CVE-2019-6461
An issue was discovered in cairo 1.16.0. There is an assertion problem in the function _cairo_arc_in_direction in the file cairo-arc.c.
Source: CVE-2019-6461
[월:] 2019년 01월
CVE-2019-6458
CVE-2019-6458
An issue was discovered in GNU Recutils 1.8. There is a memory leak in rec_buf_new in rec-buf.c when called from rec_parse_rset in rec-parser.c in librec.a.
Source: CVE-2019-6458
CVE-2019-6457
CVE-2019-6457
An issue was discovered in GNU Recutils 1.8. There is a memory leak in rec_aggregate_reg_new in rec-aggregate.c in librec.a.
Source: CVE-2019-6457
CVE-2019-6459
CVE-2019-6459
An issue was discovered in GNU Recutils 1.8. There is a memory leak in rec_extract_type in rec-utils.c in librec.a.
Source: CVE-2019-6459
CVE-2018-20724
CVE-2018-20724
A cross-site scripting (XSS) vulnerability exists in pollers.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname for Data Collectors.
Source: CVE-2018-20724
CVE-2015-9277
CVE-2015-9277
MailEnable before 8.60 allows Directory Traversal for reading the messages of other users, uploading files, and deleting files because "/../" and "/.. /" are mishandled.
Source: CVE-2015-9277
CVE-2015-9278
CVE-2015-9278
MailEnable before 8.60 allows Privilege Escalation because admin accounts could be created as a consequence of %0A mishandling in AUTH.TAB after a password-change request.
Source: CVE-2015-9278
CVE-2015-9279
CVE-2015-9279
MailEnable before 8.60 allows Stored XSS via malformed use of "<img/src" with no ">" character in the body of an e-mail message.
Source: CVE-2015-9279
CVE-2018-20726
CVE-2018-20726
A cross-site scripting (XSS) vulnerability exists in host.php (via tree.php) in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname field for Devices.
Source: CVE-2018-20726
CVE-2015-9280
CVE-2015-9280
MailEnable before 8.60 allows XXE via an XML document in the request.aspx Options parameter.
Source: CVE-2015-9280