CVE-2018-15586

Enigmail before 2.0.6 is prone to to OpenPGP signatures being spoofed for arbitrary messages using a PGP/INLINE signature wrapped within a specially crafted multipart HTML email.

Source: CVE-2018-15586

CVE-2018-15588

MailMate before 1.11.3 mishandles a suspicious HTML/MIME structure in a signed/encrypted email.

Source: CVE-2018-15588

CVE-2019-7736

D-Link DIR-600M C1 3.04 devices allow authentication bypass via a direct request to the wan.htm page.

Source: CVE-2019-7736

CVE-2018-15587

GNOME Evolution through 3.28.2 is prone to OpenPGP signatures being spoofed for arbitrary messages using a specially crafted email that contains a valid signature from the entity to be impersonated as an attachment.

Source: CVE-2018-15587

CVE-2019-7733

In Live555 0.95, there is a buffer overflow via a large integer in a Content-Length HTTP header because handleRequestBytes has an unrestricted memmove.

Source: CVE-2019-7733

CVE-2019-7730

MyWebSQL 3.7 has a Cross-site request forgery (CSRF) vulnerability for deleting a database via the /?q=wrkfrm&type=databases URI.

Source: CVE-2019-7730

CVE-2019-7732

In Live555 0.95, a setup packet can cause a memory leak leading to DoS because, when there are multiple instances of a single field (username, realm, nonce, uri, or response), only the last instance can ever be freed.

Source: CVE-2019-7732

CVE-2019-7731

MyWebSQL 3.7 has a remote code execution (RCE) vulnerability after an attacker writes shell code into the database, and executes the Backup Database function with a .php filename for the backup’s archive file.

Source: CVE-2019-7731

CVE-2018-12549

In Eclipse OpenJ9 version 0.11.0, the OpenJ9 JIT compiler may incorrectly omit a null check on the receiver object of an Unsafe call when accelerating it.

Source: CVE-2018-12549

CVE-2018-12011

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Uninitialized data for socket address leads to information exposure.

Source: CVE-2018-12011