CVE-2019-8910 (wtcms)
An issue was discovered in WTCMS 1.0. It allows index.php?g=admin&m=setting&a=site_post CSRF.
Source: CVE-2019-8910 (wtcms)
[월:] 2019년 02월
CVE-2019-8912 (linux_kernel)
CVE-2019-8912 (linux_kernel)
In the Linux kernel through 4.20.10, af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr.
Source: CVE-2019-8912 (linux_kernel)
CVE-2019-8909 (wtcms)
CVE-2019-8909 (wtcms)
An issue was discovered in WTCMS 1.0. It allows remote attackers to cause a denial of service (resource consumption) via crafted dimensions for the verification code image.
Source: CVE-2019-8909 (wtcms)
CVE-2019-8908 (wtcms)
CVE-2019-8908 (wtcms)
An issue was discovered in WTCMS 1.0. It allows remote attackers to execute arbitrary PHP code by going to the "Setting -> Mailbox configuration -> Registration email template" screen, and uploading an image file, as demonstrated by a .php filename and the "Content-Type: image/gif" header.
Source: CVE-2019-8908 (wtcms)
CVE-2019-8907 (file)
CVE-2019-8907 (file)
do_core_note in readelf.c in libmagic.a in file 5.35 allows remote attackers to cause a denial of service (stack corruption and application crash) or possibly have unspecified other impact.
Source: CVE-2019-8907 (file)
CVE-2019-8906 (file)
CVE-2019-8906 (file)
do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused.
Source: CVE-2019-8906 (file)
CVE-2019-0101
CVE-2019-0101
Authentication bypass in the Intel Unite(R) solution versions 3.2 through 3.3 may allow an unauthenticated user to potentially enable escalation of privilege to the Intel Unite(R) Solution administrative portal via network access.
Source: CVE-2019-0101
CVE-2019-0102
CVE-2019-0102
Insufficient session authentication in web server for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
Source: CVE-2019-0102
CVE-2019-0105
CVE-2019-0105
Insufficient file permissions checking in install routine for Intel(R) Data Center Manager SDK before version 5.0.2 may allow authenticated user to potentially enable escalation of privilege via local access.
Source: CVE-2019-0105
CVE-2019-0103
CVE-2019-0103
Insufficient file protection in install routine for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable information disclosure via local access.
Source: CVE-2019-0103