CVE-2019-15657
In eslint-utils before 1.4.1, the getStaticValue function can execute arbitrary code.
Source: CVE-2019-15657
[월:] 2019년 08월
CVE-2019-15658
CVE-2019-15658
connect-pg-simple before 6.0.1 allows SQL injection if tableName or schemaName is untrusted data.
Source: CVE-2019-15658
CVE-2019-15651
CVE-2019-15651
wolfSSL 4.1.0 has a one-byte heap-based buffer over-read in DecodeCertExtensions in wolfcrypt/src/asn.c because reading the ASN_BOOLEAN byte is mishandled for a crafted DER certificate in GetLength_ex.
Source: CVE-2019-15651
CVE-2019-15055
CVE-2019-15055
MikroTik RouterOS through 6.44.5 and 6.45.x through 6.45.3 improperly handles the disk name, which allows authenticated users to delete arbitrary files. Attackers can exploit this vulnerability to reset credential storage, which allows them access to the management interface as an administrator without authentication.
Source: CVE-2019-15055
CVE-2019-15497
CVE-2019-15497
Black Box iCOMPEL 9.2.3 through 11.1.4, as used in ONELAN Net-Top-Box 9.2.3 through 11.1.4 and other products, has default credentials that allow remote attackers to access devices remotely via SSH, HTTP, HTTPS, and FTP.
Source: CVE-2019-15497
CVE-2018-18668
CVE-2018-18668
GNUBOARD5 before 5.3.2.0 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "homepage title" parameter, aka the adm/config_form_update.php cf_title parameter.
Source: CVE-2018-18668
CVE-2019-9569
CVE-2019-9569
Buffer Overflow in dacterea in Delta Controls enteliBUS Manager V3.40_B-571848 allows remote unauthenticated users to execute arbitrary code and possibly cause a denial of service via unspecified vectors.
Source: CVE-2019-9569
CVE-2019-8460
CVE-2019-8460
Reuven Plevinsky and Tal Vainshtein of Check Point Software Technologies Ltd. discovered that OpenBSD kernel (all versions, including 6.5) can be forced to create long chains of TCP SACK holes that cause very expensive calls to tcp_sack_option() for every incoming SACK packet which can lead to a denial of service.
Source: CVE-2019-8460
CVE-2019-7993
CVE-2019-7993
Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.
Source: CVE-2019-7993
CVE-2019-7995
CVE-2019-7995
Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Successful exploitation could lead to memory leak.
Source: CVE-2019-7995