CVE-2019-19864
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none.
Source: CVE-2019-19864
[월:] 2020년 01월
CVE-2019-9469
CVE-2019-9469
In km_compute_shared_hmac of km4.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-130246677
Source: CVE-2019-9469
CVE-2019-9468
CVE-2019-9468
In export_key_der of export_key.cpp, there is possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10 Android ID: A-139683471
Source: CVE-2019-9468
CVE-2019-19863
CVE-2019-19863
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none.
Source: CVE-2019-19863
CVE-2019-15602
CVE-2019-15602
The fileview package v0.1.6 has inadequate output encoding and escaping, which leads to a stored Cross-Site Scripting (XSS) vulnerability in files it serves.
Source: CVE-2019-15602
CVE-2019-15603
CVE-2019-15603
The seefl package v0.1.1 is vulnerable to a stored Cross-Site Scripting (XSS) vulnerability via a malicious filename rendered in a directory listing.
Source: CVE-2019-15603
CVE-2019-15601
CVE-2019-15601
CURL before 7.68.0 lacks proper input validation, which allows users to create a `FILE:` URL that can make the client access a remote file using SMB (Windows-only issue).
Source: CVE-2019-15601
CVE-2016-11017
CVE-2016-11017
The application login page in AKIPS Network Monitor 15.37 through 16.5 allows a remote unauthenticated attacker to execute arbitrary OS commands via shell metacharacters in the username parameter (a failed login attempt returns the command-injection output to a limited login failure field). This is fixed in 16.6.
Source: CVE-2016-11017
CVE-2018-1326
CVE-2018-1326
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none.
Source: CVE-2018-1326
CVE-2018-1300
CVE-2018-1300
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none.
Source: CVE-2018-1300