CVE-2011-5020
An SQL Injection vulnerability exists in the ID parameter in Online TV Database 2011.
Source: CVE-2011-5020
[월:] 2020년 01월
CVE-2019-18588
CVE-2019-18588
Dell EMC Unisphere for PowerMax versions prior to 9.1.0.9, Dell EMC Unisphere for PowerMax versions prior to 9.0.2.16, and Dell EMC PowerMax OS 5978.221.221 and 5978.479.479 contain a Cross-Site Scripting (XSS) vulnerability. An authenticated malicious user may potentially exploit this vulnerability to inject javascript code and affect other authenticated users’ sessions.
Source: CVE-2019-18588
CVE-2019-18194
CVE-2019-18194
TotalAV 2020 4.14.31 has a quarantine flaw that allows privilege escalation. Exploitation uses an NTFS directory junction to restore a malicious DLL from quarantine into the system32 folder.
Source: CVE-2019-18194
CVE-2019-19817
CVE-2019-19817
The JBIG2Decode library in npdf.dll in Nitro Free PDF Reader 12.0.0.112 has a CAPPDAnnotHandlerUtils::PDAnnotHandlerDestroyData2+0x2e8a Out-of-Bounds Read via crafted Unicode content.
Source: CVE-2019-19817
CVE-2019-19819
CVE-2019-19819
The JBIG2Globals library in npdf.dll in Nitro Free PDF Reader 12.0.0.112 has a CAPPDAnnotHandlerUtils::PDAnnotHandlerDestroyData2+0x90ec NULL Pointer Dereference via crafted Unicode content.
Source: CVE-2019-19819
CVE-2019-14301
CVE-2019-14301
Ricoh SP C250DN 1.06 devices have Incorrect Access Control (issue 1 of 2).
Source: CVE-2019-14301
CVE-2019-14302
CVE-2019-14304
CVE-2019-14306
CVE-2019-14306
Ricoh SP C250DN 1.06 devices have Incorrect Access Control (issue 2 of 2).
Source: CVE-2019-14306
CVE-2012-4030
CVE-2012-4030
Chamilo before 1.8.8.6 does not adequately handle user supplied input by the index.php script, which could allow remote attackers to delete arbitrary files.
Source: CVE-2012-4030