | 9.8 CRITICAL |
| musl libc through 1.1.23 has an x87 floating-point stack adjustment imbalance, related to the math/i386/ directory. In some cases, use of this library could introduce out-of-bounds writes that are not present in an application's source code. | |||||
| CVE-2019-13106 | 2 Denx, Opensuse | 2 U-boot, Leap | 2023-03-03 | 8.3 HIGH | 7.8 HIGH |
| Das U-Boot versions 2016.09 through 2019.07-rc4 can memset() too much data while reading a crafted ext4 filesystem, which results in a stack buffer overflow and likely code execution. | |||||